基于模糊测试的DLMS/COSEM智能电表网络安全风险评估

IF 1.3 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS
Chien-Lung Wang, Jou-An Shih, I. Liao, Chun-Tsai Chien
{"title":"基于模糊测试的DLMS/COSEM智能电表网络安全风险评估","authors":"Chien-Lung Wang, Jou-An Shih, I. Liao, Chun-Tsai Chien","doi":"10.1109/IET-ICETA56553.2022.9971577","DOIUrl":null,"url":null,"abstract":"Since smart meters are IoT devices that can share energy usage information to users and third-party service providers, any vulnerability of smart meters that can be exploited by hackers is a threat to the reliability of smart grids. The purpose of this paper is to explore the possibilities of DoS attacks to smart meters. Our research focuses on the High-Level Data Link Control layer of DLMS/cosEM smart meters. The testing cases are generated by fuzzing testing methods according to the HDLC specifications. The CTT 3.1 is used as the client sending requests to the smart meter server. The responses of the server are then recorded and analyzed for potential vulnerabilities. The results show that the fuzzing test cases on the buffer overflow/underflow category generate most of the abnormal responses.","PeriodicalId":46240,"journal":{"name":"IET Networks","volume":"38 1","pages":"1-2"},"PeriodicalIF":1.3000,"publicationDate":"2022-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"An Evaluation of Cybersecurity Risks of DLMS/COSEM Smart Meter Using Fuzzing Testing\",\"authors\":\"Chien-Lung Wang, Jou-An Shih, I. Liao, Chun-Tsai Chien\",\"doi\":\"10.1109/IET-ICETA56553.2022.9971577\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Since smart meters are IoT devices that can share energy usage information to users and third-party service providers, any vulnerability of smart meters that can be exploited by hackers is a threat to the reliability of smart grids. The purpose of this paper is to explore the possibilities of DoS attacks to smart meters. Our research focuses on the High-Level Data Link Control layer of DLMS/cosEM smart meters. The testing cases are generated by fuzzing testing methods according to the HDLC specifications. The CTT 3.1 is used as the client sending requests to the smart meter server. The responses of the server are then recorded and analyzed for potential vulnerabilities. The results show that the fuzzing test cases on the buffer overflow/underflow category generate most of the abnormal responses.\",\"PeriodicalId\":46240,\"journal\":{\"name\":\"IET Networks\",\"volume\":\"38 1\",\"pages\":\"1-2\"},\"PeriodicalIF\":1.3000,\"publicationDate\":\"2022-10-14\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IET Networks\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/IET-ICETA56553.2022.9971577\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IET Networks","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IET-ICETA56553.2022.9971577","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 2

摘要

由于智能电表是可以向用户和第三方服务提供商共享能源使用信息的物联网设备,因此智能电表的任何漏洞都可能被黑客利用,从而威胁到智能电网的可靠性。本文的目的是探讨DoS攻击智能电表的可能性。我们的研究重点是DLMS/cosEM智能电表的高级数据链路控制层。根据HDLC规范,采用模糊测试方法生成测试用例。使用CTT 3.1作为客户端向智能电表服务器发送请求。然后记录服务器的响应并分析潜在的漏洞。结果表明,缓冲区溢出/下流类别的模糊测试用例产生的异常响应最多。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
An Evaluation of Cybersecurity Risks of DLMS/COSEM Smart Meter Using Fuzzing Testing
Since smart meters are IoT devices that can share energy usage information to users and third-party service providers, any vulnerability of smart meters that can be exploited by hackers is a threat to the reliability of smart grids. The purpose of this paper is to explore the possibilities of DoS attacks to smart meters. Our research focuses on the High-Level Data Link Control layer of DLMS/cosEM smart meters. The testing cases are generated by fuzzing testing methods according to the HDLC specifications. The CTT 3.1 is used as the client sending requests to the smart meter server. The responses of the server are then recorded and analyzed for potential vulnerabilities. The results show that the fuzzing test cases on the buffer overflow/underflow category generate most of the abnormal responses.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
IET Networks
IET Networks COMPUTER SCIENCE, INFORMATION SYSTEMS-
CiteScore
5.00
自引率
0.00%
发文量
41
审稿时长
33 weeks
期刊介绍: IET Networks covers the fundamental developments and advancing methodologies to achieve higher performance, optimized and dependable future networks. IET Networks is particularly interested in new ideas and superior solutions to the known and arising technological development bottlenecks at all levels of networking such as topologies, protocols, routing, relaying and resource-allocation for more efficient and more reliable provision of network services. Topics include, but are not limited to: Network Architecture, Design and Planning, Network Protocol, Software, Analysis, Simulation and Experiment, Network Technologies, Applications and Services, Network Security, Operation and Management.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信