programmable logic controllers (PLCs) constitute the basis of Industrial Control Systems (ICSs) underpinning sectors ranging from nuclear, up to energy and manufacturing. Currently, PLC vulnerability assessment practi...
详细信息
programmable logic controllers (PLCs) constitute the basis of Industrial Control Systems (ICSs) underpinning sectors ranging from nuclear, up to energy and manufacturing. Currently, PLC vulnerability assessment practices employed by ICS operators are limited due to their reliance on empirical observations of visible code crashes prompted by PLC compilers. In parallel, the prevalent PLC firmware dependency on proprietary vendor routines restricts the composition of generic vulnerability detection or discovery schemes for zero-day threat vectors. In this work, we propose Sizzler: a novel vendor-independent vulnerability discovery framework specific to PLC applications operating with logic realised through ladder diagrams. Sizzler extends the current state of the art by proposing the optimal synergy of a mutation-based fuzzing strategy using Sequential Generative Adversarial Network (SeqGAN). By virtue of critical vendor restrictions on emulating PLC firmware, we also refine the Quick Emulator (QEMU)'s General Purpose I/O (GPIO) and the Inter-Integrated Circuit (I2C) protocols to evaluate and compare Sizzler across 30 PLC ladder diagram programs compiled from LDmicro and OpenPLC projects over five widely used Micro-Controller Units (MCUs). It is noteworthy that Sizzler has successfully identified vulnerabilities in ladder diagrams within a relatively short time frame based on our proprietary dataset and secured a CVE-ID. Moreover, through a comparison of Sizzler with prevalent fuzzing techniques over the commonly used Magma and LAVA-M datasets we exhibit its wider applicability on embedded systems and identify its limitations.
The Digital Twin allows the merging of the physical and virtual worlds, having many applications in design and manufacturing. While the Digital Twin conceptual foundations are well developed, and fundamental integrati...
详细信息
The Digital Twin allows the merging of the physical and virtual worlds, having many applications in design and manufacturing. While the Digital Twin conceptual foundations are well developed, and fundamental integration technology is available, there is a gap related to generally applicable Digital Twin implementation approaches. Motivated by this, the paper presents a novel Digital Twin design and implementation approach that considers standard industrial automation technologies. The proposed approach relies on a solution architecture positioning programmable logic controllers (PLC) as a central element for Digital Twin deployment for industrial applications. The solution architecture enables a direct connection between the PLC and the Digital Twin platform. The proposal was applied to implement a pneumatic crane for remote operation based on Digital Twin. The assessment demonstrates adequacy in describing implementation activities independently of the specific equipment features, indicating an opportunity for extension to other cases and situations. Thus, the proposed Digital Twin implementation approach can serve as a case reference to support Digital Twin dissemination in practice.
Our modern society relies on important utility infrastructures such as water treatment plants and electric energy distribution grids. These infrastructures are managed by Industrial Control Systems (ICS), which includ...
详细信息
ISBN:
(纸本)9798400712265
Our modern society relies on important utility infrastructures such as water treatment plants and electric energy distribution grids. These infrastructures are managed by Industrial Control Systems (ICS), which include devices such as sensors, actuators and programmable logic controllers (PLCs). PLCs are a key component of ICS as they serve as a bridge connecting the cyber and physical worlds. A cyberattack on a PLC could have disastrous real-world consequences, such as longstanding energy blackouts. Researchers have produced a plethora of security defenses in order to safeguard PLCs from cyberattacks, e.g., PLC-specific Intrusion Detection Systems (IDS). However, most of these defenses report incomplete or no performance evaluation metrics. Worse, the defenses that do report metrics evaluate them in an, ad-hoc way without providing details. As a consequence, PLC defenses cannot be compared or built upon, which is one of the main ways science progresses. It also makes it difficult to assess the effectiveness of such defenses against attacks. In this paper, we propose a standard set of performance evaluation metrics designed specifically for PLC security defenses. We propose three types of metrics: security, overhead, and effectiveness metrics. We then lay out what are the challenges faced when collecting these metrics, e.g., the heterogeneity of PLC architectures, and provide recommendations on how these challenges can be addressed to obtain accurate metrics. Obtaining and reporting these metrics will enable researchers to move PLC security research forward ultimately improving the security of ICS and our critical infrastructure.
programmable logic controllers (PLCs) constitute the functioning basis of Industrial Control Systems (ICS) and hence are often a focal point for attackers to exploit. Previous attacks have seen PLC memory maliciously ...
详细信息
programmable logic controllers (PLCs) constitute the functioning basis of Industrial Control Systems (ICS) and hence are often a focal point for attackers to exploit. Previous attacks have seen PLC memory maliciously altered in order to disrupt the underlying physical process. Different types of memory attack can cause a similar impact on the PLC's operation and result in indistinguishable physical manifestations. Consequently, delays in triaging attacks through digital forensic practices can induce significant financial loss, physical damage to the infrastructure, and degradation of safety. In this work, we propose PLCPrint, a novel vendor-independent fingerprinting approach that utilises PLC memory artefacts to perform detection and classification of memory attacks. PLCPrint uses PLC memory register mapping, a novel method exploiting the relationship between PLC registers and memory artefacts including the PLC application code. Through this, registers are assigned a Mapping Condition (MC) to indicate how they exist within the PLC memory artefacts. We evaluate the performance of PLCPrint over realistic emulations conducted at a real testbed emulating water filtration and distribution. Through PLCPrint we depict how MC deviations are utilised within supervised learning schemes such as to adequately classify PLC memory attacks with high accuracy performance. In general, we demonstrate that PLCPrint fills the gap in the context of attack technique triaging since this has been a missing element within current ICS forensics schemes.
programmable logic controllers (PLCs) drive industrial processes critical to society, for example, water treatment and distribution, electricity and fuel networks. Search engines, e.g., Shodan have highlighted that PL...
详细信息
ISBN:
(纸本)9798400717963
programmable logic controllers (PLCs) drive industrial processes critical to society, for example, water treatment and distribution, electricity and fuel networks. Search engines, e.g., Shodan have highlighted that PLCs are often left exposed to the Internet, one of the main reasons being the misconfigurations of security settings. This leads to the question - why do these misconfigurations occur and, specifically, whether usability of security controls plays a part? To date, the usability of configuring PLC security mechanisms has not been studied. We present the first investigation through a task-based study and subsequent semi-structured interviews (N=19). We explore the usability of PLC connection configurations and two key security mechanisms (i.e., access levels and user administration). We find that the use of unfamiliar labels, layouts and misleading terminology exacerbates an already complex process of configuring security mechanisms. Our results uncover various (mis-) perceptions about the security controls and how design constraints, e.g., safety and lack of regular updates due to long term nature of such systems, provide significant challenges to realization of modern HCI and usability principles. Based on these findings, we provide design recommendations to bring usable security in industrial settings at par with its IT counterpart.
programmable logic controllers (PLCs) are indispensable in critical infrastructures and industrial control systems. The increasing demand for enhanced cost-effectiveness and production efficiency has driven automation...
详细信息
programmable logic controllers (PLCs) are indispensable in critical infrastructures and industrial control systems. The increasing demand for enhanced cost-effectiveness and production efficiency has driven automation manufacturers to integrate PLC-based applications and systems with external networks, such as Internet. Unfortunately, this connectivity has exposed systems to potential malicious attacks from motivated adversaries. Addressing this pressing issue necessitates a comprehensive summary of ongoing research related to PLCs and their related systems. This summary should classify these systems based on disclosed vulnerabilities, potential threats, and proposed security solutions, catering to both scientists and industrial engineers. While several recent surveys have reviewed and discussed PLC security and related topics, they often fell short of covering all essential aspects comprehensively. Furthermore, prior surveys tended to focus on analyzing vulnerabilities at the system level, overlooking the vulnerabilities specific to PLCs themselves. Consequently, their findings failed to effectively secure current operational systems or propose improved solutions for future PLC designs. In this article, we bridge this research gap by providing a detailed review of all aspects concerning the security of PLCs and related systems. This includes vulnerabilities, potential attacks, and security solutions including digital forensics. We aim to offer a precise analysis, addressing the shortcomings of previous studies. Finally, we conclude this article by presenting our recommendations tailored for PLC manufacturers, researchers, and engineers. We hope that these recommendations will contribute to the development of more secure PLCs in the future.
The paper presents the design process of a control system for a line which manufactures metallic parts for the automotive industry. The manufacturing line is designed so that it can produce several product models. The...
详细信息
The paper presents the design process of a control system for a line which manufactures metallic parts for the automotive industry. The manufacturing line is designed so that it can produce several product models. The control system, based on a programmablelogic controller (PLC), is designed to allow on-the-fly reconfiguration of the line based on the recipe selected by the operator. Equally, the hardware configuration and the PLC program allow the further development of the manufacturing line by adding new stations (and obviously new recipes). By incorporating into the control system modular programming techniques, a large amount of safety measures, tools necessary to ensure product traceability and a modern human-machine interface (HMI), the design ensures high efficiency of the manufacturing line, a high level of safety of the operators and of the plant, compliance with current quality requirements and the possibility to expand the line for extending the product range without considerable effort.
programmable logic controllers (PLCs) are used extensively in manufacturing to control and manage processes. The data from PLC systems can provide useful information for manufacturers looking to model processes, analy...
详细信息
In locomotive garages, cleaning of cars is primarily done by hand, which results in the wastage of water, use of man power and wastage of time. To address this challenge, the paper presents the concept of automated ca...
详细信息
The Industrial Internet has emerged as a key technology in the field of industrial automation, revolutionizing traditional manufacturing processes and enabling advanced control systems by integrating machines, sensors...
详细信息
暂无评论