Visible to the public Research of Industrial Control System Device Firmware Vulnerability Mining Technology Based on Taint Analysis

TitleResearch of Industrial Control System Device Firmware Vulnerability Mining Technology Based on Taint Analysis
Publication TypeConference Paper
Year of Publication2018
AuthorsLi, Y., Liu, X., Tian, H., Luo, C.
Conference Name2018 IEEE 9th International Conference on Software Engineering and Service Science (ICSESS)
Keywordscomponent, data mining, device firmware, firmware, fuzzing test, Hardware, industrial control, industrial control system, industrial control system device firmware vulnerability mining technology, industrial control systems, integrated circuits, Microprogramming, program testing, pubcrawl, resilience, Resiliency, Scalability, scalable, security, security of data, Software, taint analysis, taint analysis technology, test efficiency, vulnerability mining
AbstractAiming at the problem that there is little research on firmware vulnerability mining and the traditional method of vulnerability mining based on fuzzing test is inefficient, this paper proposed a new method of mining vulnerabilities in industrial control system firmware. Based on taint analysis technology, this method can construct test cases specifically for the variables that may trigger vulnerabilities, thus reducing the number of invalid test cases and improving the test efficiency. Experiment result shows that this method can reduce about 23 % of test cases and can effectively improve test efficiency.
DOI10.1109/ICSESS.2018.8663828
Citation Keyli_research_2018