Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Next Article in Journal
Survey of Artificial Intelligence Model Marketplace
Previous Article in Journal
Question–Answer Methodology for Vulnerable Source Code Review via Prototype-Based Model-Agnostic Meta-Learning
Previous Article in Special Issue
Ventinel: Automated Detection of Android Vishing Apps Using Optical Character Recognition
 
 
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Article

End-to-End Framework for Identifying Vulnerabilities of Operational Technology Protocols and Their Implementations in Industrial IoT

Department of Electrical and Computer Engineering, University of Nebraska-Lincoln, Lincoln, NE 68588, USA
*
Author to whom correspondence should be addressed.
Future Internet 2025, 17(1), 34; https://doi.org/10.3390/fi17010034
Submission received: 26 November 2024 / Revised: 10 January 2025 / Accepted: 10 January 2025 / Published: 14 January 2025

Abstract

:
The convergence of IT and OT networks has gained significant attention in recent years, facilitated by the increase in distributed computing capabilities, the widespread deployment of Internet of Things devices, and the adoption of Industrial Internet of Things. This convergence has led to a drastic increase in external access capabilities to previously air-gapped industrial systems for process control and monitoring. To meet the need for remote access to system information, protocols designed for the OT space were extended to allow IT networked communications. However, OT protocols often lack the rigor of cybersecurity capabilities that have become a critical characteristic of IT protocols. Furthermore, OT protocol implementations on individual devices can vary in performance, requiring the comprehensive evaluation of a device’s reliability and capabilities before installation into a critical infrastructure production network. In this paper, the authors define a framework for identifying vulnerabilities within these protocols and their on-device implementations, utilizing formal modeling, hardware in the loop-driven network emulation, and fully virtual network scenario simulation. Initially, protocol specifications are modeled to identify any vulnerable states within the protocol, leveraging the Construction and Analysis of Distributed Processes (CADP) software (version 2022-d “Kista”, which was created by Inria, the French Institute for Research in Computer Science and Automation, in France). Device characteristics are then extracted through automated real-time network emulation tests built on the OMNET++ framework, and all measured device characteristics are then used as a virtual device representation for network simulation tests within the OMNET++ software (version 6.0.1., a public-soucre, open-architecture software, initially developed by OpenSim Limited in Budapest, Hungary), to verify the presence of any potential vulnerabilities identified in the formal modeling stage. With this framework, the authors have thus defined an end-to-end process to identify and verify the presence and impact of potential vulnerabilities within a protocol, as shown by the presented results. Furthermore, this framework can test protocol compliance, performance, and security in a controlled environment before deploying devices in live production networks and addressing cybersecurity concerns.

1. Introduction

In recent years, the convergence of Information Technology (IT) and Operational Technology (OT) domains has brought significant advancements in automation, centralization, and networked control systems. This convergence, particularly within critical infrastructure and manufacturing sectors, offers substantial benefits, including enhanced resource management and improved operational efficiency. The ability to control and monitor systems across vast geographical distances has revolutionized how services are delivered, making them more efficient and responsive. However, integrating OT protocols with IT infrastructure has also introduced new vulnerabilities that were not initially accounted for in the design of OT protocols [1]. Their original isolation from the Internet resulted in simple and effective protocol designs. However, this lack of cybersecurity features now results in the need for efforts to layer on security features, often resulting in vulnerabilities, insufficient protection mechanisms, complexity increase, and a negative impact on OT protocol performance. Vulnerabilities, in particular, often stem from the differing security models and communication requirements between IT and OT systems. As a result, OT systems that were originally isolated and designed for closed environments are now exposed to a broader range of cyber threats. Many organizations have turned to network monitoring tools adopted from the IT domain to mitigate these risks, including firewalls, intrusion detection systems, and anomaly detection schemes. While these tools have improved overall cybersecurity postures, OT protocols remain vulnerable to various sophisticated attacks [2].
The increasing integration of OT devices within the Internet of Things (IoT) and Industrial IoT (IIoT) networks has further compounded these challenges [3]. The proliferation of IoT devices has enabled seamless communication and easier commissioning of networks, thanks to the reliability of IT communication infrastructures. However, the growing complexity of these networks introduces new challenges related to network latency, the availability of communication links, and the specific characteristics of devices used in safety-critical communications [4]. As OT systems become more interconnected with IT networks, ensuring continuous availability and reliability of communication channels becomes crucial. Failures in communication can lead to cascading effects, especially in environments where real-time data exchange is critical for system stability and safety. Therefore, exploring new methods for testing, evaluating, and securing these integrated networks is essential for ensuring that performance and safety requirements are met without compromise.

Motivation

As Industrial IoT (IIoT) applications continue to expand, the importance of network simulation and emulation becomes increasingly critical for several reasons. IIoT systems typically consist of a vast array of interconnected devices, sensors, and applications, all of which must function cohesively in real-world operational environments and under a wide range of operating conditions.
Building a physical testbed for IIoT applications can be prohibitively expensive and time-consuming [5]. By leveraging simulation and emulation techniques, organizations can significantly reduce the costs associated with hardware procurement, installation, and maintenance. Virtual environments allow for rapid prototyping and testing, enabling organizations to iterate designs quickly and efficiently before deploying them in real-world environments. They also provide an important stepping stone to Digital Twins. As IIoT applications scale, network performance under varying loads becomes an essential consideration. Network simulation provides a means to assess how systems perform as they expand, testing different configurations and scales of operation. Emulation further enables organizations to simulate high-stress conditions, offering insights into the resilience and robustness of the system under various network disruptions.
With the rise of cyber threats targeting IIoT systems, testing security protocols in a controlled environment is essential. Network simulation allows for examining potential attack vectors, enabling organizations to strengthen their defenses before systems are deployed in the field. Organizations can better prepare for real-world threats by emulating various attack scenarios, ensuring that their systems are resilient to emerging risks. IIoT ecosystems often involve devices from multiple vendors, each with its own implementation of communication protocols. This diversity in protocol support can lead to discrepancies in how devices behave, which may create security vulnerabilities that are not apparent when considering protocols in isolation [6]. For example, different vendors may implement the same protocol with slight variations in timing, error handling, or message parsing, which can introduce interoperability issues between devices from different vendors. A key goal of this paper is to develop a framework that can be leveraged to identify potential vulnerabilities before production deployment, as well as to capture and characterize each device’s operating behavior to improve cybersecurity posture and awareness. In critical infrastructure sectors, awareness of potential vulnerabilities, implementation variations, and performance considerations is vital for ensuring secure, robust, and reliable operations. However, there remains a lack of comprehensive and versatile test solutions available for individual device protocol evaluations that also achieve high fidelity in representing production networks [7].
In this paper, we thus introduce an end-to-end framework for evaluating OT protocols and their on-device implementations within IIoT environments. The proposed framework combines formal modeling, a physical testbed coupled with hardware-in-the-loop (HIL) network emulation for device behavior profiling used to develop a high-fidelity representation model of the device under test, and a network scenario simulation stage that utilizes these device profiles to assess the security and performance of OT protocol implementations. Formal modeling is conducted using the Construction and Analysis of Distributed Processes (CADP) toolset, where the Lotos New Technology (LNT) specification language is employed to identify critical transition states within the protocol’s specification. These critical states are used to identify potential areas of concern for cybersecurity vulnerabilities, especially if implemented incorrectly, and allow us to define test cases for individual OT devices in combination with a test harness. The results from these tests are subsequently used in combination with a device profile to replicate the device’s behavior in a real-time simulation framework, OMNeT++, enabling reliable network simulations. This approach allows the replication of individual devices and components within the simulation, providing a platform for evaluating the behavior of OT devices in a complex, integrated IIoT network, with a focus on identifying vulnerabilities and implementation challenges. By using this framework, it is, therefore, possible to test protocol compliance, performance, and security in a controlled environment before deploying devices in live production networks.

2. Related Works

The issue of security in industrial communications is a relatively recent challenge compared to traditional IT networks [1]. However, with the growing complexity of Industrial Internet of Things (IIoT) systems, the importance of network emulation and the creation of digital twins has become widely recognized. These technologies are crucial for enhancing system reliability, performance, and security. As IIoT systems become increasingly intricate, with many interconnected devices and real-time communication demands, traditional testing and validation methods often fail to ensure system robustness under varying operational conditions. In this context, network emulation—using tools such as OMNeT++ in conjunction with the INET framework—has proven to be a powerful tool for simulating real-world network behaviors, including traffic patterns, latency, and congestion, within controlled environments. OMNeT++ has been effectively employed in modeling and analyzing various network protocols and topologies, offering an efficient platform for evaluating IIoT performance scenarios [8,9].
Recent studies underscore the importance of network emulation for testing IIoT systems prior to deployment, especially concerning industrial protocols and time-sensitive communication. For instance, the use of protocols like TCP Cubic in IIoT contexts has been explored through OMNeT++ simulations [10], highlighting the role of emulation in evaluating protocol efficiency and optimizing communication in industrial settings. Furthermore, the precision of network simulations in replicating real hardware behaviors, such as Time-Sensitive Networking (TSN), is critical for achieving reliable IIoT performance [11,12]. This approach can also incorporate emerging technologies, such as 5G communication, to enhance IIoT network capabilities [13].
Another important development in IIoT research is the concept of digital twins, which involves creating virtual representations of physical systems. Digital twins enable predictive maintenance, performance monitoring, and system optimization by simulating real-time system dynamics and network interactions. This capability allows manufacturers to proactively identify issues and fine-tune performance parameters. The implications for industrial security are significant, as digital twins and emulation frameworks are increasingly used to assess vulnerabilities in IIoT protocols and ensure secure communication [14,15]. Overall, the integration of network emulation and digital twin technologies provides a deeper understanding of IIoT systems’ behavior, facilitating optimization and risk mitigation before deployment [5] and contributing to process optimization [16].
In addition to ensuring reliable communication, there has been an increase in research focused on securing IIoT networks. For example, a framework for anomaly detection within IIoT networks is presented in [17]. Formal methods, such as those discussed in [18], are also being utilized to validate the absence of deadlocks in IIoT communication. Furthermore, the implementation of zero-trust principles has been proposed to safeguard the security of entire IIoT deployments [19].
Formal modeling has also been proposed in evaluating IIoT networks. The authors of [20] utilize a discrete-state machine model to evaluate task scheduling in IIoT, which specifically focuses on the availability of different IoT devices in enterprise networks based on device state transition probabilities. This method showed that scheduling packets for individual networks can improve throughput and reduce the packet loss probability. In [21], the authors introduce petri-nets for network digital twin formal modeling. This approach employs petri-nets to explore all possible states of a network and validate the operation against a physical network testbed. This approach seeks to identify deadlocks or operational issues through testing, while not evaluating the protocol specification. In another work, Muthukumar et. al [22] utilize automation-based markup and computation tree logic. This model-based approach does not apply directly to protocol standards and instead focuses on the behavior of individual devices. While useful for individual device validation, this approach may fail to detect protocol compliance, and thus interoperability, issues that result from deviations in the implementation of protocol operations.
However, to the best of our knowledge, the work presented here is the first framework of its kind specifically focused on predicting and validating the existence of potential cybersecurity vulnerabilities in the protocol and its implementation for IIoT devices in a pre-deployment environment, which is vitally important for critical infrastructure sectors. The work presented in this paper provides a unique platform to evaluate IIoT in this manner.

3. Methodology

Our framework is broadly characterized by three distinct phases of evaluation: (1) Formal modeling to identify or predict potential cybersecurity vulnerabilities or implementation issues—areas where a protocol has the potential to veer into undesirable states if handled or implemented incorrectly. (2) A physical testbed using the device-under-test (DUT) together with real-time network emulation to characterize device behavior using a hardware-in-the-loop approach to collect information critical for developing a high-fidelity device behavior profile. (3) Network simulation, which is leveraged to validate proper device behavior or the existence of vulnerabilities or ineffective protocol implementations under different critical scenarios, supported by the data collected in phase 2. An overview can be seen in Figure 1.
Different aspects of this framework have been discussed in our previous publications. For example, the formal modeling aspects were discussed in more detail in [23], and the device testing was discussed in [24].

3.1. Formal Modeling

As a first phase in our framework, we employ formal modeling to identify potential theoretical transitions that could introduce issues and vulnerabilities within a protocol specification or its implementation. This approach involves translating the protocol specification into a hierarchical diagram that describes valid communication channels, device roles, and the states each device may assume in compliance with the protocol specification. While a protocol specification typically outlines required transitions between states, it may not account for transitions that involve error handling, such as those triggered by erroneous packets or timeouts, which are not always explicitly stated. To address this, formal modeling is performed using the Construction and Analysis of Distributed Processes (CADP) framework [25], a widely used toolset for process algebra and formal modeling of concurrent systems. Our previous work has identified critical transition states within the Modbus protocol, both in serial and TCP communication contexts [23], thereby illustrating the efficacy of this approach. This modeling is conducted using the Lotos New Technology (LNT) specification language [26], which facilitates the translation of the protocol specification into a hierarchical diagram that identifies communication channels and individual node states. LNT employs rendezvous synchronization communication processes, which makes it particularly effective for modeling communication protocols. This is especially useful for IIoT processes, as they may run multiple concurrent processes, yet they must still synchronize and communicate when a packet is received.

3.2. Physical Testbed

The integration and deployment of OT systems, particularly those using protocols like IEC-61850 GOOSE, require rigorous testing to ensure they perform reliably and securely in real-world environments. Traditional simulation-based approaches, while useful, often fail to capture the complexities of actual system behavior. This approach enables more accurate assessments of performance, network behavior, and potential vulnerabilities than purely emulated environments, offering a practical solution for evaluating OT systems.
A key benefit of a physical testbed is its ability to capture network behaviors such as message latency, jitter, and packet loss in real-time, which are often difficult to replicate in simulations. Testing with real devices also allows for evaluating interoperability between devices from different manufacturers, ensuring that communication protocols function as expected across diverse hardware platforms. Additionally, such testbeds provide an effective means of assessing security, as researchers can simulate real-world cyber threats to understand how OT devices and protocols respond to attacks like denial of service or message spoofing. This hands-on approach helps uncover vulnerabilities that may not be visible in theoretical models or simulation-based tests. Specifically, in this second framework stage, we couple the physical device under test with the real-time network emulation capabilities provided by OMNeT++ to perform HIL device profiling.
This approach balances flexibility and scalability, making it adaptable to a wide range of testing scenarios. Researchers can configure the testbed to emulate various network topologies and test different OT protocols, enabling comprehensive device performance benchmarking and optimization of system configurations. In one of our previous works [24], we demonstrated how such testbeds can facilitate detailed evaluation, guiding improvements in OT system design and contributing to critical infrastructure systems’ reliability, security, and overall robustness. By providing a realistic testing environment, on-device testbeds are invaluable tools for advancing the state-of-the-art in OT protocol validation.
However, building testbeds for complicated systems may be prohibitively expensive for an organization and may make evaluations of individual device replacements impossible before installation. For the method proposed in this paper, we leverage a physical testbed to identify on-device parameters for production OT devices and translate those into nodes for network simulation.
On the other hand, network emulation using OMNeT++ and the INET framework provides a robust platform for modeling and analyzing the behavior of complex networked systems or singular devices under test, as utilized in our framework. OMNeT++ is a discrete-event simulation environment that facilitates the construction of detailed, scalable network models [8]. The INET framework, an extension of OMNeT++, offers a comprehensive set of modules that enable the simulation of various networking protocols, devices, and application behaviors [9]. This combination allows for creating a wide range of realistic network topologies, the specification of communication protocols like TCP/IP, UDP, and routing protocols, and the emulation of network traffic and conditions, including latency, congestion, and packet loss. OMNeT++ and INET support the simulation of both wired and wireless networks, ranging from simple client–server models to more sophisticated, multi-node distributed systems.
The process of network emulation within our framework involves defining network topologies and executing real-time simulations to assess key performance metrics such as throughput, delay, packet loss, and network stability for the connected physical device under test. OMNeT++ provides a graphical user interface for visualizing the network dynamics during simulation. At the same time, INET incorporates a wide array of protocol models and application modules for generating realistic traffic patterns. The obtained results can be analyzed through the built-in result analysis tools, enabling the evaluation of various scenarios and conditions, including fault conditions and performance bottlenecks. Fault conditions may occur with any deadlock states in a protocol implementation, which may cause devices to not respond correctly to packets, or send incorrect information on a network. The combination of OMNeT++ and INET offers a highly flexible and detailed environment for conducting network research, testing protocol performance and vulnerabilities—including false data injection, denial of service, and interoperability errors—and exploring the behavior of networked systems under varying conditions.
The process we employ is shown in Figure 2, where we create a custom namespace within the operating system to connect OMNET++ and the physical ethernet interface on the DUT.
This is made possible through the real-time simulator engine in OMNET++ and the external UDP interface outlined by the INET package. However, the real-time simulator guarantees real-time operation for packet transmission and not the packet processing performed in our simulation. Due to this fact, packet analysis tools such as tShark were employed to measure timing, packet response failure, and incorrect device responses tested under the network emulation step to verify the presence of the formal verification-predicted potential vulnerabilities. These measurements were then compiled into an individual device collection, which is subsequently utilized in the network simulation step to create a device profile for accurate device behavior simulations. The collected information comprises the device profile we require for the third stage in our framework.

3.3. Network Simulation

Network simulation has become an essential tool in the evaluation and optimization of complex networks, particularly in the context of OT systems. While physical testing can provide a highly realistic and accurate assessment of system behavior under real-world conditions, it often requires a significant investment in physical infrastructure, which may not be feasible for all testing scenarios. By leveraging data and parameters collected from our HIL-driven device profiling stage, our network simulation allows for creating a fully virtualized network that closely mirrors the behavior of an actual OT system without the need for constructing a costly and resource-intensive testbed.
When integrated with the data collected through our device profiling stage, the advantage of this approach is that it enables researchers and engineers to simulate a wide range of network configurations and operational conditions using accurate and detailed real-world data. For instance, parameters such as message latency, jitter, packet loss, and device interoperability, which are captured during our device profiling stage, can be incorporated into the simulation to ensure that the virtual model reflects the actual performance characteristics observed in the field. This combination of real-world data and simulation allows for an accurate and dynamic representation of the network’s behavior, offering insights into potential issues like network congestion, protocol inefficiencies, or security vulnerabilities that may not be apparent during a limited physical testbed session.
Moreover, network simulation offers substantial flexibility and scalability compared to physical testbeds. Once the relevant parameters are extracted from on-device tests, the simulated network can be rapidly reconfigured to explore different topologies, device configurations, or traffic patterns. This makes it possible to test various scenarios at a fraction of the cost and time required for physical setups. Furthermore, simulations can be executed in parallel across different environments or scaled to handle larger networks, enabling comprehensive testing that might otherwise be impractical. In this way, network simulation enhances the value of a physical testing approach or an HIL-driven emulation approach by extending its reach and providing deeper insights into system performance without the logistical and financial constraints of building large-scale physical testbeds.
In network performance analysis, the latency distribution often exhibits a skewed, heavy-tailed behavior. One common statistical model for such data is the log-normal distribution, which is used to model variables that are the product of many independent, identically distributed random variables and was proven effective in previous works [27]. Given the observation that network latency data frequently follow this pattern, we employ curve fitting to a log-normal distribution for device characterization.
Given this assumption, we characterize X as a log-normal distribution, such that  Y = ln ( X ) , follows a normal Gaussian distribution. This distribution is parameterized by its shape and skew parameters,  μ  and  σ , where  μ  is the mean and  σ  is the standard deviation of the underlying normal distribution of Y. Then, the probability density function (PDF) is given by the following:
f X ( x ; μ , σ ) = 1 x σ 2 π exp ( ln x μ ) 2 2 σ 2
where : x > 0 , μ R , σ > 0
To fit a log-normal distribution to latency data, we first collect a set of latency measurements  { x 1 , x 2 , , x n } , where  x i  represents the latency observed for the i-th measurement. The fitting process involves estimating the parameters  μ  and  σ  that best describe the observed data utilizing the maximum likelihood estimation (MLE) method, which maximizes the likelihood function of the log-normal distribution given the data. This likelihood function for a set of independent observations  { x 1 , x 2 , , x n }  is as follows:
L ( μ , σ ) = i = 1 n 1 x i σ 2 π exp ( ln x i μ ) 2 2 σ 2
Taking the logarithm of the likelihood function to simplify the calculations, we obtain the log-likelihood function:
( μ , σ ) = n ln ( σ 2 π ) i = 1 n ln ( x i ) 1 2 σ 2 i = 1 n ( ln x i μ ) 2
To find the values of  μ  and  σ  that maximize the log-likelihood function, we take the partial derivatives of  ( μ , σ )  with respect to  μ  and  σ , set them to zero, and solve the resulting system of equations. The estimates for  μ  and  σ  are given by the following:
μ ^ = 1 n i = 1 n ln ( x i ) , σ ^ 2 = 1 n i = 1 n ( ln ( x i ) μ ^ ) 2
Once the parameters  μ ^  and  σ ^  are determined, the fitted log-normal distribution can be used to predict the likelihood of different latency values and assess device characteristics since a larger variance in latency may correlate to longer on-device processing. This processing time may indicate the presence of a cybersecurity vulnerability or generally make the device more susceptible to a cyber attack through denial-of-service since each packet takes a larger portion of processing time on the device. This model is particularly useful in understanding latency behavior in large-scale networks, where long-tail distributions are common, and can inform decisions related to network design, quality of service (QoS) optimization, and required device isolation from network traffic to mitigate vulnerability exposure.

3.4. Vulnerability Verification

Building upon the network simulation and emulation framework and its capabilities for collecting a variety of metrics under a wide range of scenarios, we then endeavored to leverage this system for vulnerability identification and validation. In developing this approach, we generated attack traffic in a manner consistent with our preceding research [24]. The crafted attack traffic was categorized into three distinct subsets, each designed to test specific aspects of device resilience. Traffic directed at the device’s IP address featured intentionally malformed packet headers specific to the Modbus application protocol, simulating invalid protocol header attacks. Additionally, a subset of traffic contained syntactically correct headers but bore incorrect data, allowing for assessing device behavior in response to valid yet erroneous information. Furthermore, duplicated packets from previous transmissions were used to simulate replay attack scenarios. To assess the impact on device performance, this crafted attack traffic was subjected to incremental frequency testing, starting at a low frequency of once per second and escalating to 5, 10, 20, 30, 40, 50, 60, and 70 packets per second. Prior experiments demonstrated that such attacks can precipitate various detrimental effects, from elevated latency to complete operational failure in affected devices. The fine-grain control of packet generation also allows for vulnerability verification that may not be performance-based, such as responding to incorrect packets.

4. Results

The results presented in this section consist of the formal model developed for the Modbus protocol, in conjunction with the results measured through our physical testbed, the calculated device properties of the DUT, and the resulting network simulation results. The tests conducted in these results are performed on a production Intelligent Electronic Device (IED) intended for production OT environments.

4.1. Formal Model

As presented in [23], the formal model of the protocol outlines several critical transitions that are pivotal for understanding the behavior and potential vulnerabilities of OT communication systems. These identified critical transitions occur when there is no defined behavior for the protocol’s state, i.e., a potential timeout situation without a protocol requirement for timeout handling. These critical transitions are identified based on the protocol’s response patterns and the potential for error states, particularly in scenarios where devices fail to respond as expected. As we have shown in [23], the Modbus protocol is comprises a number of states and state transitions. In total, there are 787 states and 11,385 transitions that result from the formal model development. Out of these, there are 5799 state transitions that are critical transitions. However, after model optimization as described in our prior work, we can collapse the vast majority of the states to arrive at 62 total reduced states. The same trend is apparent when reviewing specific interactions, such as the Read Coils functionality, which is comprised of 18 states and 92 transitions, 16 of which are critical transitions. Model reduction arrives at a total of four reduced states. The number of critical transitions may initially appear large, suggesting that a wide array of conditions requires investigation. However, a deeper analysis of the state diagram in Figure 3 reveals that many of these transitions are concentrated around a specific critical state—State 0—where a valid packet is not returned, a scenario that can trigger multiple different failure modes. These failure modes may indicate failure during normal operation or under a cyberattack.
State 0, as depicted in Figure 3, acts as a central point of failure in the protocol’s operation, where the lack of a valid response from the receiving device leads to a cascade of critical transitions. This state is particularly important because it represents a condition where the DUT does not acknowledge or process the incoming packet, which can result from various issues, including network congestion, packet loss, or protocol misinterpretation. The concentration of transitions in this state indicates that a significant portion of the protocol’s vulnerabilities may be tied to handling such scenarios. Analyzing these transitions is crucial for identifying weaknesses in error handling, timeout management, and recovery mechanisms, all of which are vital for maintaining the reliability and security of OT communication systems.
Upon further examination, the transitions in State 0 also suggest that the protocol’s ability to handle invalid or missing packets is a critical factor in maintaining overall network reliability. If the protocol does not account for these failure modes with appropriate corrective actions, such as retransmission or error recovery, the network may experience prolonged periods of instability or even total failure. This highlights the importance of formal modeling in identifying these weak points early in the design or deployment process, allowing for targeted improvements in the protocol’s error-handling mechanisms.
Although Modbus is widely adopted due to its open standard and simplicity, certain critical transitions can still significantly impact device implementations, particularly in the context of cyberattacks. These transitions are often challenging to detect in distributed systems, where each device may have distinct operational requirements and serve diverse applications. Additionally, the variability in protocol implementations across different vendors, or even within products from the same vendor, complicates the identification of critical transitions, deadlocks, or livelocks. Addressing these issues is essential for developing a more resilient and compliant protocol ecosystem. Identifying and mitigating these vulnerabilities can enhance the security and reliability of Modbus-based systems, particularly as they become increasingly integrated into complex industrial and IoT environments.

4.2. Physical Testbed Results

To evaluate the Modbus protocol on the DUT, a purely physical OT network testbed performed 4000 cycles of Modbus requests for individually reading and writing single registers, function codes  0 × 04  and  0 × 06 , to characterize the device’s response and reliability during normal operations. These tests were then conducted with varying network traffic over the actual test network. First, tests were conducted with additional UDP and TCP packets sent to the device. However, the link reliability was only affected when a valid Modbus header was present without a valid Modbus device address. While this is not necessarily a normal network traffic characteristic, these tests help characterize the device’s response to possible false data injection attacks. The collected results can be seen in Figure 4.
This figure reveals a noteworthy trend in the device’s performance, indicating that even a relatively low frequency of errant packets can significantly degrade link reliability. Specifically, during the tests, it was observed that out of 4000 packets transmitted, 21 packets failed to receive a valid response. Despite this initial degradation in reliability, the impact did not worsen substantially as the frequency of attack packets increased. In fact, even with a higher volume of errant packets, 3920 of the packets still received valid responses, suggesting a degree of resilience within the system. This finding underscores the importance of understanding how even minimal disruptions in packet transmission can affect system performance, particularly in critical network applications where reliability is paramount. There is also a large drop shown between 40 packets per second and 50 packets per second. This is likely due to the limited number of samples, as 30 pps had 3970 successful responses, 40 pps had 3976 pps, and 50 pps exhibited 3950 pps. Given the small number of packet differences between these, the authors anticipate this curve would flatten out with additional samples.
The measured response times, as illustrated in Figure 5, show a high level of consistency across all tested traffic levels, further reinforcing the system’s ability to maintain stable performance under varied conditions. The figure presents both individual runs of traffic levels, plotted as lines in the figure, and the solid histogram, which represents the average response time across all tests. The average response distribution, derived from all measured samples, was employed in subsequent phases of network simulation and emulation. This distribution was particularly useful for these purposes, as it closely mirrors the latency characteristics observed in each individual test scenario, ensuring that the network simulations accurately reflected real-world performance under diverse conditions. Thus, the consistency of the latency distribution across different traffic scenarios provides a reliable basis for modeling and subsequent analysis from the perspective of network behavior and performance.
There is observable variation in the device’s response times under specific packet load conditions. The red line in Figure 5 represents the average response time when a single request is sent per packet. It demonstrates that the response time increases on average when additional request packets are sent per second. This variation is limited in the other tests performed.

4.3. Network Emulation

Network emulation is beneficial for increasingly complex networks and can minimize the investment required for concurrently measuring multiple devices’ performance. As shown in Figure 6, networks with increasingly complex topologies can be utilized to simulate on-device capabilities while outputting live packets for network emulation. However, a limitation of this setup is the ability to measure latency accurately within the simulation. Compared to the measured latency presented in the previous subsection, the packet latency in our initial network emulation tests always measured over 400 ms. Given this limitation, external tools such as tShark were utilized to compare and contrast measured results and ensure accurate measurements for the device under test.
In this example, each IED labeled as an ‘MbServer’ has characteristics of the physical device we tested on. Each device also has the ability to act with an external interface but only simulates packets. However, ‘MbServer3’ utilizes an external TCP socket created as outlined in Section 3 of this paper. This device acts as an endpoint for the network emulation, and any packet sent to this device’s address forwards the packet from simulation to a physical interface. As shown in Figure 7, these packets are transmitted on a physical interface in the same manner as the physical testbed.
The packet shown in Figure 7 contains critical information for correct device operation, such as transaction identifier, protocol identifier, and unit identifier. In this configuration, the source port, 44,402, is not filtered by the destination device, and thus, the destination port is the only element required to have a specific value—in this case, a value of 502 indicating Modbus/TCP.
The presented formal model shows that vulnerabilities within the protocol may occur during packet processing—characterized by the central state in the formal model. Upon testing with the network shown in Figure 7, the DUT was always able to recover from attack traffic, but did occasionally respond to packets that did not contain the correct unit ID. This demonstrates the existence of a potential implementation issue, which in turn may be viewed as a vulnerability in the implementation of Modbus on the device, thereby validating this evaluation framework’s effectiveness and accuracy. However, we would be remiss if we did not mention that under regular operating conditions, traffic like this is unlikely to occur without being detected in production environments.

4.4. Network Simulation

The results from the network latency measurements were used to perform curve fitting, as detailed in the Methodology section of this paper. Using the Maximum Likelihood Estimation (MLE) method, the parameters of the log-normal distribution were estimated, yielding values of  μ ^ = 3.507 ms  and  σ ^ = 0.384 ms . These parameters characterize the underlying distribution of the measured latency data, and the resulting curve fit is shown in Figure 8.
While the fitted log-normal distribution does not perfectly mirror the measured response times, it provides a closer overall approximation of the device’s behavior than would be possible with simulations based on random values. This approach offers a more accurate representation of the latency characteristics observed in real-world conditions and serves as a valuable tool for network emulation, particularly in cases where it is important to model latency with a degree of statistical rigor.
Following the curve fitting analysis, the next step in the study involved the implementation of OT protocol support within the INET framework, a crucial step for simulating industrial network environments. This was achieved through C++ programming, which enabled the development of an application layer positioned above the physical, link, and transport layers defined in the TCP. Support for key industrial communication protocols, specifically IEC-61850 GOOSE and Modbus/TCP, was incorporated into the device models as shown in Figure 9. The addition of these protocols allowed for realistic simulation of industrial control and automation systems within OMNeT++/INET. Furthermore, the modular nature of the INET and OMNeT++ frameworks ensures that expansion to additional protocols is straightforward, allowing the inclusion of other industrial communication standards in future work.
Once the framework for an Intelligent Electronic Device (IED) was established within the simulation software, latency response times were generated for each packet that closely aligned with the log-normal distribution and our observed values. Additionally, packets were randomly selected for drop events to replicate the link reliability characteristics observed in Figure 4. The results from the simulated IED are presented in Figure 10, demonstrating the simulation’s ability to closely replicate the physical device’s operational characteristics. These findings highlight the simulation framework’s effectiveness in producing results consistent with the device’s real-world behavior. This capability can also be expanded to verify the presence of any vulnerabilities predicted by formal modeling, such as for incorrect responses to packets.

4.5. Vulnerability Results

Since the results of this paper focus on evaluating our framework within the context of the Modbus protocol, increased interest was placed on the critical transitions of the device processing and timeouts when receiving valid and invalid attack packets, as shown in Figure 11. Of particular interest was the ability of the DUT to filter incorrect packets and maintain the responses to valid packets. At the beginning of each test, the configuration of the specific test is saved, allowing for replication of any discovered vulnerabilities. This also allows a user to re-run and capture any traffic sent on the network.
During our testing, the device was only abnormally affected when correct Modbus headers were sent, as outlined in Figure 4. However, another interesting issue arose when the device did not respond to valid packet headers, an exception was returned for the attack traffic, as shown in Figure 12. This response is unexpected, as the transaction identifier and unit identifier were incorrect for the device’s Modbus configuration. To mitigate the impact of packets that degrade link reliability, it is essential to implement practical strategies that can enhance the resilience of communication systems in real-world deployments. One such strategy is the use of redundancy, where multiple copies of critical packets are transmitted to ensure device operation in applications that are not time-sensitive. Additionally, adopting a defense-in-depth approach, which involves layering multiple security and reliability measures, can help further safeguard the network and ensure malicious packets are not transmitted to an endpoint. This could include error detection and correction protocols, traffic prioritization, and congestion management. Furthermore, utilizing adaptive communication strategies, such as dynamically adjusting the packet size or transmission rate based on network conditions, can ensure better performance under fluctuating conditions.
From the results collected in Table 1, we can see that these invalid responses were only obtained when 10 packets or more per second were injected into the connection, and these responses were only generated when a valid Modbus application header was present with a valid protocol identifier. This illustrates the ability to detect incorrect or incomplete protocol implementations.
The results presented in this section demonstrate the effectiveness and feasibility of the proposed framework in detecting errors that arise from device implementations of protocol specifications. This capability is of paramount importance for ensuring the seamless interoperability of devices within distributed networks. By employing formal modeling techniques, the framework is able to pinpoint critical transitions within the device implementations that could potentially lead to vulnerabilities. Additionally, the physical testbed plays a key role in generating reproducible test scenarios that simulate real-world conditions, allowing for the validation of a device’s operation under varying network loads. The insights and results obtained from these tests can then be directly translated into high-fidelity network simulations, providing a comprehensive understanding of device performance and potential issues in realistic network environments.

5. Future Work

While this work primarily investigates the efficacy of our framework from the perspective of the Modbus protocol and its evaluation against a specific IED, the insights gained from the framework’s end-to-end evaluation process nonetheless offer valuable implications for analyzing other session-based protocols within OT systems. Our results demonstrate the ability to detect vulnerabilities and other areas of concern—both within the protocol and its implementation.
The application of formal models to identify critical transition states in Modbus demonstrates the potential for this approach to also be applied to a broader range of OT communication standards. Additionally, expanding the use of formal methods to explore the behavior of additional OT protocols could, in turn, help enhance the robustness and scalability of this framework, facilitating its wider adoption across various industrial applications. However, mapping from protocol specifications to formal models can be complex and time-consuming; thus, integrating artificial intelligence techniques could streamline this process. Machine learning algorithms, for example, could assist in identifying patterns in protocol behavior and automatically generating or refining formal models, making the framework more accessible and efficient for broader protocol support.
In terms of simulation capabilities, one limitation of the current framework is that the OMNeT++ real-time simulator can at times struggle to accurately measure the time between packets in high-fidelity network environments. To address this, additional software tools were integrated during the network emulation stage to collect packet response timings, but improving OMNeT++’s native capabilities to handle such metrics would increase the precision and realism of the simulation. Furthermore, the current framework is only compatible with Linux platforms due to reliance on specific system-level features such as namespace creation that are not supported on Windows systems. Expanding compatibility to include other operating systems would enhance the framework’s accessibility and facilitate broader deployment.
Looking forward, supporting additional IoT protocols such as MQTT and Thread presents an exciting opportunity for future work. These protocols are widely used in modern IoT ecosystems and are critical to the operation of numerous smart devices and sensor networks. Integrating them into the framework would extend its applicability and improve its utility in simulating diverse and heterogeneous IoT environments. Furthermore, it would be valuable to explore the use of the framework in the context of emerging IIoT protocols and technologies that require high scalability, low-latency communication, and robust security features. As the number and complexity of interconnected devices continue to grow, the ability to simulate and test such systems in a controlled environment will become increasingly important to ensure their reliability, security, and performance.
Additionally, future efforts will focus on improving the integration of formal methods with real-time emulation, potentially combining hybrid approaches that leverage both formal verification and empirical testing to create a more comprehensive evaluation framework. This could involve integrating additional testing tools, such as fuzzing techniques or security vulnerability scanners, to complement the existing simulation and emulation capabilities. Finally, the development of a more user-friendly interface and automated reporting tools for this framework could further facilitate its adoption by industrial practitioners, enabling more streamlined evaluation and deployment of OT and IoT systems.

6. Conclusions

In this paper, we presented an end-to-end framework for evaluating OT protocols and their on-device implementations within IIoT environments. The convergence of IT and OT systems has introduced significant opportunities for enhanced efficiency and control, but has also exposed these systems to new vulnerabilities, particularly in the realm of network security and communication reliability. Our proposed framework addresses these challenges by combining formal modeling, a physical testbed with HIL network emulation, and fully virtual network simulation to offer a comprehensive approach for identifying and verifying protocol and implementation vulnerabilities and for evaluating device behavior and protocol performance in realistic IIoT network scenarios.
Using the CADP toolset and the LNT specification language, we identified critical transition states within an OT protocol, Modbus, that subsequently served as a basis for device testing. To accurately represent the device under test, this frame uses realtime network emulation combined with the physical DUT to conduct device profiling—measuring the device behavior under a variety of network conditions. To then evaluate various network topologies, application scenarios, etc., our framework integrates the obtained device profile into a real-time simulation framework using OMNeT++, which allows us to replicate individual devices and evaluate their behavior in a simulated IIoT network. This process not only provides valuable insights into the interoperability of various devices but also helps identify potential performance bottlenecks and verify the existence of security vulnerabilities before deployment in live environments.
Integrating network simulation and emulation into the testing process proves to be a crucial step in improving the reliability, security, and scalability of IIoT systems. By enabling pre-deployment evaluation of OT protocols under various conditions, our framework offers a cost-effective and efficient alternative to traditional physical testbeds, helping organizations reduce both financial and time-related risks. Additionally, the ability to simulate and test against potential cyber threats and performance disruptions ensures that systems are robust and secure in the face of emerging cybersecurity challenges. Future work will focus on expanding the framework to incorporate a broader range of OT protocols, scaling it to larger, more complex IIoT networks, and further enhancing its ability to replicate real-world attack scenarios accurately and reliably. Through these advancements, we aim to further support the safe and effective deployment of OT systems within increasingly interconnected industrial environments, especially in critical infrastructure sectors.

Author Contributions

Investigation, M.B., M.H. and H.S.; writing—original draft preparation, M.B. and M.H.; writing—review and editing, M.B., M.H. and H.S.; supervision, H.S. and M.H.; project administration, H.S. and M.H.; funding acquisition, H.S. and M.H. All authors have read and agreed to the published version of the manuscript.

Funding

This research was partially funded by the University of Nebraska-Lincoln’s Nebraska Center for Energy Sciences Research (NCESR) under Cycle 16 Grant# 20-706.

Data Availability Statement

The data presented in this study are part of an ongoing research effort and are available on request from the corresponding author.

Conflicts of Interest

The authors declare no conflicts of interest.

References

  1. Maleh, Y. IT/OT convergence and cyber security. Comput. Fraud Secur. 2021, 2021, 13–16. [Google Scholar] [CrossRef]
  2. Boeding, M.; Boswell, K.; Hempel, M.; Sharif, H.; Lopez, J., Jr.; Perumalla, K. Survey of cybersecurity governance, threats, and countermeasures for the power grid. Energies 2022, 15, 8692. [Google Scholar] [CrossRef]
  3. Li, S.; Xu, L.D.; Zhao, S. 5G Internet of Things: A survey. J. Ind. Inf. Integr. 2018, 10, 1–9. [Google Scholar] [CrossRef]
  4. Ihirwe, F.; Di Ruscio, D.; Di Blasio, K.; Gianfranceschi, S.; Pierantonio, A. Supporting model-based safety analysis for safety-critical IoT systems. J. Comput. Lang. 2024, 78, 101243. [Google Scholar] [CrossRef]
  5. Xu, H.; Wu, J.; Pan, Q.; Guan, X.; Guizani, M. A Survey on Digital Twin for Industrial Internet of Things: Applications, Technologies and Tools. IEEE Commun. Surv. Tutor. 2023, 25, 2569–2598. [Google Scholar] [CrossRef]
  6. VEDERE LABS. OT-Icefall: The Legacy of “Insecure by Design” and Its Implications for Certifications and Risk Management. 2022. Available online: https://www.forescout.com/resources/ot-icefall-report/ (accessed on 10 October 2023).
  7. Jeffrey, N.; Tan, Q.; Villar, J.R. Simulators and Testbeds for IIoT Development and Validation. In Proceedings of the 2022 IEEE International IOT, Electronics and Mechatronics Conference (IEMTRONICS), Toronto, ON, Canada, 1–4 June 2022; IEEE: Piscataway, NJ, USA, 2022; pp. 1–5. [Google Scholar]
  8. Varga, A. OMNeT++. In Modeling and Tools for Network Simulation; Springer: Berlin/Heidelberg, Germany, 2010; pp. 35–59. [Google Scholar]
  9. INET Framework. INET. Available online: https://inet.omnetpp.org/ (accessed on 14 March 2024).
  10. Angelis, I.; Tsipis, A.; Christopoulou, E.; Oikonomou, K. TCP Cubic Implementation in the OMNeT++ INET Framework for SIoT Simulation Scenarios. In Proceedings of the International Conference on Collaborative Computing: Networking, Applications and Worksharing, Austin, TX, USA, 20–23 October 2013; Springer: Cham, Switzerland, 2023; pp. 18–37. [Google Scholar]
  11. Gomez, D.L.; Montoya, G.A.; Lozano-Garzon, C.; Donoso, Y. Strategies for assuring low latency, scalability and interoperability in edge computing and TSN networks for critical IIoT services. IEEE Access 2023, 11, 42546–42577. [Google Scholar] [CrossRef]
  12. Liu, H.H.; Senk, S.; Ulbricht, M.; Nazari, H.K.; Scheinert, T.; Reisslein, M.; Nguyen, G.T.; Fitzek, F.H. Improving TSN Simulation Accuracy in OMNeT++: A Hardware-Aligned Approach. IEEE Access 2024, 12, 79937–79956. [Google Scholar] [CrossRef]
  13. Lin, C.C.; Tsai, C.T.; Liu, Y.L.; Chang, T.T.; Chang, Y.S. Security and privacy in 5G-IIoT smart factories: Novel approaches, trends, and challenges. Mob. Netw. Appl. 2023, 28, 1043–1058. [Google Scholar] [CrossRef]
  14. Amoah, R.; Camtepe, S.; Foo, E. Formal modelling and analysis of DNP3 secure authentication. J. Netw. Comput. Appl. 2016, 59, 345–360. [Google Scholar] [CrossRef]
  15. Nardone, R.; Rodríguez, R.J.; Marrone, S. Formal security assessment of Modbus protocol. In Proceedings of the 2016 11th International Conference for Internet Technology and Secured Transactions (ICITST), Barcelona, Spain, 5–7 December 2016; pp. 142–147. [Google Scholar] [CrossRef]
  16. Malakuti, S.; Grüner, S. Architectural aspects of digital twins in IIoT systems. In Proceedings of the 12th European Conference on Software Architecture: Companion Proceedings, ECSA’18, Madrid, Spain, 24–28 September 2018. [Google Scholar] [CrossRef]
  17. Chatterjee, A.; Ahmed, B.S. IoT anomaly detection methods and applications: A survey. Internet Things 2022, 19, 100568. [Google Scholar] [CrossRef]
  18. Wang, G.; Zhuang, L.; Liu, T.; Li, S.; Yang, S.; Lan, J. Formal analysis and verification of industrial control system security via timed automata. In Proceedings of the 2020 International Conference on Internet of Things and Intelligent Applications (ITIA), Zhenjiang, China, 27–29 November 2020; pp. 1–5. [Google Scholar] [CrossRef]
  19. Federici, F.; Martintoni, D.; Senni, V. A zero-trust architecture for remote access in industrial IoT infrastructures. Electronics 2023, 12, 566. [Google Scholar] [CrossRef]
  20. Jha, S.B.; Babiceanu, R.F.; Seker, R. Formal modeling of cyber-physical resource scheduling in IIoT cloud environments. J. Intell. Manuf. 2020, 31, 1149–1164. [Google Scholar] [CrossRef]
  21. Kherbache, M.; Ahmed, A.; Maimour, M.; Rondeau, E. Constructing a Network Digital Twin through formal modeling: Tackling the virtual–real mapping challenge in IIoT networks. Internet Things 2023, 24, 101000. [Google Scholar] [CrossRef]
  22. Muthukumar, N.; Srinivasan, S.; Ramkumar, K.; Pal, D.; Vain, J.; Ramaswamy, S. A model-based approach for design and verification of Industrial Internet of Things. Future Gener. Comput. Syst. 2019, 95, 354–363. [Google Scholar]
  23. Boeding, M.; Hempel, M.; Sharif, H. Vulnerability Identification of Operational Technology Protocol Specifications Through Formal Modeling. In Proceedings of the 2023 16th International Conference on Signal Processing and Communication System (ICSPCS), Bydgoszcz, Poland, 6–8 September 2023; pp. 1–6. [Google Scholar] [CrossRef]
  24. Boeding, M.; Hempel, M.; Sharif, H.; Lopez, J.; Perumalla, K. A flexible OT testbed for evaluating on-device implementations of IEC-61850 GOOSE. Int. J. Crit. Infrastruct. Prot. 2023, 42, 100618. [Google Scholar] [CrossRef]
  25. Garavel, H.; Lang, F.; Mateescu, R.; Serwe, W. Is CADP an Applicable Formal Method? arXiv 2021, arXiv:2111.08203. [Google Scholar] [CrossRef]
  26. Champelovier, D.; Clerc, X.; Garavel, H.; Guerte, Y.; Lang, F.; McKinty, C.; Powazny, V.; Serwe, W.; Smeding, G. Reference Manual of the LOTOS NT to LOTOS Translator, Version 7.2; 2023. Available online: https://cadp.inria.fr/ftp/publications/cadp/Garavel-Lang-Mateescu-Serwe-21.pdf (accessed on 7 April 2024).
  27. Larrenie, P.; Bercher, J.F.; Venard, O.; Lahsen-Cherif, I. Low Complexity Approaches for End-to-End Latency Prediction. In Proceedings of the 2022 13th International Conference on Computing Communication and Networking Technologies (ICCCNT), Kharagpur, India, 3–5 October 2022; pp. 1–6. [Google Scholar] [CrossRef]
Figure 1. Framework overview.
Figure 1. Framework overview.
Futureinternet 17 00034 g001
Figure 2. Network emulation overview.
Figure 2. Network emulation overview.
Futureinternet 17 00034 g002
Figure 3. States of Modbus formal model-single transaction (61 states).
Figure 3. States of Modbus formal model-single transaction (61 states).
Futureinternet 17 00034 g003
Figure 4. Link reliability under network load.
Figure 4. Link reliability under network load.
Futureinternet 17 00034 g004
Figure 5. Response time to Modbus packets.
Figure 5. Response time to Modbus packets.
Futureinternet 17 00034 g005
Figure 6. Sample Scada network with OT protocol support.
Figure 6. Sample Scada network with OT protocol support.
Futureinternet 17 00034 g006
Figure 7. Packet from network emulation.
Figure 7. Packet from network emulation.
Futureinternet 17 00034 g007
Figure 8. Curve fitting results for device response.
Figure 8. Curve fitting results for device response.
Futureinternet 17 00034 g008
Figure 9. Intelligent electronic device configuration.
Figure 9. Intelligent electronic device configuration.
Futureinternet 17 00034 g009
Figure 10. Network simulation of device.
Figure 10. Network simulation of device.
Futureinternet 17 00034 g010
Figure 11. Modbus device states.
Figure 11. Modbus device states.
Futureinternet 17 00034 g011
Figure 12. Incorrect device response.
Figure 12. Incorrect device response.
Futureinternet 17 00034 g012
Table 1. Modbus invalid packet responses vs. attack traffic.
Table 1. Modbus invalid packet responses vs. attack traffic.
Packets per Second51020304050607080
Invalid Responses03230302449484981
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

Share and Cite

MDPI and ACS Style

Boeding, M.; Hempel, M.; Sharif, H. End-to-End Framework for Identifying Vulnerabilities of Operational Technology Protocols and Their Implementations in Industrial IoT. Future Internet 2025, 17, 34. https://doi.org/10.3390/fi17010034

AMA Style

Boeding M, Hempel M, Sharif H. End-to-End Framework for Identifying Vulnerabilities of Operational Technology Protocols and Their Implementations in Industrial IoT. Future Internet. 2025; 17(1):34. https://doi.org/10.3390/fi17010034

Chicago/Turabian Style

Boeding, Matthew, Michael Hempel, and Hamid Sharif. 2025. "End-to-End Framework for Identifying Vulnerabilities of Operational Technology Protocols and Their Implementations in Industrial IoT" Future Internet 17, no. 1: 34. https://doi.org/10.3390/fi17010034

APA Style

Boeding, M., Hempel, M., & Sharif, H. (2025). End-to-End Framework for Identifying Vulnerabilities of Operational Technology Protocols and Their Implementations in Industrial IoT. Future Internet, 17(1), 34. https://doi.org/10.3390/fi17010034

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop