CSPM EDP Sciences logo
Submit your paper
Sciengine logo
Search
Menu
All issues Volume 4 (2025) Security and Safety, 4 (2025) 2025012 References
Issue
Security and Safety
Volume 4, 2025
Security and Safety for Next Generation Industrial Systems
Article Number 2025012
Number of page(s) 37
Section Industrial Control
DOI https://doi.org/10.1051/sands/2025012
Published online 28 October 2025
  1. Cucinotta T, Mancina A and Anastasi GF et al. A real-time service-oriented architecture for industrial automation. IEEE Trans Indust Inf 2009; 5: 267–77. [Google Scholar]
  2. Liu L, Xu Z and Qu X. A reconfigurable architecture for industrial control systems: Overview and challenges. Machines 2024; 12: 793. [Google Scholar]
  3. McLaughlin S, Konstantinou C and Wang X et al. The cybersecurity landscape in industrial control systems. Proc IEEE 2016; 104: 1039–57. [Google Scholar]
  4. Kim KH, Kwak BI and Han ML et al. Intrusion detection and identification using tree-based machine learning algorithms on DCS network in the oil refinery. IEEE Trans Power Syst 2022; 37: 4673–82. [Google Scholar]
  5. Babayigit B and Abubaker M. Industrial internet of things: A review of improvements over traditional SCADA systems for industrial automation. IEEE Syst J 2024; 18: 120–33. [Google Scholar]
  6. Zhang Z, Deng R and Tian Y et al. SPMA: stealthy physics-manipulated attack and countermeasures in cyber-physical smart grid. IEEE Trans Inf Forensics Secur 2023; 18: 581–96. [Google Scholar]
  7. Ike M, Phan K and Sadoski K et al. Scaphy: detecting modern ICS attacks by correlating behaviors in SCADA and physical systems. In: Proc. 2023 IEEE Symposium on Security and Privacy (SP), 2023, 20–37. [Google Scholar]
  8. Kayan H, Nunes M and Rana O et al. Cybersecurity of industrial cyber-physical systems: A review. ACM Comput Surv 2022; 54: 229. [Google Scholar]
  9. Galloway B and Hancke GP. Introduction to industrial control networks. IEEE Commun Surv Tutorials 2013; 15: 860–80. [Google Scholar]
  10. Grand View Research. Industrial Automation and Control Systems Market Size, Share & Trends Analysis Report by Component (Industrial Robots, Control Valves), by Control System (DCS, PLC, SCADA), by End-use, by Region, and Segment Forecasts, 2025–2030. Report ID: GVR-4-68038-130-6, https://www.grandviewresearch.com/, last accessed 29 Mar. 2025. [Google Scholar]
  11. Wang FY. New control paradigm for industry 5.0: From big models to foundation control and management. IEEE/CAA J Autom Sin 2023; 10: 1643–46. [Google Scholar]
  12. Sasaki T, Fujita A, Gañán C H, et al. Exposed Infrastructures: Discovery, Attacks and Remediation of Insecure ICS Remote Management Devices. In: Proc. of 2022 IEEE Symposium on Security and Privacy (SP), 2022, 2379–96. [Google Scholar]
  13. Asghar MR, Hu Q and Zeadally S. Cybersecurity in industrial control systems: Issues, technologies, and challenges. Comput Networks 2019; 165: 106946. [Google Scholar]
  14. Zhou CJ, Li XH and Yang SH et al. Risk-based security task scheduling in industrial control systems considering safety. IEEE Trans Indust Inf 2020; 16: 3112–23. [Google Scholar]
  15. Zhang Q, Zhou CJ and Xiong NX et al. Multimodel-based incident prediction and risk assessment in dynamic cybersecurity protection for industrial control systems. IEEE Trans Syst Man Cybern: Syst 2016; 46: 1429–44. [Google Scholar]
  16. Mohammed AS, Saxena N and Rana O. Wheels on the modbus – attacking ModbusTCP communications. In: Proceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks, ACM, 2022, 288–89. [Google Scholar]
  17. Chan A and Zhou J. Non-intrusive protection for legacy SCADA systems. IEEE Commun Mag 2023: 1–7. [Google Scholar]
  18. McLaughlin SE. Specification-based attacks and defenses in sequential control systems. Ph.D. Thesis, Pennsylvania State University, 2014. [Google Scholar]
  19. Rrushi JL. SCADA protocol vulnerabilities. In: Critical Infrastructure Protection: Information Infrastructure Models, Analysis, and Defense. Berlin, Heidelberg: Springer Berlin Heidelberg, 2012, 150–76. [Google Scholar]
  20. Sija BD, Goo YH and Shim KS et al. A survey of automatic protocol reverse engineering approaches, methods, and tools on the inputs and outputs view. Secur Commun Networks 2018; 2018: 8370341. [Google Scholar]
  21. Narayan J, Shukla SK and Clancy TC. A survey of automatic protocol reverse engineering tools. ACM Comput Surv (CSUR), 2015; 48: 1–26. [Google Scholar]
  22. Huang Y, Shu H and Kang F et al. Protocol reverse-engineering methods and tools: A survey. Comput Commun 2022; 182: 238–54. [Google Scholar]
  23. Rosa L, Freitas M and Mazo S et al. A comprehensive security analysis of a SCADA protocol: From OSINT to mitigation. IEEE Access 2019; 7: 42156–42168. [Google Scholar]
  24. Meng J, Yang ZY and Zhang ZY et al. SePanner: Analyzing semantics of controller variables in industrial control systems based on network traffic. In: Proceedings of the 39th Annual Computer Security Applications Conference, ACM, 2023, 310–23. [Google Scholar]
  25. Liao GY, Chen YJ and Lu WC et al. Toward authenticating the master in the Modbus protocol. IEEE Trans Power Delivery 2008; 23: 2628–29. [Google Scholar]
  26. Cervelión Bastidas AJ, Agredo Méndez GL and Revelo-Fuelagán J et al. Performance evaluation of modbus and DNP3 protocols in the communication network of a university campus microgrid. Results Eng 2024; 24: 103656. [Google Scholar]
  27. Ortiz N, Cardenas AA and Wool A. A taxonomy of industrial control protocols and networks in the power grid. IEEE Commun Mag 2023; 61: 21–7. [Google Scholar]
  28. Alsabbagh W and Langendörfer P. You are what you attack: Breaking the cryptographically protected S7 protocol. In: 2023 IEEE 19th International Conference on Factory Communication Systems (WFCS), 2023, 1–8. [Google Scholar]
  29. Kjellsson J, Vallestad AE and Steigmann R et al. Integration of a wireless I/O interface for PROFIBUS and PROFINET for factory automation. IEEE Trans Indust Electron 2009; 56: 4279–87. [Google Scholar]
  30. Majdalawieh M, Parisi-Presicce F and Wijesekera D. DNPSec: Distributed network protocol version 3 (DNP3) security framework. Advances in Computer, Inf Syst Sci Eng 2006; 1: 227–34. [Google Scholar]
  31. Clarke G, Reynders D and Wright E. Practical modern SCADA protocols: DNP3, 60870.5 and related systems. Newnes, 2004. [Google Scholar]
  32. Drias Z, Serhrouchni A and Vogel O. Analysis of cyber security for industrial control systems. In: 2015 International Conference on Cyber Security of Smart Cities, Industrial Control System and Communications (SSIC), IEEE, 2015, 1–8. [Google Scholar]
  33. Stouffer K, Falco J and Scarfone K. Guide to industrial control systems (ICS) security. NIST Spec Pub 2011; 800: 16–16. [Google Scholar]
  34. Igure VM, Laughter SA and Williams RD. Security issues in SCADA networks. Comput Secur 2006; 25: 498–506. [Google Scholar]
  35. Knowles W, Prince D and Hutchison D et al. A survey of cyber security management in industrial control systems. Int J Crit Infrastruct Prot 2015; 9: 52–80. [Google Scholar]
  36. Cárdenas AA, Amin S and Sastry S. Research challenges for the security of control systems. HotSec 2008; 5: 1158. [Google Scholar]
  37. Seshadri SS, Rodriguez D and Subedi M et al. Iotcop: A blockchain-based monitoring framework for detection and isolation of malicious devices in Internet-of-Things systems. IEEE Internet Things J 2020; 8: 3346–59. [Google Scholar]
  38. Cui A and Stolfo SJ. A quantitative analysis of the insecurity of embedded network devices: results of a wide-area scan. In: Proceedings of the 26th Annual Computer Security Applications Conference, ACM, 2010, 97–106. [Google Scholar]
  39. Cui A, Costello M and Stolfo SJ. When firmware modifications attack: A case study of embedded exploitation. NDSS Symp 2013; 1: 1.1–8.1. [Google Scholar]
  40. Caballero J, Poosankam P and Kreibich C et al. Dispatcher: Enabling active botnet infiltration using automatic protocol reverse-engineering. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, ACM, 2009, 621–34. [Google Scholar]
  41. Wei X, Yan Z and Liang X. A survey on fuzz testing technologies for industrial control protocols. J Network Comput Appl 2024. [Google Scholar]
  42. Konstantinou C and Maniatakos M. Impact of firmware modification attacks on power systems field devices. In: 2015 IEEE International Conference on Smart Grid Communications (SmartGridComm), IEEE, 2015, 283–88. [Google Scholar]
  43. Kleber S, Maile L and Kargl F. Survey of protocol reverse engineering algorithms: Decomposition of tools for static traffic analysis. IEEE Commun Surv Tutorials 2018; 21: 526–61. [Google Scholar]
  44. Huang Y, Shu H and Kang F et al. Protocol reverse-engineering methods and tools: A survey. Comput Commun 2022; 182: 238–54. [Google Scholar]
  45. Lifa W, Chen W and Zheng H et al. Overview on protocol state machine inference: a survey. Appl Res Comput 2015; 32: 1931–1936. [Google Scholar]
  46. Geng Y, Chen Y and Ma R et al. Defending cyber–physical systems through reverse-engineering-based memory sanity check. IEEE Internet Things J 2022; 10: 8331–47. [Google Scholar]
  47. Bédrune JB, Gazet A and Monjalet F. Supervising the supervisor: Reversing proprietary SCADA tech. In: Hack In The Box Security Conference, 2015. [Google Scholar]
  48. Banerjee S, Galbraith SD and Khan T et al. Preventing reverse engineering of control programs in industrial control systems. In: Proceedings of the 9th ACM Cyber-Physical System Security Workshop, ACM, 2023, 48–59. [Google Scholar]
  49. Sundaram A, Abdel-Khalik HS and Abdo MG. Preventing reverse engineering of critical industrial data with DIOD. Nucl Technol 2023; 209: 37–52. [Google Scholar]
  50. Nawrocki M, Schmidt TC and Wählisch M. Uncovering vulnerable industrial control systems from the internet core. In: NOMS 2020–2020 IEEE/IFIP Network Operations and Management Symposium, IEEE, 2020, 1–9. [Google Scholar]
  51. Luo Z, Liang K and Zhao Y et al. DynPRE: Protocol reverse engineering via dynamic inference. In: Network and Distributed System Security Symposium (NDSS), 2024, 1–18. [Google Scholar]
  52. Keliris A and Maniatakos M. ICSREF: A framework for automated reverse engineering of industrial control systems binaries, arXiv preprint [arXiv: https://arxiv.org/abs/1812.03478], 2018. [Google Scholar]
  53. Qasim SA, Smith JM and Ahmed I. Control logic forensics framework using built-in decompiler of engineering software in industrial control systems. Forensic Sci Int Digital Invest 2020; 33: 301013. [Google Scholar]
  54. Geng Y, Che X and Ma R et al. Control logic attack detection and forensics through reverse-engineering and verifying PLC control applications. IEEE Internet Things J 2023; 11: 8386–400. [Google Scholar]
  55. Zaddach J, Bruno L and Francillon A et al. AVATAR: A framework to support dynamic security analysis of embedded systems’ firmwares. NDSS, 2014; 14: 1–16. [Google Scholar]
  56. Costin A, Zarras A and Francillon A. Automated dynamic firmware analysis at scale: a case study on embedded web interfaces. In: Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, ACM, 2016, 437–48. [Google Scholar]
  57. Bossert G, Guihéry F and Hiet G. Towards automated protocol reverse engineering using semantic information. In: Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security, ACM, 2014, 51–62. [Google Scholar]
  58. Shim KS, Goo YH and Lee MS et al. Clustering method in protocol reverse engineering for industrial protocols. Int J Network Manage 2020; 30: e2126. [Google Scholar]
  59. Tong D and Wang Y. Density peak-based clustering of industrial control protocols for reverse engineering. In: International Conference on Cryptography, Network Security, and Communication Technology (CNSCT 2022), SPIE, vol. 12245, 2022, 64–9. [Google Scholar]
  60. Ji Y, Huang T and Ma C et al. IMCSA: Providing better sequence alignment space for industrial control protocol reverse engineering. Secur. Commun. Networks, 2022; 2022: 8026280. [Google Scholar]
  61. Luo X, Chen D and Wang Y et al. A type-aware approach to message clustering for protocol reverse engineering. Sensors, 2019; 19: 716. [Google Scholar]
  62. Sun Y, Li Z and Lv S et al. Spenny: Extensive ICS protocol reverse analysis via field guided symbolic execution. IEEE Trans Dependable Secure Comput 2022; 20: 4502–18. [Google Scholar]
  63. Beddoe MA. Network protocol analysis using bioinformatics algorithms. Toorcon, 2004; 26: 1095–98. [Google Scholar]
  64. Liu O, Zheng B and Sun W et al. A data-driven approach for reverse engineering electric power protocols. J Signal Process Syst 2021; 93: 769–77. [Google Scholar]
  65. Liu Y, Zhang F and Ding Y et al. Sub-messages extraction for industrial control protocol reverse engineering. Comput Commun 2022; 194: 1–14. [Google Scholar]
  66. Comparetti PM, Wondracek G and Kruegel C et al. Prospex: Protocol specification extraction. In: 2009 30th IEEE Symposium on Security and Privacy, IEEE, 2009, 110–25. [Google Scholar]
  67. Caballero J, Yin H and Liang Z et al. Polyglot: Automatic extraction of protocol message format using dynamic binary analysis. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, ACM, 2007, 317–29. [Google Scholar]
  68. Lin Z, Jiang X and Xu D et al. Automatic protocol format reverse engineering through context-aware monitored execution. In: NDSS, vol. 8, 2008, 1–15. [Google Scholar]
  69. Ma R, Zheng H and Wang J et al. Automatic protocol reverse engineering for industrial control systems with dynamic taint analysis. Front Inf Technol Electron Eng 2022; 23: 351–60. [Google Scholar]
  70. https://doczz.net/doc/4115870/d4.6-protocol-learning-for-ami-environments, last accessed 6 Jun. 2025. [Google Scholar]
  71. Wang X, Lv K and Li B. IPART: an automatic protocol reverse engineering tool based on global voting expert for industrial protocols. Int J Parallel Emergent Distrib Syst 2020; 35: 376–95. [Google Scholar]
  72. Bermudez I, Tongaonkar A and Iliofotou M et al. Towards automatic protocol field inference. Comput Commun 2016; 84: 40–51. [Google Scholar]
  73. Cui W, Kannan J and Wang HJ. Discoverer: Automatic Protocol Reverse Engineering from Network Traces. In: USENIX Security Symposium, 2007, 1–14. [Google Scholar]
  74. Wang Z, Jiang X and Cui W et al. Reformat: Automatic reverse engineering of encrypted messages. In: Computer Security–ESORICS 2009: 14th European Symposium on Research in Computer Security, Springer Berlin Heidelberg, 2009, 200–15. [Google Scholar]
  75. Ye Y, Zhang Z and Wang F et al. NetPlier: Probabilistic Network Protocol Reverse Engineering from Message Traces. In: Network and Distributed System Security Symposium (NDSS), 2021. [Google Scholar]
  76. Qin Z, Yang Z and Geng Y et al. Reverse Engineering Industrial Protocols Driven By Control Fields. In: IEEE INFOCOM 2024–IEEE Conference on Computer Communications, IEEE, 2024: 2408–17. [Google Scholar]
  77. Wang Q, Sun Z and Wang Z et al. A practical format and semantic reverse analysis approach for industrial control protocols. Secur Commun Networks 2021; 2021: 6690988. [Google Scholar]
  78. Qasim SA, Jo W and Ahmed I. Pree: Heuristic builder for reverse engineering of network protocols in industrial control systems. Forensic Sci Int Digital Invest 2023; 45: 301565. [Google Scholar]
  79. Yang Z, He L and Ruan Y et al. Unveiling Physical Semantics of PLC Variables Using Control Invariants. IEEE Trans Dependable Secure Comput, 2024. [Google Scholar]
  80. Hetu Z, Zhang Z and Wang M et al. CASI: Context-aware Automatic Semantic Inference by fusing video and network traffic information in industrial control systems. Inf Fusion 2025; 122: 103174. [Google Scholar]
  81. Ning B, Zong X and He K et al. PREIUD: An industrial control protocols reverse engineering tool based on unsupervised learning and deep neural network methods. Symmetry, 2023; 15: 706. [Google Scholar]
  82. Prähofer H, Wirth C and Berger R. Reverse engineering and visualization of the reactive behavior of PLC applications. In: 2013 11th IEEE International Conference on Industrial Informatics (INDIN), IEEE, 2013, 564–71. [Google Scholar]
  83. Stefanidis K and Voyiatzis AG. An HMM-based anomaly detection approach for SCADA systems. In: Information Security Theory and Practice: 10th IFIP WG 11.2 International Conference, WISTP 2016, Heraklion, Crete, Greece: Springer International Publishing, 2016, 85–99. [Google Scholar]
  84. De Ruiter J and Poll E. Protocol state fuzzing of TLS implementations. In: 24th USENIX Security Symposium (USENIX Security 15), 2015, 193–206. [Google Scholar]
  85. Alladi T, Chamola V and Zeadally S. Industrial control systems: Cyberattack trends and countermeasures. Comput Commun 2020; 155: 1–8. [Google Scholar]
  86. Duchêne J, Le Guernic C and Alata E et al. State of the art of network protocol reverse engineering tools. J Comput Virol Hacking Tech 2018; 14: 53–68. [Google Scholar]
  87. Hu Y, Sun Y and Wang Y et al. An enhanced multi-stage semantic attack against industrial control systems. IEEE Access, 2019; 7: 156871–882. [Google Scholar]

Current usage metrics show cumulative count of Article Views (full-text article views including HTML views, PDF and ePub downloads, according to the available data) and Abstracts Views on Vision4Press platform.

Data correspond to usage on the plateform after 2015. The current usage metrics is available 48-96 hours after online publication and is updated daily on week days.

Initial download of the metrics may take a while.