In the power industry, electrical grids are undergoing a modernization into smart grids. The new smart grids integrate the electrical grid and information and communication technologies, such as software, automation, and information processing. While enabling remote communication with devices on the grid, putting the grid online also introduces some major problems, such as the risk of being the target of cyber attacks.
In this thesis, a security analysis is done of the Siemens SICAM CMIC CP-8000 remote terminal unit, used for remote monitoring and automation of electrical grids. Threat modeling was done to identify vulnerabilities in the system, followed by a penetration test of the web interface, used to configure the device, as well as some network attacks. During the penetration test, two cross-site scripting vulnerabilities were discovered, one of which could allow an unauthorized attacker to execute Javascript code in the victim's browser. It was also found that a user's login credentials are leaked in the browser console in cleartext when logging in.