Sven M. Hallberg

  • Citations Per Year
Learn More
Input-handling bugs share two common patterns: insufficient recognition, where input-checking logic is unfit to validate a program’s assumptions about inputs, and parser differentials, wherein two or more components of a system fail to interpret input equivalently. We argue that these patterns are artifacts of avoidable weaknesses in the development process(More)
We present an assurance methodology for producing significantly more secure implementations of SCADA/ICS protocols, and describe our case study of applying it to DNP3, in the form of a filtering proxy that deeply and exhaustively validates DNP3 messages. Unlike the vast majority of deployed proprietary DNP3 implementations, our code demonstrates resilience(More)
  • 1