research-article

eFuzz: A Fuzzer for DLMS/COSEM Electricity Meters

Authors:

Henrique Dantas,

Zekeriya Erkin,

Christian Doerr,

Raymond Hallie,

Gerrit van der BijAuthors Info & Claims

SEGS '14: Proceedings of the 2nd Workshop on Smart Energy Grid Security

Pages 31 - 38

https://doi.org/10.1145/2667190.2667194

Published: 07 November 2014 Publication History

Abstract

Smart grids enable new functionalities like remote and micro management and consequently, provide increased efficiency, easy management and effectiveness of the entire power grid infrastructure. In order to achieve this, smart meters are attached to the communication network, collecting fine granular data. Unfortunately, as the smart meters are limited devices connected to the network and running software, they also make the whole smart grid more vulnerable than the traditional grids in term of software problems and even possible cyber attacks. In this paper, we work towards an increased software security of smart metering devices and propose a fuzzing framework, eFuzz, built on the generic fuzzing framework Peach to detect software problems. eFuzz tests smart metering devices based on the communication protocol DLMS/COSEM, the standard protocol used in Europe, for possible faults. Our experiments prove the effectiveness of using an automated fuzzing framework compared to resource demanding, human made software protocol inspections. As an example, eFuzz detected between 10 and 40 bugs in different configurations in less than 3 hours while a manual inspection takes weeks. We also investigate the quality of the eFuzz results by comparing with the traditional non-automated evaluation of the same device with respect to scope and efficiency. Our analysis shows that eFuzz is a powerful tool for security inspections for smart meters, and embedded systems in general.

References

[1]

D. Aitel. The advantages of block-based protocol analysis for security testing. Immunity Inc., February, 2002.

[2]

G. Banks, M. Cova, V. Felmetsger, K. Almeroth, R. Kemmerer, and G. Vigna. SNOOZE: toward a Stateful NetwOrk prOtocol fuzZEr. In Information Security, pages 343--358. Springer, 2006.

Digital Library

[3]

S. Bekrar, C. Bekrar, R. Groz, and L. Mounier. Finding Software Vulnerabilities by Smart Fuzzing. The Fourth IEEE International Conference on Software Testing, Verification and Validation, pages 427--430, Mar. 2011.

Digital Library

[4]

S. Bekrar, C. Bekrar, R. Groz, and L. Mounier. A taint based approach for smart fuzzing. The Fifth IEEE International Conference on Software Testing, Verification and Validation, pages 818--825, Apr 2012.

Digital Library

[5]

Deja vu Security. Fuzzing Embedded Devices with Peach Fuzzer. https://www.youtube.com/watch?v=yevXIDaI_SA. Accessed: 2014-06.

[6]

Deja vu Security. Peach fuzzing platform. http://old.peachfuzzer.com/v2/peach23.html. Accessed: 2014-02.

[7]

Deja vu Security. What is Peach? http://old.peachfuzzer.com/WhatIsPeach.html. Accessed: 2014-03.

[8]

Z. Fan, P. Kulkarni, S. Gormus, C. Efthymiou, G. Kalogridis, M. Sooriyabandara, Z. Zhu, S. Lambotharan, and W. H. Chin. Smart grid communications: Overview of research challenges, solutions, and standardization activities. Communications Surveys & Tutorials, IEEE, 15(1):21--38, 2013.

[9]

V. C. Gungor, D. Sahin, T. Kocak, S. Ergut, C. Buccella, C. Cecati, and G. P. Hancke. A survey on smart grid potential applications and communication requirements. Industrial Informatics, IEEE Transactions on, 9(1):28--42, 2013.

[10]

C. Liechti. pySerial's documentation. http://pyserial.sourceforge.net. Accessed: 2014-06.

[11]

P. McDaniel and S. McLaughlin. Security and privacy challenges in the smart grid. IEEE Security and Privacy, 7(3):75--77, May 2009.

Digital Library

[12]

S. J. McIntyre. Termineter. https://github.com/securestate/termineter. Accessed: 2014-06.

[13]

A. R. Metke and R. L. Ekl. Security technology for smart grid networks. Smart Grid, IEEE Transactions on, 1(1):99--107, 2010.

[14]

MicroSolved Inc. Protopredator. http://microsolved.com/protoPredator.html. Accessed: 2014-06.

[15]

B. Miller. CS 736 Fall 1988 Project List, 1988.

[16]

B. P. Miller, L. Fredriksen, and B. So. An empirical study of the reliability of UNIX utilities. Communications of the ACM, 33(12):32--44, Dec. 1990.

Digital Library

[17]

MWR InfoSecurity. Usb fuzzing for the masses. https://labs.mwrinfosecurity.com/blog/2011/07/14/usb-fuzzing-for-the-masses/. Accessed: 2014-02.

[18]

A. J. Paverd and A. P. Martin. Hardware security for device authentication in the smart grid. In Smart Grid Security, pages 72--84. Springer, 2013.

[19]

W. Simpson. PPP in HDLC-like framing. July 1994. RFC 1662.

Digital Library

[20]

T. Wang, T. Wei, G. Gu, and W. Zou. TaintScope: A checksum-aware directed fuzzing tool for automatic software vulnerability detection. IEEE Symposium on Security and Privacy, pages 497--512, 2010.

Digital Library

[21]

W. Wang and Z. Lu. Cyber security in the smart grid: Survey and challenges. Computer Networks, 57(5):1344--1371, 2013.

Digital Library

Cited By

Uwibambe MPan YLi Q(2023)Fuzzing for Power Grids: A Comparative Study of Existing Frameworks and a New Method for Detecting Silent Crashes in Control Devices2023 IEEE Design Methodologies Conference (DMC)10.1109/DMC58182.2023.10412473(1-6)Online publication date: 24-Sep-2023
https://doi.org/10.1109/DMC58182.2023.10412473
Ilgner PFujdiak R(2022)Fuzzing Framework for IEC 60870-5-104 ProtocolProceedings of the 5th International Conference on Computer Science and Software Engineering10.1145/3569966.3570026(190-194)Online publication date: 21-Oct-2022
https://dl.acm.org/doi/10.1145/3569966.3570026
Werquin THubrechtsen RThangarajan APiessens FMühlberg J(2019)Automated Fuzzing of Automotive Control Units2019 International Workshop on Secure Internet of Things (SIOT)10.1109/SIOT48044.2019.9637090(1-8)Online publication date: 26-Sep-2019
https://doi.org/10.1109/SIOT48044.2019.9637090
Show More Cited By

Index Terms

eFuzz: A Fuzzer for DLMS/COSEM Electricity Meters

Index terms have been assigned to the content through auto-classification.

Recommendations

Taming compiler fuzzers
PLDI '13

Aggressive random testing tools ("fuzzers") are impressively effective at finding compiler bugs. For example, a single test-case generator has resulted in more than 1,700 bugs reported for a single JavaScript engine. However, fuzzers can be frustrating ...
FunFuzz: A Function-oriented Fuzzer for Smart Contract Vulnerability Detection with High Effectiveness and Efficiency
With the increasing popularity of Decentralized Applications (DApps) in blockchain, securing smart contracts has been a long-term, high-priority subject in the domain. Among the various research directions for vulnerability detection, fuzzing has received ...
Harvey: a greybox fuzzer for smart contracts
ESEC/FSE 2020: Proceedings of the 28th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering

We present Harvey, an industrial greybox fuzzer for smart contracts, which are programs managing accounts on a blockchain.

Greybox fuzzing is a lightweight test-generation approach that effectively detects bugs and security vulnerabilities. However, ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

SEGS '14: Proceedings of the 2nd Workshop on Smart Energy Grid Security

November 2014

60 pages

ISBN:9781450331548

DOI:10.1145/2667190

General Chairs:
Klaus Kursawe
ENCS, The Netherlands
,
Benessa Defend
ENCS, The Netherlands
,
Program Chair:
Klaus Kursawe
ENCS, The Netherlands

Copyright © 2014 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 07 November 2014

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS'14

Sponsor:

SIGSAC

CCS'14: 2014 ACM SIGSAC Conference on Computer and Communications Security

November 7, 2014

Arizona, Scottsdale, USA

Acceptance Rates

SEGS '14 Paper Acceptance Rate 7 of 11 submissions, 64%;

Overall Acceptance Rate 19 of 38 submissions, 50%

Upcoming Conference

CCS '24

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 14 - 18, 2024

Salt Lake City , UT , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
395
Total Downloads

Downloads (Last 12 months)10
Downloads (Last 6 weeks)3

Reflects downloads up to 30 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Uwibambe MPan YLi Q(2023)Fuzzing for Power Grids: A Comparative Study of Existing Frameworks and a New Method for Detecting Silent Crashes in Control Devices2023 IEEE Design Methodologies Conference (DMC)10.1109/DMC58182.2023.10412473(1-6)Online publication date: 24-Sep-2023
https://doi.org/10.1109/DMC58182.2023.10412473
Ilgner PFujdiak R(2022)Fuzzing Framework for IEC 60870-5-104 ProtocolProceedings of the 5th International Conference on Computer Science and Software Engineering10.1145/3569966.3570026(190-194)Online publication date: 21-Oct-2022
https://dl.acm.org/doi/10.1145/3569966.3570026
Werquin THubrechtsen RThangarajan APiessens FMühlberg J(2019)Automated Fuzzing of Automotive Control Units2019 International Workshop on Secure Internet of Things (SIOT)10.1109/SIOT48044.2019.9637090(1-8)Online publication date: 26-Sep-2019
https://doi.org/10.1109/SIOT48044.2019.9637090
Men JXu GHan ZSun ZZhou XLian WCheng X(2019)Finding Sands in the Eyes: Vulnerabilities Discovery in IoT With EUFuzzer on Human Machine InterfaceIEEE Access10.1109/ACCESS.2019.29310617(103751-103759)Online publication date: 2019
https://doi.org/10.1109/ACCESS.2019.2931061
Erkin Z(2015)Private data aggregation with groups for smart grids in a dynamic setting using CRT2015 IEEE International Workshop on Information Forensics and Security (WIFS)10.1109/WIFS.2015.7368584(1-6)Online publication date: Nov-2015
https://doi.org/10.1109/WIFS.2015.7368584

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents