1. Repositorio Cientifico IPVC
  2. ESTG - Escola Superior de Tecnologia e Gestão
  3. ESTG - Artigos em conferência
Please use this identifier to cite or link to this item: http://hdl.handle.net/20.500.11960/3747
Title: Vulnerabilities in baseboard management controllers: risks and mitigation strategies in the IIoT environment
Authors: Barreto, Jackson
Lopes, Sérgio Ivan
Pinto, Pedro
Keywords: BMC (Baseboard Management Controller)
Firmware vulnerabilities
IIoT (Industrial Internet of Things)
Issue Date: 11-Jul-2023
Publisher: Instituto Politécnico de Bragança
Citation: Júnior, J., Lopes, S. I., & Pinto, P. (2023). Vulnerabilities in baseboard management controllers: risks and mitigation strategies in the IIoT environment. In F. P. Fernandes, P. Morais, & P. Pintom (Eds.), 3rd Symposium of applied science for young researchers: proceedings, 11 July, 2023, Barcelos, Portugal (pp. 76-82). IPB. http://hdl.handle.net/10198/28842
Abstract: Vulnerabilities in Baseboard Management Controllers (BMCs) have a high impact on the Industrial Internet of Things (IIoT) environment. Recently, a set of vulnerabilities in BMCs disclosed by Nozomi Networks expose Operational Technology (OT) and IIoT networks to remote attacks. This paper reviews a set of vulnerabilities in BMC affecting IIoT devices and discusses the risks and implications of the vulnerabilities found, and how they can be mitigated. The discovery of vulnerabilities in BMC highlights the urgent need for a comprehensive and multifaceted approach to securing the IIoT environment. It is concluded that a general improvement in the security of BMC could be achieved by adopting the open-source philosophy and standardizing the hardware interface.
URI: http://hdl.handle.net/20.500.11960/3747
ISBN: 978-972-745-324-5
Appears in Collections:ESTG - Artigos em conferência

Files in This Item:
File Description SizeFormat 
Vulnerabilities_in_Baseboard_Management_Controllers_-_Risks_and_Mitigation_Strategies_in_the_IIoT_Environment.pdf1.43 MBAdobe PDFView/Open
Show full item record


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.