CHAPTER 7

ICS “ZERO-DAY” VULNERABILITY RESEARCH

If your goal is to keep a collection of ICS equipment and software secure by keeping up to date with the latest patches and workarounds, then you have two options. First, you can regularly visit the vendors’ and ICS-CERT websites for notifications of new versions, patches, and recommended actions to stay secure, which is a reactive approach to security. Second, you can go looking for the bugs yourself.

image

Before we begin, I need to mention that it is important to follow responsible disclosure practices when you discover zero-day vulnerabilities. Always attempt to work with the vendor first in an ...

Get Hacking Exposed Industrial Control Systems: ICS and SCADA Security Secrets & Solutions now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.