A major trend (Industry 4.0) for our products is to include them in advanced networks with cloud connectivity all the way onto the factory floor and the sensor that are vital to production. This means new risks when the device is no longer protected on a private exclusive network. SICK is implementing the standard IEC 62443 “Security for industrial automation and control systems” to fulfill these requirements.
In order to build a secure device many aspects need to be considered. This thesis focuses on fuzzing and penetration testing of a protocol commonly used for industrial cameras called GenICam/GigEVision. This protocol is a UDP based configuration protocol.
The task is to design and implement a testing tool which can generate stimuli that will cause GenICam/GigEVision camera to crash, cause assertions, memory leaks, and/or other unexpected behavior. This tool will then be used to make fuzzing and penetration tests in order to evaluate the security of a GenICam/GigEVision simulator and real camera devices.
For more information, contact group Fredrik Claesson (Fredrik.email@example.com,) and apply below at "ANSÖKAN" before the 19th of October. Please notice: Application must include CV, Cover letter and LADOK (study results including courses).