Aperture Podcast: Claroty and Kaspersky on OPC Security Research
By Michael Mimoso | April 5, 2021
Open Platform Communications (OPC) is a critical communication protocol for operational technology (OT) networks, providing interoperability between proprietary vendor devices and industrial control systems (ICS). OPC is embedded inside many vendor products as a third-party component, and as a result, there’s an expansive attack surface available to threat actors.
In this episode of the Aperture Podcast, the head of Kaspersky’s ICS security team Evgeny Goncharov joins Claroty researchers Sharon Brizinov and Uri Katz to discuss their respective research into OPC security, vulnerabilities each team has disclosed, and how vendors and protocol maintainers can improve the OPC protocol’s security going forward.
In 2018, Kaspersky
published an extensive report into OPC security—largely into OPC UA—one of the first deep dives into the inner workings of the protocol and its many flavors. At the time, the research team also disclosed 17 new vulnerabilities and how UPC UA “not only fails to protect developers from trivial errors but also tends to provoke errors,” its report said at the time.
This year, Claroty followed up with its own research into OPC, dedicating time and resources to vendor implementations of the protocol, and disclosing nine new vulnerabilities in three vendor products.
Throughout the podcast, the research teams discuss their respective work and approaches to researching OPC and whether secure development has made any strides.
You’ll hear more about:
- Why OPC is critical to OT networks
- The researchers’ respective assessments of OPC security today
- Challenges in conducting security research into an expansive protocol such as OPC
- Commonalities among vulnerabilities in vendor implementations
- Future work in OPC security research