IDEAS home Printed from https://ideas.repec.org/a/eee/ijocip/v1y2008icp37-44.html
   My bibliography  Save this article

Attack taxonomies for the Modbus protocols

Author

Listed:
  • Huitsing, Peter
  • Chandia, Rodrigo
  • Papa, Mauricio
  • Shenoi, Sujeet

Abstract

The Modbus protocol and its variants are widely used in industrial control applications, especially for pipeline operations in the oil and gas sector. This paper describes the principal attacks on the Modbus Serial and Modbus TCP protocols and presents the corresponding attack taxonomies. The attacks are summarized according to their threat categories, targets and impact on control system assets. The attack taxonomies facilitate formal risk analysis efforts by clarifying the nature and scope of the security threats on Modbus control systems and networks. Also, they provide insights into potential mitigation strategies and the relative costs and benefits of implementing these strategies.

Suggested Citation

  • Huitsing, Peter & Chandia, Rodrigo & Papa, Mauricio & Shenoi, Sujeet, 2008. "Attack taxonomies for the Modbus protocols," International Journal of Critical Infrastructure Protection, Elsevier, vol. 1(C), pages 37-44.
    • Handle: RePEc:eee:ijocip:v:1:y:2008:i:c:p:37-44
    DOI: 10.1016/j.ijcip.2008.08.003
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S187454820800005X
    Download Restriction: Full text for ScienceDirect subscribers only
    File URL: https://libkey.io/10.1016/j.ijcip.2008.08.003?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Nai Fovino, Igor & Carcano, Andrea & Masera, Marcelo & Trombetta, Alberto, 2009. "An experimental investigation of malware attacks on SCADA systems," International Journal of Critical Infrastructure Protection, Elsevier, vol. 2(4), pages 139-145.
    2. Ghaleb, Asem & Zhioua, Sami & Almulhem, Ahmad, 2018. "On PLC network security," International Journal of Critical Infrastructure Protection, Elsevier, vol. 22(C), pages 62-69.
    3. Despoina Chochtoula & Aristidis Ilias & Yannis C. Stamatiou & Christos Makris, 2022. "Integrating Elliptic Curve Cryptography with the Modbus TCP SCADA Communication Protocol," Future Internet, MDPI, vol. 14(8), pages 1-18, July.
    4. Rodofile, Nicholas R. & Radke, Kenneth & Foo, Ernest, 2019. "Extending the cyber-attack landscape for SCADA-based critical infrastructure," International Journal of Critical Infrastructure Protection, Elsevier, vol. 25(C), pages 14-35.
    5. Alvaro Llaria & Jessye Dos Santos & Guillaume Terrasson & Zina Boussaada & Christophe Merlo & Octavian Curea, 2021. "Intelligent Buildings in Smart Grids: A Survey on Security and Privacy Issues Related to Energy Management," Energies, MDPI, vol. 14(9), pages 1-37, May.
    6. Staggs, Jason & Ferlemann, David & Shenoi, Sujeet, 2017. "Wind farm security: attack surface, targets, scenarios and mitigation," International Journal of Critical Infrastructure Protection, Elsevier, vol. 17(C), pages 3-14.
    7. Smitha Joyce Pinto & Pierluigi Siano & Mimmo Parente, 2023. "Review of Cybersecurity Analysis in Smart Distribution Systems and Future Directions for Using Unsupervised Learning Methods for Cyber Detection," Energies, MDPI, vol. 16(4), pages 1-24, February.
    8. Yampolskiy, Mark & Skjellum, Anthony & Kretzschmar, Michael & Overfelt, Ruel A. & Sloan, Kenneth R. & Yasinsac, Alec, 2016. "Using 3D printers as weapons," International Journal of Critical Infrastructure Protection, Elsevier, vol. 14(C), pages 58-71.
    9. CHERIFI, Tarek & HAMAMI, Lamia, 2018. "A practical implementation of unconditional security for the IEC 60780-5-101 SCADA protocol," International Journal of Critical Infrastructure Protection, Elsevier, vol. 20(C), pages 68-84.
    10. Nai Fovino, Igor & Masera, Marcelo & De Cian, Alessio, 2009. "Integrating cyber attacks within fault trees," Reliability Engineering and System Safety, Elsevier, vol. 94(9), pages 1394-1402.
    11. Cheng-Hui Chou & Chi-Che Wu & Kuan-Chu Lu & I-Hsien Liu & Tien-Hsiang Chang & Chu-Fen Li & Jung-Shian Li, 2018. "Modbus Packet Analysis and Attack Mode for SCADA System," Journal of ICT, Design, Engineering and Technological Science, Juhriyansyah Dalle, vol. 2(2), pages 30-35.
    12. Rahman, Ayesha & Mustafa, Ghulam & Khan, Abdul Qayyum & Abid, Muhammad & Durad, Muhammad Hanif, 2022. "Launch of denial of service attacks on the modbus/TCP protocol and development of its protection mechanisms," International Journal of Critical Infrastructure Protection, Elsevier, vol. 39(C).
    13. Monzer, Mohamad-Houssein & Beydoun, Kamal & Ghaith, Alaa & Flaus, Jean-Marie, 2022. "Model-based IDS design for ICSs," Reliability Engineering and System Safety, Elsevier, vol. 225(C).

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:ijocip:v:1:y:2008:i:c:p:37-44. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: https://www.journals.elsevier.com/international-journal-of-critical-infrastructure-protection .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.