THE METHODOLOGY AND PRACTICE OF ATTACKING SECS/GEM STANDARD

SECS/GEM standard is widely-used in the contemporary semiconductor manufactory environment to deal with the communication between hosts and equipment. However, few works have been done with respect to the security issues of SECS/GEM standard. To fill the research gap, three threatening scenarios comprising deny of service, information theft, and traffic tampering and six attack experiments were designed. The attacking experiments simulated the behavior of an attacker who was in the same LAN as the manufactory equipment and tried to penetrate the network and to control the equipment in four different OSI layers including link layer, network layer, transport layer and application layer. The result shows that security mechanism is not included in the design of SECS/GEM standard and the standard is extremely insecure and fragile.