Security company Claroty announced its availability this week AccessDB Parser, an open source tool that allows researchers analyze database files Microsoft Access related to applications SCADA.
The tool was designed to help scan its DB application more efficiently Claroty Continuous Threat Detection (CTD), which was developed to provide a non-intrusive way of identifying and managing data in OT networks, through the analysis of configuration files and other data related to industrial control systems (ICS).
AccessDB Parser allows users easily automate the process of reading and analyzing any Access .mdb or .accdb Access database file.
Uri Katz, a senior researcher at Claroty, provided some additional information about the tool: "Project files usually contain important information about the SCADA environment, including data in network, the programs that run these components and some data configuration in relation to these elements. "
As Katz pointed out, each SCADA project has a different configuration, since some suppliers use a well-known and well-documented file structure, while others prefer to develop a proprietary binary structure.
"However, we have found that many vendors such as Rockwell and Schneider, in some of their SCADA applications, specifically use the AccessDB (mdb) database format to store the information required for project files. "By providing an AccessDB analysis program, we help the community in depth to analyze and extract relevant information from these project files," said the researcher.
Claroty has released the AccessDB Parser source code on GitHub and created a video showing how it works.