Vulnerability Finding and Firmware Association in Power Grid

摘要

The intelligent power grid is composed of a large number of industrial control equipment, and most of the industrial control equipment has security holes, which are vulnerable to malicious attacks and affect the normal operation of the power grid. By analyzing the security vulnerability of the firmware of industrial control equipment, the vulnerability can be detected in advance and the power grid's ability to resist attack can be improved. In this paper, a vulnerability finding and firmware association technology for industrial control device firmware was proposed. Through firmware analysis technology, code preprocessing, vulnerability scanning analysis and vulnerability matching are performed for grid device firmware. At the same time, firmware vulnerability association relationship is established based on the similarity of device firmware. Vulnerabilities are discovered more quickly in the security detection of industrial device.