Security Analysis of Industrial Control S7 Protocol based on Peach

Abstract

The normal operation of industrial control system (ICS) is the fundamental to ensure the stable production of industry. However, the existence of loopholes in ICS seriously threatens the normal operation of ICS. Fuzzy testing technology is one of the important technical means to find undisclosed vulnerabilities. This paper is based on the peach framework. Firstly, this paper excavates the vulnerabilities of HTTP protocol, and then this method is applied to the 0xf0 function code of industrial control S7 protocol. The results show that this method is effective in the vulnerability discovery of industrial control protocol.