Open Platform Communications (OPC) is a critical communication protocol for operational technology (OT) networks, providing interoperability between proprietary vendor devices and industrial control systems (ICS). OPC is embedded inside many vendor products as a third-party component, and as a result, there's an expansive attack surface available to threat actors.
In this episode of the Nexus Podcast, the head of Kaspersky's ICS security team Evgeny Goncharov joins Claroty researchers Sharon Brizinov and Uri Katz to discuss their respective research into OPC security, vulnerabilities each team has disclosed, and how vendors and protocol maintainers can improve the OPC protocol's security going forward.
In 2018, Kaspersky published an extensive report into OPC security—largely into OPC UA—one of the first deep dives into the inner workings of the protocol and its many flavors. At the time, the research team also disclosed 17 new vulnerabilities and how UPC UA "not only fails to protect developers from trivial errors but also tends to provoke errors," its report said at the time.
This year, Claroty followed up with its own research into OPC, dedicating time and resources to vendor implementations of the protocol, and disclosing nine new vulnerabilities in three vendor products.
Throughout the podcast, the research teams discuss their respective work and approaches to researching OPC and whether secure development has made any strides.
You'll hear more about:
Why OPC is critical to OT networks
The researchers' respective assessments of OPC security today
Challenges in conducting security research into an expansive protocol such as OPC
Commonalities among vulnerabilities in vendor implementations
Future work in OPC security research
Michael Mimoso is Director of Influencer Marketing at Claroty and Editorial Director of Nexus.
