Practical Pitfalls for Security in OPC UA

In 2006, the OPC Foundation released the first specification for OPC Unified Architecture protocol, one of the industrial protocols that promises security features such as authentication, authorization, integrity, and confidentiality. Challenges in the practical adoption of those security features by product vendors, libraries implementing the standard, and end-users were not investigated so far. In this work, we systematically investigate practical challenges to configure OPC UA securely. In particular, we review 48 artifacts consisting of products and libraries for OPC UA and show that 38 out of the 48 artifacts have one (or more) security issue. In particular, we show that 7 OPC UA artifacts do not support the security features of the protocol at all. In addition, 31 artifacts that partially feature OPC UA security rely on incomplete libraries and come with misleading instructions. Consequently, relying on those products and libraries will result in vulnerable implementations of OPC UA security features. We design, implement and demonstrate attacks in which the attacker can steal credentials exchanged between victims, eavesdrop on process information, manipulate the physical process through sensor values and actuator commands, and prevent the detection of anomalies in the physical process.