IntegraXor

IntegraXor is a supervisory control and data acquisition (SCADA) and human-machine interface (HMI) software system developed by Ecava and first released in 2003. [1] [2]

IntegraXor
Developer(s)Ecava
Initial release2003
Stable release
V8.0 / 2019-01-03
Operating systemMicrosoft Windows
TypeSCADA
WebsiteECAVA IntegraXor

Function

As a commercial web SCADA system, it is used by engineers as a tool to develop and customize web-based SCADA applications.[3][4][5][6]

Security

Security researchers have found numerous vulnerabilities[7][8] including a Zero Day vulnerability where major manufacturers and industrial companies in the UK, US and over 30 other countries are being urged to adopt a rapidly-released fix by IntegraXor.[9] The United States Department of Homeland Security (DHS) Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) itself discovered vulnerabilities in IntegraXor.[8]

In 2013, Ecava released the first known bug bounty program for ICS.[10][11] However, they received a backlash for offering store credits instead of cash which does not incentivize security researchers.[12]

References
  1. Lim, WingHooi (7 September 2015). "It's all systems go". The Star Newspaper. Retrieved 21 May 2019.
  2. Sena, Renuka (14 November 2016). "THE ESSENCE OF INNOVATION". Digital News Asia. Retrieved 21 May 2019.
  3. Soetedjo, A.; Nakhoda, Y.I.; Lomi, A. (June 2014). "Web-SCADA for Monitoring and Controlling Hybrid Wind-PV Power System". Telkomnika. 12 (2): 305–314. doi:10.12928/telkomnika.v12i2.53.
  4. Tyutyundzhiev, N.; Petrov, N.; Martínez-Moreno, F.; Leloux, J.; Narvarte, L. (September 2015). "Advanced testing of PV plants using portable SCADA tool" (PDF). 31st European Photovoltaic Solar Energy Conference and Exhibition: 2074–2077.
  5. Hamed, B.; Shamla, A.A. (4 November 2014). "Gaza's Water Wells System Based on SCADA" (PDF). 5th International Conference for Engineering and Sustainability (ICESS).
  6. Naidoo, N.; Bright, G.; Stopforth, R. (28–30 January 2019). "A Distributed Framework for Programming the Artificial Intelligence of Mobile Robots in Smart Manufacturing Systems". 2019 Southern African Universities Power Engineering Conference/Robotics and Mechatronics/Pattern Recognition Association of South Africa (SAUPEC/RobMech/PRASA). pp. 34–41. doi:10.1109/RoboMech.2019.8704788. ISBN 978-1-7281-0369-3. S2CID 145049174.
  7. AppSecEU2011, O. W. A. S. P. (2011). Utilities still under threat. Network Security
  8. Marks, Paul (25 March 2011). "Stuxnet analysis finds more holes in critical software". New Scientist. Retrieved 21 May 2019.
  9. Ring, Tim (17 January 2014). "UK firms urged to patch IGX industrial control systems". SC Media UK. Retrieved 21 May 2019.
  10. Toecker, Michael (23 July 2013). "More on IntegraXor's Bug Bounty Program". Digital Bond. Retrieved 21 May 2019.
  11. Ragan, Steve (18 July 2013). "SCADA vendor faces public backlash over bug bounty program". CSO. Retrieved 21 May 2019.
  12. Rashi, Fahmida Y. (16 July 2013). "SCADA Vendor Bashed Over "Pathetic" Bug Bounty Program". Security Week. Retrieved 21 May 2019.


This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.