|
On Shaky Ground - A Study of Security Vulnerabilities in Control Protocols
ACKNOWLEDGMENTS
We would like to thank Roman Shaffer of the U.S. Nuclear Regulatory Commission for his support and
helpful suggestions. We would also like to thank the US TSWG for its partial funding of this project.
REFERENCES
[1] Vulnerability Note VU#190617: LiveData ICCP Server heap buffer, US Computer Emergency Response Team, May 16, 2006, http://www.kb.cert.org/vuls/id/190617
[2] D. P. DUGGAN, M. BERG, J. DILLINGER and J. STAMP; "Penetration Testing of Industrial Control Systems", Sandia National Laboratories, March 7, 2005.
[3] E.J. BYRES, J. CARTER, A. ELRAMLY and D. HOFFMAN; "Worlds in Collision: Ethernet on the Plant Floor", ISA Emerging Technologies Conference, Instrumentation Systems and Automation Society, Chicago, October (2002).
[4] R. KAKSONEN, M. LAASKO and A. TAKANEN, "Vulnerability analysis of software through syntax testing," University of Oulu, Finland, Tech. Rep. (2000).
[5] O. TAL, S. KNIGHT and T. DEAN, "Syntax-based vulnerability testing of frame-based network protocols," Privacy, Security and Trust (2004).
[6] D. INCE, "The automatic generation of test data," The Computer Journal, 30, 1 (1987).
[7] E. G. SIRER and B. N. BERSHAD, "Using production grammars in software testing," PLAN '99: Proceedings of the 2nd conference on Domain-specific languages, New York, NY, pp 1-13, ACM Press, (1999).
« Prev | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13
|
|
