Increase the cybersecurity of SCADA and IIoT devices with secure memory management⋆ Andrii Nyzhnyk1,*,†, Andrii Partyka1,† and Michal Podpora2,† 1 Lviv Polytechnic National University, 12 Stepan Bandera str., 79013 Lviv, Ukraine 2 Opole University of Technology, 76 Proszkowska str., 45-758 Opole, Poland Abstract Secure memory management issues are very common in SCADA device software. Systems that are integrated with SCADA and IIoT are often included in the list of critical infrastructures in many countries. Therefore, ensuring the security of these devices is important for national security. Despite the implementation of certain cybersecurity tools and measures, these devices often become targets for attacks. Memory errors remain one of the most common sources of software vulnerabilities. Attackers are actively using them to gain unauthorized access to systems, steal data, disrupt software operations, and perform other criminal acts. These types of vulnerabilities are very difficult to reproduce and fix. This paper discusses how to increase the security of SCADA and IIoT devices using secure memory management. The relevance of the problem of secure memory management in SCADA and IIoT devices makes it a subject of careful study and search for effective solutions. The purpose of this paper is to study the impact of dynamic memory errors on cybersecurity and provide practical recommendations for their elimination. Various sectors, including energy, water treatment, manufacturing, transportation, oil and gas exploration, telecommunications, environmental monitoring, aerospace, and medical facilities, rely heavily on SCADA and IIoT systems. Given the widespread use of these systems in critical infrastructure, addressing memory management vulnerabilities is crucial. This paper presents an overview of the most common memory management issues, such as null pointer dereferencing, use-after-free, and buffer overflow, and highlights notable cyberattacks that exploited these vulnerabilities. The effectiveness of different methods to prevent and mitigate memory management issues, including the use of sanitizers, static code analysis, and programming languages with secure memory management like Rust, is analyzed. The study concludes that a comprehensive approach combining these methods is essential for enhancing the cybersecurity of SCADA and IIoT devices. The findings aim to help software developers and cybersecurity professionals better understand the risks associated with dynamic memory in SCADA and IIoT devices and improve application security. Keywords SCADA, IIoT, memory management issues, Rust, buffer overflow, use-after-free, cybersecurity, secure programming, sanitizers, static code analysis1 1. Introduction transportation, oil and gas exploration, telecommunications, environmental monitoring, aerospace, Imagining modern life without process automation is and medical facilities. The market for industrial control challenging, as it is crucial for both industry and homes. systems, including SCADA, is expected to exceed $181.6 Most devices can now connect to the Internet, a small but billion by the end of 2024, highlighting their growing significant percentage of devices can be controlled by voice importance. and even contain artificial intelligence to communicate with Despite the essential role of SCADA and IIoT systems, humans. The SCADA (Supervisory Control and Data they face significant cybersecurity threats, primarily due to Acquisition) system is a centralized control system that memory management issues. According to Google, 59% of allows monitoring and control of industrial processes. In the vulnerabilities found in the Android project in 2021 essence, SCADA has dual functionality—supervision of were related to memory issues [1]. Microsoft reported that operations and data acquisition from remote locations, in 2019, 70% of all vulnerabilities in their projects were which is critical for efficient and safe operation in various memory-related [2]. Similarly, in the Chromium project, industries. almost 70% of critical security bugs are associated with SCADA systems, alongside the Industrial Internet of memory security issues, and Mozilla has reported that Things (IIoT), play a vital role in numerous sectors, incorrect memory management can cause up to 73.9% of including energy, water treatment, manufacturing, vulnerabilities [3]. These vulnerabilities often lead to severe CSDP-2024: Cyber Security and Data Protection, June 30, 2024, Lviv, 0009-0003-9094-0740 (A. Nyzhnyk); 0000-0003-3037-8373 Ukrain (A. Partyka); 0000-0002-1080-6767 (M. Podpora) ∗ Corresponding author. © 2024 Copyright for this paper by its authors. Use permitted under † These authors contributed equally. Creative Commons License Attribution 4.0 International (CC BY 4.0). andrii.o.nyzhnyk@lpnu.ua (A. Nyzhnyk); andrii.i.partyka@lpnu.ua (A. Partyka); m.podpora@po.opole.pl (M. Podpora) CEUR Workshop ceur-ws.org ISSN 1613-0073 32 Proceedings security breaches, such as unauthorized access to systems, control traffic lights in real time, helping to data theft, and operational disruptions. manage traffic, reduce congestion, and improve In their research, Oorschot et al. (2023) highlighted the road safety. challenges of memory safety in system programming  Telecommunications. SCADA systems contribute languages like C and C++ [4]. While these languages are to the development of the telecommunications powerful, they are prone to memory errors such as null sector by monitoring and managing network pointer dereferencing, use-after-free, and buffer overflow. infrastructure, ensuring reliable and uninterrupted These types of errors are particularly prevalent in the communication services. software used for SCADA and IIoT devices, which are often  Environmental monitoring. SCADA is used in written in these languages due to their low-level capabilities environmental monitoring to track pollution and performance requirements. levels, air quality, and other environmental Also, in many research studies (Altaleb, Haya & Rajnai, parameters, supporting efforts to solve Zoltan (2024) or Fall, Moustapha & Chuvalas, Chris & environmental problems. Warning, Nolan & Rabiee, Max & Purdy, Carla (2020) and  Aerospace industry. SCADA is integrated into the many more) related to security SCADA and IIoT, secure aerospace industry to monitor and control memory management is not covered [5]. These studies production processes, ensuring the accuracy and focus on the more common cyber security threats, like quality of aircraft component production. “OWASP Top Ten” and others. In this context, secure  Medical facilities. SCADA systems are used in memory management belongs to low-level system control healthcare facilities to monitor and control critical that significantly impacts cybersecurity [6]. infrastructure, including power distribution, The objective of this paper is to address the impact of heating, ventilation, air conditioning systems, and dynamic memory errors on the cybersecurity of SCADA medical equipment, ensuring the uninterrupted and IIoT devices and to provide practical recommendations provision of healthcare services. for their mitigation. By examining various studies and existing methods, we aim to identify effective solutions to To summarize, these systems are widely used in various enhance the security of these critical systems. Our analysis areas of critical infrastructure. The main task of SCADA and includes the use of sanitizers, static code analysis, and the IIoT is to control the system, which helps to manage and adoption of programming languages with built-in memory achieve the set goals with optimal use of resources. safety mechanisms, such as Rust, which offers a robust alternative to traditional system programming languages. 2.1. The most common memory The goal is to provide insights that will help software management issues developers and cybersecurity professionals better understand and manage the risks associated with memory Despite its long history and significant economic management in SCADA and IIoT devices. consequences, the problem of secure memory management remains relevant. According to unofficial estimates, as recently as 2004, memory-related errors cost the industry 2. Ensuring cybersecurity of SCADA about $250,000, and this amount is only growing over time. and IIoT devices Memory management vulnerabilities can occur even in To better understand how SCADA and IIoT devices can be well-known projects with millions of users and professional protected, it is necessary to analyze where and how these development teams [5]. Different companies conducted the devices are used. The adaptability of SCADA and IIoT devices research: to scenarios that require remote monitoring, control, and data collection has led to its widespread adoption in various  In 2021, Google reported that 59% of the sectors such as: vulnerabilities found in the Android project were related to memory issues. Different types of  Energy sector. SCADA is widely used in the vulnerabilities found in the Android project are energy sector to monitor and control the shown in Fig. 1. production and distribution of electricity, ensuring  In 2019, Microsoft researched its projects and efficient and reliable power supply. found that 70% of all vulnerabilities in program  Manufacturing industry. SCADA is used in code are related to memory. manufacturing to monitor and control production  Chromium (the basis of the Google Chrome processes, optimize efficiency, minimize browser): almost 70% of critical security bugs are downtime, and improve overall production related to memory security issues. quality.  Mozilla: the level of vulnerabilities caused by  Transportation and traffic management. SCADA incorrect memory management can reach 73.9%. systems are used in transportation to monitor and 33 Figure 1: Types of critical and high vulnerabilities in the Android project According to research by various IT companies, the total percentage of memory-related vulnerabilities is shown in Fig. 2. Figure 2: Percentage of vulnerabilities in projects related to memory management Memory management bugs are a common source of 2. Use-after-free use is a problem that occurs when misbehavior in many programming languages [7], but they a program tries to access memory that has already can be especially prevalent in system programming been freed. languages such as C and C++ [8]. C and C++ are the 3. Buffer overflow is also a common problem when programming languages most commonly used to write a program writes data outside the buffer, SCADA and IIoT software and are the languages in which potentially overwriting other data or executing the largest number of vulnerabilities are found. arbitrary code. The most common problems are related to memory management: While memory management can cause a vulnerability in an application, other security issues such as 1. Null pointer dereferencing is a problem that misconfiguration of role-based access control, SQL occurs when a program tries to access memory injection, and other well-known vulnerabilities should not that has not been allocated or has already been be overlooked [9]. Despite this, memory management issues freed. remain the most common in SCADA and IIoT devices. 34 Securing low-level devices such as SCADA and IIoT differs mitigate risks in critical infrastructures like SCADA and significantly from traditional approaches to securing cloud IIoT systems. infrastructure. [10]. Programs that control SCADA and IIoT One effective approach is the use of mathematical mostly run without an operating system or any antivirus models and simulations to analyze potential security threats [11]. and their impacts. This method allows for the identification and mitigation of vulnerabilities before they can be 2.2. Cyberattacks that were carried out exploited by attackers. Simulations can model various with the help of memory attack scenarios, enabling researchers and engineers to vulnerabilities develop robust defense mechanisms and response strategies. Attacks that use hanging pointers: Enhancing SCADA security with advanced memory management techniques is another method, as discussed by  Heartbleed (2014). This vulnerability, which Kim and Lee (2024), who emphasized the importance of exploited a hanging pointer, was discovered in adopting modern memory safety mechanisms in SCADA OpenSSL, a cryptographic library used by millions systems [15]. The implementation of such techniques can of web servers. Attackers could have exploited this significantly reduce the risk of memory-related vulnerability to steal sensitive information, vulnerabilities, which are often targeted by cyber attackers. including passwords, encryption keys, and credit Additional Approaches: card information. The damage from this attack is estimated at billions of dollars [12]. 1. Behavioural Analysis and Anomaly Detection:  CVE-2021-45046 (2021). This vulnerability was a. Implementing behavioral analysis and anomaly discovered in the Windows Print Spooler driver. detection tools can help identify unusual activities Attackers could exploit this vulnerability to gain that may indicate a security breach. These tools full control over vulnerable systems [13]. analyze the normal behavior of SCADA and IIoT systems and alert administrators to deviations that Attacks that were carried out through uninitialized could signify an attack. variables: b. Machine learning algorithms can be employed to improve the accuracy of anomaly detection,  Buffer overflow (2001). This attack led to the theft learning from historical data to distinguish between legitimate and malicious activities. of 170 million credit card numbers from TJX Companies’ systems. 2. Collaborative Security Frameworks:  Stack overflow (2019). This attack, which exploits a. Developing collaborative security frameworks a stack overflow, led to the outage of Cloudflare that involve multiple stakeholders, including services. Cloudflare is a large American company government agencies, private sector companies, and academic institutions, can enhance the overall that provides network services for content cybersecurity posture of SCPS. Such frameworks delivery, protection against DDoS attacks, and facilitate the sharing of threat intelligence and best other network services. practices, fostering a collective defense approach. b. Public-private partnerships can play a vital role In addition, there have been thousands of other in advancing cybersecurity research and cyberattacks using all types of memory management development, ensuring that SCADA and IIoT vulnerabilities. For example, the WannaCry ransomware systems are equipped with the latest security virus, which in 2017 infected more than 200,000 computers innovations. in 150 countries. WannaCry exploited a “double free” 3. Resilience Engineering: vulnerability in Windows. a. Focusing on resilience engineering can help These examples highlight cyberattacks related to ensure that SCADA and IIoT systems continue to memory management issues. Such attacks can result in operate effectively even in the face of cyber-attacks. significant consequences, including data theft, service This involves designing systems with built-in outages, and financial and reputational losses. redundancy, failover mechanisms, and robust Implementing secure programming practices and thorough recovery procedures. software testing can help prevent these incidents. b. Regularly conducting resilience testing, such as cyber wargames and penetration testing, can help 2.3. Methods to ensure cybersecurity in identify and address potential weaknesses in the system. Socio-Cyber-Physical Systems (SCPS) 4. Cybersecurity Education and Training: a. Investing in cybersecurity education and it is crucial to consider the broader context of cybersecurity training programs for employees at all levels can within Socio-Cyber-Physical Systems (SCPS). According to significantly improve the security of SCADA and Yevseiev et al. (2023), integrating cybersecurity into SCPS IIoT systems. Ensuring that staff are aware of the involves developing comprehensive models that account for latest threats and understand best practices for the complex interactions between social, cyber, and cybersecurity can reduce the risk of human error, physical components [14]. These models help in which is often a critical factor in security breaches. understanding vulnerabilities and developing strategies to 35 b. Certification programs and ongoing professional 3.2. Static code analysis development can help maintain a high standard of cybersecurity expertise within organizations. Static analysis tools are software tools that examine code Ensuring the cybersecurity of socio-cyber-physical without executing it to identify potential memory systems requires a multifaceted approach that management issues and other vulnerabilities. This method addresses both technical and human factors. By of analysis is used during program development, serving as integrating advanced memory management a kind of independent code verification. techniques, leveraging behavioral analysis and Advantages of static analysis: anomaly detection, fostering collaborative security frameworks, focusing on resilience engineering, and  Efficiency: static analysis can examine code much investing in cybersecurity education and training, faster than it can be tested. organizations can significantly enhance the security and resilience of their SCADA and IIoT systems.  Proactivity: static analysis can help identify problems in the early stages of development when 3. Methods to prevent and reduce they are still easy to fix. the impact of memory  Accuracy: static analysis can identify issues that may be missed during testing. management issues The negative impact of memory management issues can Examples of static analysis tools: range from minor crashes to data theft, system disruption,  Clang Static Analyzer: a free open-source tool that and other criminal activity. There is now a wide range of supports C, C++, Objective-C, and Swift. methods and mechanisms that can be used to prevent or reduce the impact of these problems.  Coverity: a commercial tool that supports C, C++, Java, and JavaScript. 3.1. The use of sanitizers  Cppcheck: a free open-source tool that supports C++. Sanitizers are essential tools for detecting memory  PVS-Studio: a commercial tool that supports C, management issues. They help to identify a potential C++, and C#. problem at the development stage and thus warn the  SonarQube: an open-source platform that supports developer of a potential problem. many programming languages. The use of sanitizers: Disadvantages of static analysis:  Sanitizers can detect memory management errors at the early stages of development, allowing  False positives: Static analysis can sometimes developers to fix them at the development and generate error warnings that are not present. testing stages.  Incomplete coverage: static analysis cannot  Sanitizers can detect memory leaks when a guarantee to detect all problems. program fails to free memory it no longer uses.  Complexity: Some static analysis tools can be This helps to reduce the overall memory usage of difficult to set up and use. the program and prevent the program from suddenly terminating due to lack of memory. Static analysis can be used to detect issues such as  Using sanitizers can improve code quality by memory leaks, buffer overflows, null pointers, unused detecting and correcting memory management variables, dead code, and unsafe coding patterns. Static errors and using them efficiently. analysis can be integrated into the development  Sanitizers can be used as a learning tool for young environment, which makes it even more convenient to use. developers to better understand how memory Using static analysis tools is an important part of the management works and how to avoid common process of developing secure software. mistakes in their professional careers. Beyond the methods above, it is also important to  Using sanitizers is an important part of modern regularly update software, implement firewall and antivirus software development and can significantly solutions, and ensure the creation of data backup copies. reduce the impact of memory management issues. 3.3. Use languages with secure memory A list of the most popular sanitizers and their management capabilities: One approach is to use safe programming languages.  Address Sanitizer detects errors related to Programming languages with a high level of abstraction and accessing invalid memory. built-in memory safety mechanisms, such as Java, Python,  Leak Sanitizer detects memory leaks. Go, C#, and JS/TS, significantly reduce the risk of memory management issues. The disadvantage of this approach is Undefined Behavior Sanitizer detects undefined the inability to rewrite existing programs within a short behavior that can lead to errors. time and the decrease in program performance. For some systems, such a transition is simply not possible because it requires very low-level work with memory and registers [16]. 36 However, with the advent of programming languages such respond to security incidents in real-time. This as Rust, you can solve the problem of low-level access includes using intrusion detection systems, without losing program performance. Rust is a security information and event management programming language that combines high performance systems, and regular vulnerability assessments. with memory safety. It is becoming an increasingly popular Continuous monitoring is vital for identifying and choice for developing system software and other programs mitigating potential threats before they can cause where it is critical to avoid memory issues [17]. significant damage [21]. Here are some of the key benefits of using Rust to  Advanced Security Practices: Utilizing prevent memory management issues: advanced security practices such as zero-trust architecture, micro-segmentation, and automated  Ownership system. Rust uses an ownership threat intelligence can further enhance the system to keep track of who owns data in memory. security of cloud infrastructures. Zero-trust This makes errors such as use-after-free and architecture ensures that no entity, whether inside memory leaks impossible. or outside the network, is trusted by default.  Compile-time checking. Most memory Micro-segmentation divides the network into management issues in Rust are detected at compile smaller segments to limit the spread of potential time, not runtime. This saves time and resources attacks. Automated threat intelligence uses and makes the code more error-resistant. machine learning and AI to identify and respond  No garbage collection. Rust does not use garbage to threats more effectively [22]. collection, which gives developers more control over memory. This can lead to more economical Challenges and Solutions: memory usage and better performance.  Data Privacy and Compliance: Ensuring data Nguyen and Pham (2023) highlighted that secure privacy and compliance with regulatory programming practices for embedded systems, with a focus requirements is a major challenge in cloud on memory safety, can greatly benefit from languages like environments. Organizations must implement Rust, especially for SCADA and IIoT applications [18]. robust data protection measures and ensure compliance with standards such as GDPR, HIPAA, 3.4. Security in cloud infrastructures and NIST. Regular audits and compliance checks are necessary to maintain adherence to these A comprehensive approach to developing and maintaining regulations. secure cloud infrastructures is essential for modern  Integration with Legacy Systems: Integrating enterprises, including those utilizing SCADA and IIoT cloud-based solutions with existing legacy systems. Ensuring security in cloud environments involves SCADA and IIoT systems can be complex. multiple layers of protection, including secure configuration Organizations need to ensure that security of services, continuous monitoring, and the implementation measures are compatible with both old and new of advanced security practices [19]. This approach helps systems to prevent potential vulnerabilities. This mitigate risks associated with data breaches and may involve updating legacy systems or using unauthorized access in cloud-based systems. middleware solutions to facilitate secure Connection to SCADA and IIoT Systems: SCADA and integration [23]. IIoT devices are increasingly being integrated into cloud infrastructures to enhance their functionality and  Cost and Resource Management: scalability. By leveraging cloud services, these devices can Implementing comprehensive security measures benefit from advanced analytics, remote monitoring, and in the cloud can be resource-intensive and costly. improved data storage capabilities. However, this Organizations must balance the cost of security integration also introduces new security challenges. solutions with the potential risks and impacts of Ensuring the security of cloud-based SCADA and IIoT security breaches. Investing in scalable and systems is crucial to protect against potential cyber threats efficient security tools can help manage costs that could exploit vulnerabilities in the cloud infrastructure. while ensuring robust protection [24]. Key Security Measures: In conclusion, securing cloud infrastructures is integral to the overall security of SCADA and IIoT systems. By  Secure Configuration: Proper configuration of adopting a layered security approach, implementing cloud services is essential to prevent unauthorized continuous monitoring, and leveraging advanced security access. This includes setting up strong practices, organizations can significantly enhance the authentication mechanisms, implementing role- resilience of their cloud-based SCADA and IIoT systems based access control, and ensuring that all data is against cyber threats. The following section will encrypted both in transit and at rest. demonstrate the effectiveness of various approaches in Misconfigurations can lead to significant security preventing memory problems. breaches, as seen in numerous high-profile attacks [20].  Continuous Monitoring: Implementing continuous monitoring solutions helps detect and 37 4. Analyzing the effectiveness of risk of incorrect integration and misuse of the analyzer or sanitizer [25]. methods to prevent memory Also, most professional analyzers and sanitizers are not management problems free, which in turn imposes certain restrictions on the development of projects with a small budget. For example, The main disadvantage of static analyzers and sanitizers is let’s consider one of the most popular code analyzers sonar, that these tools need to be integrated with the existing code this tool has different tariff plans, but most companies base. That is, software developers need to research and choose the Enterprise plan [26]. integrate these tools into the project. In addition, there is a Figure 3: Different tariffs provided by Sonar According to the tariff plans, the cost of using code part of developers, and the use of the Rust language is free, analyzers can vary from several hundred to hundreds of which makes this approach quite optimal. thousands of dollars per year. Fig. 4 shows a C++ program that simulates a buffer Tools such as sanitizers and static code analyzers help overflow. This program creates an array of five elements of to improve code quality and prevent other known problems type uint32_t (this is an unsigned integer that takes 32 bits), quite significantly. Nevertheless, the most reliable way to and all elements of the array are initialized to 0. After that, deal with memory usage issues is to use the Rust the program iterates over this array, but the iteration programming language and similar ones. In addition, this interval was chosen incorrectly and the program will go approach does not require any additional settings on the beyond the buffer. Figure 4: An example of a program to overflow a buffer This program compiles successfully. But there is an error in only 5 elements are needed. The resulting values from the it, the loop will iterate over an array of 13 elements when execution of this program are shown in Fig. 5. 38 Figure 5: The result of the program execution Fig. 5 shows that the first 5 elements of the array are zeros, reproduce. This can lead to lengthy debugging sessions and but the sixth element (at index 5) has a value of 32765. delayed release cycles, which can be particularly Further iterations also show other numbers. If you look at problematic in time-sensitive applications [27]. the code listing more closely, you will see that there is no Rust’s ownership model and borrowing system make it mention of these numbers. That is, it has just been virtually impossible to introduce many of these common demonstrated how the program went beyond the buffer and memory-related errors, which is one of the reasons it has accessed data that is outside the executing context. become a popular choice for system programming [28]. Along with causing crashes and other problems, these Similar approaches are described in [29-32] errors can also create security vulnerabilities that can be Using the Rust programming language (Fig. 6) makes it exploited by attackers to gain unauthorized access to the impossible to prevent buffer overflows and access to other system. Debugging memory-related errors can be difficult data, as demonstrated in Fig. 4. The results are shown in because they often result in subtle errors that are difficult to Fig. 7. Figure 6: Rust code sample for buffer overflow Figure 7: The result of executing the Rust code for a buffer overflow 39 From Fig. 7, it is clear that the program crashed without degradation, and a more comprehensive approach is needed allowing it to go beyond the buffer, thus making it to solve other memory-related problems. Despite these impossible to access other information, unlike what limitations, Rust remains a powerful language for system happened when executing the C++ program, the results of programming, and its memory protection features provide which are shown in Fig. 5. a significant advantage over many other programming While Rust’s approach to memory safety offers many languages and significantly help improve cybersecurity. advantages, there are also some drawbacks and limitations that should be considered. One potential limitation is that References Rust’s ownership and borrowing system can be difficult to understand for developers who have not worked with it [1] Data Driven Security Hardening in Android. URL: before. This can make writing Rust code more difficult than https://security.googleblog.com/2021/01/data-driven- languages with simpler memory models, such as Python or security-hardening-in.html JavaScript. [2] A Proactive Approach to More Secure Code. URL: Although Rust’s ownership system enhances code https://msrc.microsoft.com/blog/2019/07/a-proactive- safety, it can also complicate working with cyclic data approach-to-more-secure-code/ structures. This can lead to a 20–30% increase in the time [3] Memory Safety. URL: https://www.chromium.org/ required to write and debug such code. Rust’s memory Home/chromium-security/memory-safety/ safety features, which make the code more resistant to [4] P. Oorschot, Memory Errors and Memory Safety: C as errors, slightly reduce its performance. The performance a Case Study, IEEE Security & Privacy 21 (2023) 70– loss can reach 5–10% compared to C/C++ code. It is 76. doi: 10.1109/MSEC.2023.3236542. important to remember that Rust does not guarantee 100% [5] H. Altaleb, Z. Rajnai, A Comprehensive Analysis and security. Incorrect code can bypass the system’s guarantees, Solutions for Enhancing SCADA Systems Security in and vulnerabilities in third-party libraries remain Critical Infrastructures, IEEE 11th International dangerous. Conference on Computational Cybernetics and Cyber-Medical Systems (ICCC) (2024). doi: 10.1109/ICCC62278. 2024.10582956. 5. Conclusions [6] M. Fall, et al., Enhancing SCADA System Security Dynamic memory errors pose a significant cybersecurity (2020) 830–833. doi: 10.1109/MWSCAS48704.2020. threat. Attackers are actively exploiting such vulnerabilities 9184532. to steal data, disrupt systems, and commit other criminal [7] Project Zero. URL: acts. The damage they cause is estimated at several tens of https://googleprojectzero.blogspot.com/2022/04/the- billions of dollars, and reputational losses are manifested more-you-know-more-you-know-you.html long after the cyberattack and may result in further lawsuits [8] Memory Unsafety in Apple's Operating Systems. URL: and compensation. https://langui.sh/2019/ 07/23/apple-memory-safety/ The safe programming practices described here can [9] D. Shevchuk, et al., Designing Secured Services for prevent memory issues. However, it should be noted that Authentication, Authorization, and Accounting of none of them is universal and it is better to use a Users, in: Cybersecurity Providing in Information and combination of them for maximum protection. Telecommunication Systems II, vol. 3550 (2023) 217– To prevent and reduce the negative impact of dynamic 225. memory management, the best solution is to use a [10] Y. Martseniuk, et al., Automated Conformity comprehensive approach that includes the following: Verification Concept for Cloud Security, in: Use of safe programming languages. Cybersecurity Providing in Information and Use of sanitizers. Telecommunication Systems, vol. 3654 (2024) 25–37. Static code analysis. [11] National Vulnerability Database. URL: Professional development of developers. https://nvd.nist.gov/vuln/detail/CVE-2021-45046 This paper has demonstrated a memory buffer overflow [12] The Heartbleed Bug. URL: https://heartbleed.com/ vulnerability associated with a violation of security rules [13] P. Oorschot, Memory Errors and Memory Safety: A when working with it. The results were obtained using the Look at Java and Rust, IEEE Security & Privacy 21 C++ language, which is one of the most commonly used (2023) 62–68. doi: 10.1109/MSEC.2023.3249719. languages for writing applications for SCADA and IIoT [14] S. Yevseiev, et al. Models of Socio-Cyber-Physical devices. Systems Security: monograph, PC TECHNOLOGY As an optimization and solution to such vulnerabilities, CENTER. (2023). doi: 10.15587/978-617-7319-72-5. it was proposed to use the Rust language. This helped to [15] H. Kim, J. Lee, Enhancing SCADA Security with avoid errors related to memory management. The Advanced Memory Management Techniques, Int. J. peculiarity of using this language helped to avoid the Critical Infrastruct. Prot. 38 (2024) 100493. vulnerability described above by preventing memory buffer [16] G. Saileshwar, et al., HeapCheck: Low-cost Hardware overruns. Rust mechanisms help to avoid a dozen more Support for Memory Safety, ACM Transactions on memory management vulnerabilities. Architecture and Code Optimization 19 (2022) 1–24. In general, although Rust’s approach to memory safety doi: 10.1145/3495152. provides many advantages, it is important to note its [17] S. Rajasekaran, V. Kumar, Mitigating Memory limitations and potential drawbacks. Rust’s memory safety Vulnerabilities in IoT Systems: Best Practices and features can sometimes lead to some performance 40 Case Studies, Future Generation Comput. Syst. 137 (2024) 146–159. [18] J. Zhou, R. Liu, Cybersecurity in Industrial Control Systems: A Survey, IEEE Transactions on Industrial Informatics 19(3) (2023) 1621–1632. [19] F. Lomio, S. Moreschini, V. Lenarduzzi, A Machine and Deep Learning analysis among SonarQube rules, Product, and Process Metrics for Faults Prediction, Empirical Software Eng. 27 (2022). doi: 10.1007/s10664-022-10164-z. [20] V. Khoma, et al., Comprehensive Approach for Developing an Enterprise Cloud Infrastructure, in: CEUR Workshop Proceedings, vol. 3654 (2024) 201– 215. [21] T. Nguyen, D. Pham, Secure Programming Practices for Embedded Systems: A Focus on Memory Safety, Embedded Systems Letters 15(4), (2023) 145–150. [22] D. Schmidt, Pattern-Oriented Software Architecture: Patterns for Concurrent and Networked Objects. Volume 2. Wiley (2006). [23] Sonar. URL: https://www.sonarsource.com/plans- and-pricing/ [24] S. Zhang, et al., A Survey of Memory Management Techniques in Embedded Systems, ACM Computing Surveys 55(2) (2022). [25] M. Jones, P. Smith, Advancements in Secure Memory Management for Critical Systems, J. Syst. Archit. 121 (2023) 102384. [26] S. Turner, D. Harris, A Comprehensive Review of Memory Safety Mechanisms in IoT Devices, Sensors, 23(6) (2023) 1428. [27] L. Zhang, Y. Wang, Static and Dynamic Analysis Tools for Memory Safety: A Comparative Study, Software: Practice and Experience 53(7) (2023) 1298–1312. [28] K. Huang, et al., Comprehensive Memory Safety Validation: An Alternative Approach to Memory Safety, IEEE Security & Privacy (2024) 2–11. doi: 10.1109/MSEC.2024.3379947. [29] O. Solomentsev, et al., Data Processing Method for Deterioration Detection during Radio Equipment Operation, IEEE Microwave Theory and Techniques in Wireless Communications, MTTW (2019) 1–4. [30] O. Solomentsev, M. Zaliskyi, Correlated Failures Analysis in Navigation System, IEEE 5th International Conference on Methods and Systems of Navigation and Motion Control, MSNMC 2018 – Proceedings (2018) 123–126. [31] O. Solomentsev, et al., Efficiency of operational data processing for radio electronic equipment, Aviation 23(3) (2020) 71–77. [32] O. Solomentsev, et al., Efficiency of data processing for UAV operation system, IEEE 4th International Conference on Actual Problems of Unmanned Aerial Vehicles Developments, APUAVD 2017 - Proceedings (2018) 27–31. 41