The OPC UA protocol is an upcoming de-facto standard for building Industry 4.0 processes in Europe, and one of the few industrial protocols that promises security features to prevent attackers from manipulating and damaging critical infrastructures. Despite the importance of the protocol, challenges in the adoption of OPC UA's security features by product vendors, libraries implementing the standard, and end-users were not investigated so far.
In this work, we systematically investigate 48 publicly available artifacts consisting of products and libraries for OPC UA and show that 38 out of the 48 artifacts have one (or more) security issues. We show that 7 OPC UA artifacts do not support the security features of the protocol at all. In addition, 31 artifacts that partially feature OPC UA security rely on incomplete libraries and come with misleading instructions. Consequently, relying on those products and libraries will result in vulnerable implementations of OPC UA security features. To verify our analysis, we design, implement, and demonstrate attacks in which the attacker can steal credentials exchanged between victims, eavesdrop on process information, manipulate the physical process through sensor values and actuator commands, and prevent the detection of anomalies.
History
Preferred Citation
Alessandro Erba, Anne Müller and Nils Tippenhauer. Security Analysis of Vendor Implementations of the OPC UA Protocol for Industrial Control Systems. In: Joint Workshop on CPS & IoT Security and Privacy (CPSIoTSec). 2022.
Primary Research Area
Secure Connected and Mobile Systems
Name of Conference
Joint Workshop on CPS & IoT Security and Privacy (CPSIoTSec)
Legacy Posted Date
2022-09-23
Open Access Type
Unknown
BibTeX
@inproceedings{cispa_all_3789,
title = "Security Analysis of Vendor Implementations of the OPC UA Protocol for Industrial Control Systems",
author = "Erba, Alessandro and Müller, Anne and Tippenhauer, Nils Ole",
booktitle="{Joint Workshop on CPS & IoT Security and Privacy (CPSIoTSec)}",
year="2022",
}