摘要
面对日益严峻的网络安全形势,分析对工业控制系统开展模糊测试的意义,研究网络协议模糊测试的理论基础,设计一种模糊测试框架,根据框架对广泛应用的工控设备进行安全性测试,发现潜在安全风险,以便及时采取风险应对措施,防止安全风险被进一步利用,降低工业控制系统安全风险被利用的概率。
Facing the increasingly serious network security situation,this paper analyzes the significance of fuzzy testing for industrial control systems,studies the theoretical basis of network protocol fuzzy testing,and designs a fuzzy testing framework.According to the framework,the safety test of widely used industrial control equipment is carried out,and potential safety risks are discovered,so that risk response measures can be taken in time to prevent further use of safety risks and reduce the probability of using safety risks of industrial control systems.
作者
崔欣
温彦龙
CUI Xin;WEN-Yan long(China National Intellectual Property Administration,Beijing 100083,China;China Electronics Corporation,Beijing 100190,China)
出处
《信息安全与通信保密》
2018年第9期73-78,共6页
Information Security and Communications Privacy
关键词
工业控制系统
模糊性测试
漏洞挖掘
industrial control
fuzzy testing
vulnerability mining
