IntegraXor
IntegraXor is a supervisory control and data acquisition (SCADA) and human-machine interface (HMI) software system developed by Ecava and first released in 2003. [1] [2]
Developer(s) | Ecava |
---|---|
Initial release | 2003 |
Stable release | V8.0
/ 2019-01-03 |
Operating system | Microsoft Windows |
Type | SCADA |
Website | ECAVA IntegraXor |
Function
As a commercial web SCADA system, it is used by engineers as a tool to develop and customize web-based SCADA applications.[3][4][5][6]
Security
Security researchers have found numerous vulnerabilities[7][8] including a Zero Day vulnerability where major manufacturers and industrial companies in the UK, US and over 30 other countries are being urged to adopt a rapidly-released fix by IntegraXor.[9] The United States Department of Homeland Security (DHS) Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) itself discovered vulnerabilities in IntegraXor.[8]
In 2013, Ecava released the first known bug bounty program for ICS.[10][11] However, they received a backlash for offering store credits instead of cash which does not incentivize security researchers.[12]
References
- Lim, WingHooi (7 September 2015). "It's all systems go". The Star Newspaper. Retrieved 21 May 2019.
- Sena, Renuka (14 November 2016). "THE ESSENCE OF INNOVATION". Digital News Asia. Retrieved 21 May 2019.
- Soetedjo, A.; Nakhoda, Y.I.; Lomi, A. (June 2014). "Web-SCADA for Monitoring and Controlling Hybrid Wind-PV Power System". Telkomnika. 12 (2): 305–314. doi:10.12928/telkomnika.v12i2.53.
- Tyutyundzhiev, N.; Petrov, N.; Martínez-Moreno, F.; Leloux, J.; Narvarte, L. (September 2015). "Advanced testing of PV plants using portable SCADA tool" (PDF). 31st European Photovoltaic Solar Energy Conference and Exhibition: 2074–2077.
- Hamed, B.; Shamla, A.A. (4 November 2014). "Gaza's Water Wells System Based on SCADA" (PDF). 5th International Conference for Engineering and Sustainability (ICESS).
- Naidoo, N.; Bright, G.; Stopforth, R. (28–30 January 2019). "A Distributed Framework for Programming the Artificial Intelligence of Mobile Robots in Smart Manufacturing Systems". 2019 Southern African Universities Power Engineering Conference/Robotics and Mechatronics/Pattern Recognition Association of South Africa (SAUPEC/RobMech/PRASA). pp. 34–41. doi:10.1109/RoboMech.2019.8704788. ISBN 978-1-7281-0369-3. S2CID 145049174.
- AppSecEU2011, O. W. A. S. P. (2011). Utilities still under threat. Network Security
- Marks, Paul (25 March 2011). "Stuxnet analysis finds more holes in critical software". New Scientist. Retrieved 21 May 2019.
- Ring, Tim (17 January 2014). "UK firms urged to patch IGX industrial control systems". SC Media UK. Retrieved 21 May 2019.
- Toecker, Michael (23 July 2013). "More on IntegraXor's Bug Bounty Program". Digital Bond. Retrieved 21 May 2019.
- Ragan, Steve (18 July 2013). "SCADA vendor faces public backlash over bug bounty program". CSO. Retrieved 21 May 2019.
- Rashi, Fahmida Y. (16 July 2013). "SCADA Vendor Bashed Over "Pathetic" Bug Bounty Program". Security Week. Retrieved 21 May 2019.