Theses and Dissertations
Issuing Body
Mississippi State University
Advisor
Vaughn, Rayford B., Jr.
Committee Member
Dampier, David A.
Committee Member
Ramkumar, Mahalingham
Committee Member
Morris, Thomas H.
Date of Degree
5-11-2013
Document Type
Dissertation - Open Access
Major
Computer Science
Degree Name
Doctor of Philosophy
College
James Worth Bagley College of Engineering
Department
Department of Computer Science and Engineering
Abstract
This dissertation describes vulnerability research in the area of critical infrastructure security. The intent of this research is to develop a set of recommendations and guidelines for improving the security of Industrial Control System (ICS) and Supervisory Control and Data Acquisition systems software. Specifically, this research focuses on the Human- Machine Interface (HMI) software that is used on control panel workstations. This document covers a brief introduction to control systems security terminology in order to define the research area, a hypothesis for the research, and a discussion of the contribution that this research will provide to the field. Previous work in the area by other researchers is summarized, followed by a description of the vulnerability research, analysis, and creation of deliverables. Technical information on the details of a number of vulnerabilities is presented for a number of HMI vulnerabilities, for which either the author has performed the analysis, or from public vulnerability disclosures where sufficient information about the vulnerabilities is available. Following the body of technical vulnerability information, the common features and characteristics of known vulnerabilities in HMI software are discussed, and that information is used to propose a taxonomy of HMI vulnerabilities. Such a taxonomy can be used to classify HMI vulnerabilities and organize future work on identifying and mitigating such vulnerabilities in the future. Finally, the contributions of this work are presented, along with a summary of areas that have been identified as interesting future work.
URI
https://hdl.handle.net/11668/17672
Recommended Citation
McGrew, Robert Wesley, "Vulnerability Analysis Case Studies of Control Systems Human Machine Interfaces" (2013). Theses and Dissertations. 4974.
https://scholarsjunction.msstate.edu/td/4974