Please use this identifier to cite or link to this item:
http://hdl.handle.net/20.500.11960/3747
Title: | Vulnerabilities in baseboard management controllers: risks and mitigation strategies in the IIoT environment |
Authors: | Barreto, Jackson Lopes, Sérgio Ivan Pinto, Pedro |
Keywords: | BMC (Baseboard Management Controller) Firmware vulnerabilities IIoT (Industrial Internet of Things) |
Issue Date: | 11-Jul-2023 |
Publisher: | Instituto Politécnico de Bragança |
Citation: | Júnior, J., Lopes, S. I., & Pinto, P. (2023). Vulnerabilities in baseboard management controllers: risks and mitigation strategies in the IIoT environment. In F. P. Fernandes, P. Morais, & P. Pintom (Eds.), 3rd Symposium of applied science for young researchers: proceedings, 11 July, 2023, Barcelos, Portugal (pp. 76-82). IPB. http://hdl.handle.net/10198/28842 |
Abstract: | Vulnerabilities in Baseboard Management Controllers (BMCs) have a high impact on the Industrial Internet of Things (IIoT) environment. Recently, a set of vulnerabilities in BMCs disclosed by Nozomi Networks expose Operational Technology (OT) and IIoT networks to remote attacks. This paper reviews a set of vulnerabilities in BMC affecting IIoT devices and discusses the risks and implications of the vulnerabilities found, and how they can be mitigated. The discovery of vulnerabilities in BMC highlights the urgent need for a comprehensive and multifaceted approach to securing the IIoT environment. It is concluded that a general improvement in the security of BMC could be achieved by adopting the open-source philosophy and standardizing the hardware interface. |
URI: | http://hdl.handle.net/20.500.11960/3747 |
ISBN: | 978-972-745-324-5 |
Appears in Collections: | ESTG - Artigos em conferência |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
Vulnerabilities_in_Baseboard_Management_Controllers_-_Risks_and_Mitigation_Strategies_in_the_IIoT_Environment.pdf | 1.43 MB | Adobe PDF | View/Open |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.