As part of my thesis in 2020, I set out to look at cyber security in the Industrial Controls space. I tried to replicate Stuxnet in a MUCH smaller scale, on a different platform. Being familiar with Schneider and Ignition SCADA, I chose them as the platforms of choice. I went about decoding UMAS (a proprietary protocol by Schneider) to help generate the attack vector. I am not going to go into details on the attack, but will use this space to explain what I found out about UMAS….through HOURS of Wireshark reviews and using the research already done by Luis Martin. Over the next few months I will try and add the detail of my findings, but in the meantime, here is the repository with the commented code as a starter:
https://bitbucket.org/lilywhiteweb/umas/src/master/
Adding a link to my Thesis which goes into more detail for those that want to know more:
Good post.
Thank you.. I’ve added my Thesis to the blog in case you find it useful