Visible to the public Vulnerability Detection for Smart Grid Devices via Static Analysis

TitleVulnerability Detection for Smart Grid Devices via Static Analysis
Publication TypeConference Paper
Year of Publication2019
AuthorsZhang, Yanmiao, Ji, Xiaoyu, Cheng, Yushi, Xu, Wenyuan
Conference Name2019 Chinese Control Conference (CCC)
Keywordscomposability, feature extraction, Human Behavior, model checking, pubcrawl, Resiliency, security, smart grid devices, Smart grids, static analysis, Syntactics, Tools, vulnerability detection
AbstractAs a modern power transmission network, smart grid connects abundant terminal devices and plays an important role in our daily life. However, along with its growth are the security threats. Different from the separated environment previously, an adversary nowadays can destroy the power system by attacking its terminal devices. As a result, it's critical to ensure the security and safety of terminal devices. To achieve it, detecting the pre-existing vulnerabilities in the terminal program and enhancing its security, are of great importance and necessity. In this paper, we introduce Cker, a novel vulnerability detection tool for smart grid devices, which generates an program model based on device sources and sets rules to perform model checking. We utilize the static analysis to extract necessary information and build corresponding program models. By further checking the model with pre-defined vulnerability patterns, we achieve security detection and error reporting. The evaluation results demonstrate that our method can effectively detect vulnerabilities in smart devices with an acceptable accuracy and false positive rate. In addition, as Cker is realized by pure python, it can be easily scaled to other platforms.
DOI10.23919/ChiCC.2019.8866144
Citation Keyzhang_vulnerability_2019