Академический Документы
Профессиональный Документы
Культура Документы
,
Digital Security
: ,
, :
Windows
Linux
Ethernet
HTTP
XML
DCOM
.NET
SOAP
SQL
20022014, Digital Security
: ,
1.
2. .
3.
,
.
: ,
1.
2.
3.
4.
- -.
(PLC ,
?)
,
. ( ?)
.
-.
? ?
20022013, Digital Security
.
,
.
.
? ? ? ?
, .
? ? , .
20022013, Digital Security
(1999) -
.
Davis-Besse (2003) -
SQL Slammer,
.
MAROOCHY WATER BREACH (2000)
3
, .
, , (2011) -
SCADA-
20022011, Digital Security
(DSeC RG)
DSecRG
2011-2012:
SCADA:
OPC Systems WellinTech KingSCADA 5
:
WAGO, TECOMAT - 5
10
11
12
13
14
WAGO
FTP FTP ( )
HTTP ( )
HTTP ( )
HTTP (CSRF).
SNMP ( )
MODBUS ( )
WAGO Services DOS ( )
CODESYS ( )
15
HMI
ARP Spoofing
MITM
PLC
/IO
16
DSecRG
2013-2014:
:
HMI INOR MePro (DoS);
HART OPC Server (DoS).
/ ( SSRF):
HART;
Plant Asset Management
(XXE, XSS, DoS).
:
AVR MSP , @ ZeroNights
2013
17
18
PLC
I/O
Modbus
RS-485/Modbus
MSP
- .
20022014, Digital Security
19
DSecRG HART
20
21
XXE ? !
Internet
XSD-
XXE
MES
XMLI
XML-
PAS
HART
22
23
24
25
:
;
;
.
26
ERP
/
MES
OPC
PLC2,3
PLC1
PLC7,8
20022014, Digital Security
HMI/SCADA
, I/O
27
.
.
.
//.
.
28
HMI-.
.
.
.
(, .).
( Internet, VPN .).
29
.
.
SoD.
.
.
30
(MES)
-
(PLC)
31
-?
32
-?
: SoD, patchmanagement, , , .
( !)
. :
.
.
IDS/IPS.
.
.
20022014, Digital Security
33
, .
SoD.
.
.
.
34