Fuzzing has become an important approach in recent years in detecting vulnerabilities in industrial control system and its network protocol. Traditional fuzzing methods have the shortcomings of low efficiency and blindness. To solve this problem, we have developed an improved fuzzing method based on exception field positioning. The method adds a positioning phase in the testing procedure. We have established a field attribute set model of Modbus protocol and combined it with the attribute reduction algorithm to locate the key fields that trigger potential vulnerabilities. This algorithm assists in connecting the effects of the test cases so that we can adjust the test cases toward a more guided testing procedure, instead of plain random testing. In the simulation experiment, the developed fuzzing method has discovered certain vulnerabilities in Modbus TCP, which include an original vulnerability that has been submitted to the China National Vulnerability Database.

近年来，模糊化已成为检测工业控制系统及其网络协议中漏洞的一种重要方法。传统的起毛方法具有效率低和盲目性的缺点。为了解决这个问题，我们开发了一种基于异常字段定位的改进的模糊方法。该方法在测试过程中增加了定位阶段。我们已经建立了Modbus协议的字段属性集模型，并将其与属性约简算法相结合，以定位触发潜在漏洞的关键字段。该算法有助于连接测试用例的效果，以便我们可以将测试用例调整为更具指导性的测试过程，而不是简单的随机测试。在模拟实验中