A Study on Software Vulnerabilities and Weaknesses of Embedded Systems in Power Networks
Title | A Study on Software Vulnerabilities and Weaknesses of Embedded Systems in Power Networks |
Publication Type | Conference Paper |
Year of Publication | 2017 |
Authors | Välja, Margus, Korman, Matus, Lagerström, Robert |
Conference Name | Proceedings of the 2Nd Workshop on Cyber-Physical Security and Resilience in Smart Grids |
Publisher | ACM |
Conference Location | New York, NY, USA |
ISBN Number | 978-1-4503-4978-9 |
Keywords | Collaboration, CVSS, cyber security, Human Behavior, human factors, Metrics, policy-based governance, power networks, pubcrawl, resilience, Resiliency, security weaknesses, Software Vulnerability |
Abstract | In this paper we conduct an empirical study with the purpose of identifying common software weaknesses of embedded devices used as part of industrial control systems in power grids. The data is gathered about the devices and software of 6 companies, ABB, General Electric, Schneider Electric, Schweitzer Engineering Laboratories, Siemens and Wind River. The study uses data from the manufacturersfi online databases, NVD, CWE and ICS CERT. We identified that the most common problems that were reported are related to the improper input validation, cryptographic issues, and programming errors. |
URL | https://dl.acm.org/citation.cfm?doid=3055386.3055397 |
DOI | 10.1145/3055386.3055397 |
Citation Key | valja_study_2017 |