End-to-End Framework for Identifying Vulnerabilities of Operational Technology Protocols and Their Implementations in Industrial IoT
Abstract
:1. Introduction
Motivation
2. Related Works
3. Methodology
3.1. Formal Modeling
3.2. Physical Testbed
3.3. Network Simulation
3.4. Vulnerability Verification
4. Results
4.1. Formal Model
4.2. Physical Testbed Results
4.3. Network Emulation
4.4. Network Simulation
4.5. Vulnerability Results
5. Future Work
6. Conclusions
Author Contributions
Funding
Data Availability Statement
Conflicts of Interest
References
- Maleh, Y. IT/OT convergence and cyber security. Comput. Fraud Secur. 2021, 2021, 13–16. [Google Scholar] [CrossRef]
- Boeding, M.; Boswell, K.; Hempel, M.; Sharif, H.; Lopez, J., Jr.; Perumalla, K. Survey of cybersecurity governance, threats, and countermeasures for the power grid. Energies 2022, 15, 8692. [Google Scholar] [CrossRef]
- Li, S.; Xu, L.D.; Zhao, S. 5G Internet of Things: A survey. J. Ind. Inf. Integr. 2018, 10, 1–9. [Google Scholar] [CrossRef]
- Ihirwe, F.; Di Ruscio, D.; Di Blasio, K.; Gianfranceschi, S.; Pierantonio, A. Supporting model-based safety analysis for safety-critical IoT systems. J. Comput. Lang. 2024, 78, 101243. [Google Scholar] [CrossRef]
- Xu, H.; Wu, J.; Pan, Q.; Guan, X.; Guizani, M. A Survey on Digital Twin for Industrial Internet of Things: Applications, Technologies and Tools. IEEE Commun. Surv. Tutor. 2023, 25, 2569–2598. [Google Scholar] [CrossRef]
- VEDERE LABS. OT-Icefall: The Legacy of “Insecure by Design” and Its Implications for Certifications and Risk Management. 2022. Available online: https://www.forescout.com/resources/ot-icefall-report/ (accessed on 10 October 2023).
- Jeffrey, N.; Tan, Q.; Villar, J.R. Simulators and Testbeds for IIoT Development and Validation. In Proceedings of the 2022 IEEE International IOT, Electronics and Mechatronics Conference (IEMTRONICS), Toronto, ON, Canada, 1–4 June 2022; IEEE: Piscataway, NJ, USA, 2022; pp. 1–5. [Google Scholar]
- Varga, A. OMNeT++. In Modeling and Tools for Network Simulation; Springer: Berlin/Heidelberg, Germany, 2010; pp. 35–59. [Google Scholar]
- INET Framework. INET. Available online: https://inet.omnetpp.org/ (accessed on 14 March 2024).
- Angelis, I.; Tsipis, A.; Christopoulou, E.; Oikonomou, K. TCP Cubic Implementation in the OMNeT++ INET Framework for SIoT Simulation Scenarios. In Proceedings of the International Conference on Collaborative Computing: Networking, Applications and Worksharing, Austin, TX, USA, 20–23 October 2013; Springer: Cham, Switzerland, 2023; pp. 18–37. [Google Scholar]
- Gomez, D.L.; Montoya, G.A.; Lozano-Garzon, C.; Donoso, Y. Strategies for assuring low latency, scalability and interoperability in edge computing and TSN networks for critical IIoT services. IEEE Access 2023, 11, 42546–42577. [Google Scholar] [CrossRef]
- Liu, H.H.; Senk, S.; Ulbricht, M.; Nazari, H.K.; Scheinert, T.; Reisslein, M.; Nguyen, G.T.; Fitzek, F.H. Improving TSN Simulation Accuracy in OMNeT++: A Hardware-Aligned Approach. IEEE Access 2024, 12, 79937–79956. [Google Scholar] [CrossRef]
- Lin, C.C.; Tsai, C.T.; Liu, Y.L.; Chang, T.T.; Chang, Y.S. Security and privacy in 5G-IIoT smart factories: Novel approaches, trends, and challenges. Mob. Netw. Appl. 2023, 28, 1043–1058. [Google Scholar] [CrossRef]
- Amoah, R.; Camtepe, S.; Foo, E. Formal modelling and analysis of DNP3 secure authentication. J. Netw. Comput. Appl. 2016, 59, 345–360. [Google Scholar] [CrossRef]
- Nardone, R.; Rodríguez, R.J.; Marrone, S. Formal security assessment of Modbus protocol. In Proceedings of the 2016 11th International Conference for Internet Technology and Secured Transactions (ICITST), Barcelona, Spain, 5–7 December 2016; pp. 142–147. [Google Scholar] [CrossRef]
- Malakuti, S.; Grüner, S. Architectural aspects of digital twins in IIoT systems. In Proceedings of the 12th European Conference on Software Architecture: Companion Proceedings, ECSA’18, Madrid, Spain, 24–28 September 2018. [Google Scholar] [CrossRef]
- Chatterjee, A.; Ahmed, B.S. IoT anomaly detection methods and applications: A survey. Internet Things 2022, 19, 100568. [Google Scholar] [CrossRef]
- Wang, G.; Zhuang, L.; Liu, T.; Li, S.; Yang, S.; Lan, J. Formal analysis and verification of industrial control system security via timed automata. In Proceedings of the 2020 International Conference on Internet of Things and Intelligent Applications (ITIA), Zhenjiang, China, 27–29 November 2020; pp. 1–5. [Google Scholar] [CrossRef]
- Federici, F.; Martintoni, D.; Senni, V. A zero-trust architecture for remote access in industrial IoT infrastructures. Electronics 2023, 12, 566. [Google Scholar] [CrossRef]
- Jha, S.B.; Babiceanu, R.F.; Seker, R. Formal modeling of cyber-physical resource scheduling in IIoT cloud environments. J. Intell. Manuf. 2020, 31, 1149–1164. [Google Scholar] [CrossRef]
- Kherbache, M.; Ahmed, A.; Maimour, M.; Rondeau, E. Constructing a Network Digital Twin through formal modeling: Tackling the virtual–real mapping challenge in IIoT networks. Internet Things 2023, 24, 101000. [Google Scholar] [CrossRef]
- Muthukumar, N.; Srinivasan, S.; Ramkumar, K.; Pal, D.; Vain, J.; Ramaswamy, S. A model-based approach for design and verification of Industrial Internet of Things. Future Gener. Comput. Syst. 2019, 95, 354–363. [Google Scholar]
- Boeding, M.; Hempel, M.; Sharif, H. Vulnerability Identification of Operational Technology Protocol Specifications Through Formal Modeling. In Proceedings of the 2023 16th International Conference on Signal Processing and Communication System (ICSPCS), Bydgoszcz, Poland, 6–8 September 2023; pp. 1–6. [Google Scholar] [CrossRef]
- Boeding, M.; Hempel, M.; Sharif, H.; Lopez, J.; Perumalla, K. A flexible OT testbed for evaluating on-device implementations of IEC-61850 GOOSE. Int. J. Crit. Infrastruct. Prot. 2023, 42, 100618. [Google Scholar] [CrossRef]
- Garavel, H.; Lang, F.; Mateescu, R.; Serwe, W. Is CADP an Applicable Formal Method? arXiv 2021, arXiv:2111.08203. [Google Scholar] [CrossRef]
- Champelovier, D.; Clerc, X.; Garavel, H.; Guerte, Y.; Lang, F.; McKinty, C.; Powazny, V.; Serwe, W.; Smeding, G. Reference Manual of the LOTOS NT to LOTOS Translator, Version 7.2; 2023. Available online: https://cadp.inria.fr/ftp/publications/cadp/Garavel-Lang-Mateescu-Serwe-21.pdf (accessed on 7 April 2024).
- Larrenie, P.; Bercher, J.F.; Venard, O.; Lahsen-Cherif, I. Low Complexity Approaches for End-to-End Latency Prediction. In Proceedings of the 2022 13th International Conference on Computing Communication and Networking Technologies (ICCCNT), Kharagpur, India, 3–5 October 2022; pp. 1–6. [Google Scholar] [CrossRef]
Packets per Second | 5 | 10 | 20 | 30 | 40 | 50 | 60 | 70 | 80 |
Invalid Responses | 0 | 32 | 30 | 30 | 24 | 49 | 48 | 49 | 81 |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2025 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Boeding, M.; Hempel, M.; Sharif, H. End-to-End Framework for Identifying Vulnerabilities of Operational Technology Protocols and Their Implementations in Industrial IoT. Future Internet 2025, 17, 34. https://doi.org/10.3390/fi17010034
Boeding M, Hempel M, Sharif H. End-to-End Framework for Identifying Vulnerabilities of Operational Technology Protocols and Their Implementations in Industrial IoT. Future Internet. 2025; 17(1):34. https://doi.org/10.3390/fi17010034
Chicago/Turabian StyleBoeding, Matthew, Michael Hempel, and Hamid Sharif. 2025. "End-to-End Framework for Identifying Vulnerabilities of Operational Technology Protocols and Their Implementations in Industrial IoT" Future Internet 17, no. 1: 34. https://doi.org/10.3390/fi17010034
APA StyleBoeding, M., Hempel, M., & Sharif, H. (2025). End-to-End Framework for Identifying Vulnerabilities of Operational Technology Protocols and Their Implementations in Industrial IoT. Future Internet, 17(1), 34. https://doi.org/10.3390/fi17010034