Chien-Lung Wang, Jou-An Shih, I. Liao, Chun-Tsai Chien
{"title":"基于模糊测试的DLMS/COSEM智能电表网络安全风险评估","authors":"Chien-Lung Wang, Jou-An Shih, I. Liao, Chun-Tsai Chien","doi":"10.1109/IET-ICETA56553.2022.9971577","DOIUrl":null,"url":null,"abstract":"Since smart meters are IoT devices that can share energy usage information to users and third-party service providers, any vulnerability of smart meters that can be exploited by hackers is a threat to the reliability of smart grids. The purpose of this paper is to explore the possibilities of DoS attacks to smart meters. Our research focuses on the High-Level Data Link Control layer of DLMS/cosEM smart meters. The testing cases are generated by fuzzing testing methods according to the HDLC specifications. The CTT 3.1 is used as the client sending requests to the smart meter server. The responses of the server are then recorded and analyzed for potential vulnerabilities. The results show that the fuzzing test cases on the buffer overflow/underflow category generate most of the abnormal responses.","PeriodicalId":46240,"journal":{"name":"IET Networks","volume":"38 1","pages":"1-2"},"PeriodicalIF":1.3000,"publicationDate":"2022-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"An Evaluation of Cybersecurity Risks of DLMS/COSEM Smart Meter Using Fuzzing Testing\",\"authors\":\"Chien-Lung Wang, Jou-An Shih, I. Liao, Chun-Tsai Chien\",\"doi\":\"10.1109/IET-ICETA56553.2022.9971577\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Since smart meters are IoT devices that can share energy usage information to users and third-party service providers, any vulnerability of smart meters that can be exploited by hackers is a threat to the reliability of smart grids. The purpose of this paper is to explore the possibilities of DoS attacks to smart meters. Our research focuses on the High-Level Data Link Control layer of DLMS/cosEM smart meters. The testing cases are generated by fuzzing testing methods according to the HDLC specifications. The CTT 3.1 is used as the client sending requests to the smart meter server. The responses of the server are then recorded and analyzed for potential vulnerabilities. The results show that the fuzzing test cases on the buffer overflow/underflow category generate most of the abnormal responses.\",\"PeriodicalId\":46240,\"journal\":{\"name\":\"IET Networks\",\"volume\":\"38 1\",\"pages\":\"1-2\"},\"PeriodicalIF\":1.3000,\"publicationDate\":\"2022-10-14\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IET Networks\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/IET-ICETA56553.2022.9971577\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IET Networks","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IET-ICETA56553.2022.9971577","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
An Evaluation of Cybersecurity Risks of DLMS/COSEM Smart Meter Using Fuzzing Testing
Since smart meters are IoT devices that can share energy usage information to users and third-party service providers, any vulnerability of smart meters that can be exploited by hackers is a threat to the reliability of smart grids. The purpose of this paper is to explore the possibilities of DoS attacks to smart meters. Our research focuses on the High-Level Data Link Control layer of DLMS/cosEM smart meters. The testing cases are generated by fuzzing testing methods according to the HDLC specifications. The CTT 3.1 is used as the client sending requests to the smart meter server. The responses of the server are then recorded and analyzed for potential vulnerabilities. The results show that the fuzzing test cases on the buffer overflow/underflow category generate most of the abnormal responses.
IET NetworksCOMPUTER SCIENCE, INFORMATION SYSTEMS-
CiteScore
5.00
自引率
0.00%
发文量
41
审稿时长
33 weeks
期刊介绍:
IET Networks covers the fundamental developments and advancing methodologies to achieve higher performance, optimized and dependable future networks. IET Networks is particularly interested in new ideas and superior solutions to the known and arising technological development bottlenecks at all levels of networking such as topologies, protocols, routing, relaying and resource-allocation for more efficient and more reliable provision of network services. Topics include, but are not limited to: Network Architecture, Design and Planning, Network Protocol, Software, Analysis, Simulation and Experiment, Network Technologies, Applications and Services, Network Security, Operation and Management.