Publications

Reports
News

Filter

19 October 2020

Practical example of fuzzing OPC UA applications

Pavel Cheremushkin

We continue to describe our approaches to searching for vulnerabilities in industrial systems based on the OPC UA protocol. In this article, we examine new techniques that can be used to search for memory corruption vulnerabilities if the source code is available. We also discuss an example of fuzzing using libfuzzer.

10 May 2018

OPC UA security analysis

Pavel Cheremushkin,

Sergey Temnikov

This paper discusses our project that involved searching for vulnerabilities in implementations of the OPC UA protocol. In publishing this material, we hope to draw the attention of vendors that develop software for industrial automation systems and the industrial internet of things to problems associated with using such widely available technologies, which turned out to be quite common.

APT 5
Companies and organisations 9
Industrial control systems 3
Industries 16
Laws and regulation 3
Malware 17
Products and services 11
Technologies 14
Types of threats 9

Select an author

Select a date

Filter

APT 1
Companies and organisations 49
Events and conferences 2
Industrial control systems 5
Industries 4
Laws and regulation 2
Malware 25
Products and services 58
Technologies 13
Types of threats 23

Select an author

Select a date

Select a tag

APT 5
Companies and organisations 9
Industrial control systems 3
Industries 16
Laws and regulation 3
Malware 17
Products and services 11
Technologies 14
Types of threats 9

Select an author

Select a date

Filter

Select a tag

APT 1
Companies and organisations 49
Events and conferences 2
Industrial control systems 5
Industries 4
Laws and regulation 2
Malware 25
Products and services 58
Technologies 13
Types of threats 23

Select an author

Select a date

Filter