DefinePK

Abstract

Industrial Control System (ICS) plays a vital role in industries as it controls industrial processes such as power plants, food production, transportation, water and gas distribution etc. Similarly Building Automation System (BAS) is utilized for control, energy efficiency and conservation of modern buildings. As both BAS and ICS systems are becoming increasingly interconnected with networking technologies and becoming a lucrative target for attacks thus pose a serious threat to the infrastructure they control. ICS and BAS networks have been using legacy protocols with implementation of ICT protocols and technologies to be connected with modern networks. Thus, they have lack of security implementation. This paper presented a test-bed for testing vulnerabilities in Modbus protocol on HVAC control system. Two MITM attack scenarios were discussed and performed to demonstrate the weakness in the Modbus TCP protocol. The proposed system was tested using EasyIO-FS-32 server class controller having Modbus RTU, TCP and BACnet MSTP, TCP.