HART as an Attack Vector

63 %
38 %
Information about HART as an Attack Vector

Published on March 11, 2014

Author: dgpeters

Source: slideshare.net


This excellent session by Alexander Bolshev (@dark_k3y) was a very pleasant surprise, and it's a bit frustrating that it is one of the three lost S4x14 videos.

We were concerned that it would be a bit S4x13 / insecure by design / low hanging fruit, but HART has received so little attention that we thought it was worth including in S4x14. HART is widely used in DCS to connect controllers and instruments. The HART Foundation says over 30 million HART devices are deployed.

Alexander covers the protocol in the early slides, but make sure you look at slides 16-21 where he shows how he can change the RTU's Polling Unit ID (who the RTU expects to poll it) to create a man-in-the-middle attack.

There are a number of other HART protocol attacks described, but I was most interested in his HRT Shield board - a high-power low-noise HART modem Arduino shield for sniffing, injecHng, and jamming current loop. He brought over some boards that we are building up to have in our Rack when we go out on an assessment.

I should note, mainly to avoid an email from Jeff, that WirelessHART has integrated security such as source/data authentication and encryption. As we walk through plants and factories we are seeing a number of these WirelessHART devices. They are easy to spot because they can be deployed in the most physically convenient place without worrying about wiring.

Add a comment

Related presentations

Presentación que realice en el Evento Nacional de Gobierno Abierto, realizado los ...

In this presentation we will describe our experience developing with a highly dyna...

Presentation to the LITA Forum 7th November 2014 Albuquerque, NM

Un recorrido por los cambios que nos generará el wearabletech en el futuro

Um paralelo entre as novidades & mercado em Wearable Computing e Tecnologias Assis...

Microsoft finally joins the smartwatch and fitness tracker game by introducing the...

Related pages

Heart Attack Images, Stock Pictures, Royalty Free Heart ...

Heart Attack Stock Photos and Images. 9,004 matches. ... Vectors. FOOTAGE. AUDIO. All Images . All Images; Photography; Vector Illustration; Footage ; Audio
Read more

S4x14 Week - Digital Bond's ICS Security Portal ...

Digital Bond was founded in 1998 and performed our first control system security assessment in the year 2000. Over the last sixteen years we have helped ...
Read more

ICSCorsair: How I will PWN your ERP through 4-20 mA ...

ICSCorsair: How I will PWN your ERP through ... 6 See the HART (in)security: how one transmitter can compromise whole plant and HART As An Attack Vector:
Read more

Added helper ruby scripts and MSF modules · Darkkey ...

This repository. Explore; Features; Enterprise; Pricing
Read more

Hart-aanval Stock Photos, Illustrations, and Vector Art

Hart-aanval stock photos, vectors and illustrations from Shutterstock, the world’s largest royalty-free image, ... heart attack and heart beats...
Read more

Heart Disease Images, Stock Pictures, Royalty Free Heart ...

... photos and vectors. ... Heart Disease Stock Photos and Images. ... Related Searches heart attack heart failure heart diabetes heart health cancer
Read more

Heart Clip Art, Photos, Vector Clipart, Royalty-Free ...

1399 heart clip art images found... 1 2 3 4 5 6 7 8 9 10... 56 Next. ... vector; birds; water; indian; shoes; bat; flag; cats; earth; Graphics Factory. New ...
Read more