View/Download
PDF (Español (España))
FLIP
How to Cite
Santander Peláez, M. H., & Sánchez, M. (2016). Herramientas DNP3 pentesting para redes de infraestructura critica. Ingenierías USBmed, 7(1), 47–54. https://doi.org/10.21500/20275846.2487
More Citation Formats
License terms
▼
This journal provides immediately free access to its contents under the principle that make available the research results for free to the public, helps for a greater global exchange of knowledge.
Therefore, the journal invokes the Creative Commons 4.0
License attributions: Recognition – Non-commertial - Share equal. Commercial use and distribution of original or derivative works are not permitted and must be done with a equal license as the one that regulate the original work.
Abstract
Este artículo presenta un conjunto de herramientas de software que son capaces de realizar actividades Pentesting en la infraestructura crítica del sector eléctrico mediante el protocolo DNP3. Las herramientas son capaces de comprobar la capacidad de los controles de seguridad cibernética en el interior del perímetro de la red para evitar cualquier comando sensible falsificado pueda llegar a cualquier controlador de subestación
References
[1] K. Stouffer, J. Falco and K. Scarfone, Guide to Industrial Control Systems (ICS) Security. Gaithersburg, MD: National Institute of Standards and Technology, pp 2, 19. 2011
[2] T. J. Williams, The Purdue Enterprise Reference Architecture and Methodology (PERA). Information Infrastructure Systems for Manufacturing II. John Mills and Fumihiko Kimura, eds. 1998
[3] G. Weidman, Penetration Testing: a Hands-On Introduction to Hacking, No Starch Press, pp131, 2014.
[4] A. Pauna, K. Moulinos, Window of exposure … a real problem for SCADA Systems?. European Union Agency for Network and Information Security, pp 1. 2013,
[5] J. Searle, NESCOR Guide to Penetration Testing for Electric Utilities, National Electric Sector Cybersecurity Organization Resource, pp 8, 51
[6] M. Barceló, P. Herzog, The Open Source Security Testing Methology Manual, ISECOM, pp 35, 47. 2002
[7] M. Meucci, A. Muller, OWASP Testing Guide V. 4.0, Open Web Application Security Project, pp 30, 36.
[8] D. Reynders, S. Mackay, E. Wright, Practical Industrial Data Communications, Newnes, pp 149-181, 2005
[2] T. J. Williams, The Purdue Enterprise Reference Architecture and Methodology (PERA). Information Infrastructure Systems for Manufacturing II. John Mills and Fumihiko Kimura, eds. 1998
[3] G. Weidman, Penetration Testing: a Hands-On Introduction to Hacking, No Starch Press, pp131, 2014.
[4] A. Pauna, K. Moulinos, Window of exposure … a real problem for SCADA Systems?. European Union Agency for Network and Information Security, pp 1. 2013,
[5] J. Searle, NESCOR Guide to Penetration Testing for Electric Utilities, National Electric Sector Cybersecurity Organization Resource, pp 8, 51
[6] M. Barceló, P. Herzog, The Open Source Security Testing Methology Manual, ISECOM, pp 35, 47. 2002
[7] M. Meucci, A. Muller, OWASP Testing Guide V. 4.0, Open Web Application Security Project, pp 30, 36.
[8] D. Reynders, S. Mackay, E. Wright, Practical Industrial Data Communications, Newnes, pp 149-181, 2005
Downloads
Download data is not yet available.
Cited by
