Secure Parsers for EDS Protocols
Parsers represent a large potential attack surface in ICS, as incorrect or ill-defined parsers can allow malformed or malicious packets to negatively impact a piece of equipment. To limit this problem, we are constructing an easy-to-use tool for constructing hardened SCADA/ICS protocol parsers. This tool is useful for anyone constructing or adopting a protocol for ICS operation, as it allows them to specifically define the protocol messages they accept and reject incorrect packets that do not meet this specification.
In addition to the existing DNP3, C37.118, and MQTT capabilities, we are currently in the process of adding Modbus and IEC 61850 GOOSE messaging support to our tool. We remain on track to meet our deliverable milestones.
Parsers and Readiness Status
- DNP3 – Available
- MQTT – Available
- IEC C37.118 – Available
- 61850 Goose – In Development
- Modbus – In Development
For more information about this technology or opportunities for industrial collaboration, contact Prashant Anantharaman. More information is also available on the Related Research Activity page.