Text size
  • Small
  • Medium
  • Large
  • Standard
  • Blue text on blue
  • High contrast (Yellow text on black)
  • Blue text on beige

    Automated Asset Discovery in Industrial Control Systems - Exploring the Problem

    3rd International Symposium for ICS & SCADA Cyber Security Research 2015 (ICS-CSR 2015)

    17 - 18 September 2015, University of Applied Sciences Ingolstadt, Germany


    Adam Wedgbury & Kevin Jones



    Vulnerabilities within Industrial Control Systems (ICS) and Critical National Infrastructure (CNI) represent a significant safety, ecological and economical risk to owners, operators and nation states. Numerous examples from recent years are available to demonstrate that these vulnerabilities are being exploited by threat actors. One of the first steps required when securing legacy infrastructures is to obtain a complete asset (device) inventory, as is it impossible to protect a system without first understanding its content and connectivity. ICS environments offer significant challenges to the automated and safe discovery of network connected devices. Legacy ICS-based network services are often very fragile and networks are often sensitive to increased traffic, latency or interference, precluding the use of active scanning technologies. The decentralised nature of ICS traffic flows alongside the lack of capability of legacy network equipment make the use of standard passive scanning technologies difficult. This paper presents an overview and understanding of passive ICS discovery and provides the results of an experiment to show how existing passive scanning tools fare in an ICS environment in which port mirroring technologies are not ubiquitously supported.


    PDF file PDF Version of this Paper 719(kb)