Research of Industrial Control System Device Firmware Vulnerability Mining Technology Based on Taint Analysis

Submitted by grigby1 on Thu, 05/09/2019 - 10:46am

Title	Research of Industrial Control System Device Firmware Vulnerability Mining Technology Based on Taint Analysis
Publication Type	Conference Paper
Year of Publication	2018
Authors	Li, Y., Liu, X., Tian, H., Luo, C.
Conference Name	2018 IEEE 9th International Conference on Software Engineering and Service Science (ICSESS)
ISBN Number	978-1-5386-6565-7
Keywords	component, data mining, device firmware, firmware, fuzzing test, Hardware, industrial control, industrial control system, industrial control system device firmware vulnerability mining technology, industrial control systems, integrated circuits, Microprogramming, program testing, pubcrawl, resilience, Resiliency, Scalability, scalable, security, security of data, Software, taint analysis, taint analysis technology, test efficiency, vulnerability mining
Abstract	Aiming at the problem that there is little research on firmware vulnerability mining and the traditional method of vulnerability mining based on fuzzing test is inefficient, this paper proposed a new method of mining vulnerabilities in industrial control system firmware. Based on taint analysis technology, this method can construct test cases specifically for the variables that may trigger vulnerabilities, thus reducing the number of invalid test cases and improving the test efficiency. Experiment result shows that this method can reduce about 23 % of test cases and can effectively improve test efficiency.
URL	https://ieeexplore.ieee.org/document/8663828
DOI	10.1109/ICSESS.2018.8663828
Citation Key	li_research_2018

Groups:

Science of Security VO