Fuzzing ICS Protocols: Modbus Fuzzer Framework

Abstract

Traditionally, industrial control systems were very isolated and industrial control systems operated with very consistent data traffic. Along with the trend of Industry 4.0, their isolation is decreasing and industrial systems are much more connected to other networks. Specifically for these systems, there is a strong focus on their reliability, but also on cyber security. This paper focuses on the widely used industrial Modbus protocol, its security aspects and its structure. A tool for fuzzing testing of this protocol is presented in order to detect possible vulnerabilities in Modbus devices. The architecture of the proposed fuzzer is described in detail. The capabilities of the fuzzer are then demonstrated on a testbed.