Owner of the document requires that the content be not remodified or redistributed.
Share |

DEFCON 15: Unraveling SCADA Protocols: Using Sulley Fuzzer
Ganesh Devarajan

The presenter covers the basics of SCADA networks and gives a general overview of the SCADA protocols namely Modbus, DNP3, ICCP and IEC standards. North America mainly uses Modbus, DNP3 and to an extent ICCP, the European countries use the IEC standards. After the basics he got into the finer details of the protocols as to what function code, internal indication flags does what and how that can be used to attack or take down the SCADA system. The current level of security implementation that these sites had are also discussed. After enumerating all those he talks about the SCADA Fuzzer and the framework that has been worked on and how that can be used to determine the flaws in the implementation of various software. This tool can be used to assess the software out there by various vendors and a brief analysis of some of the software out there will be shown. Even though some of the attacks can be detected by the inline devices today, they are more prone to false positives.

Document Type:
Educational Video