Unprotected supervisory control and data acquisition (SCADA) systems offer promising targets to potential attackers. Field devices, such as programmable logic controllers (PLCs), are of particular concern because they...
详细信息
Unprotected supervisory control and data acquisition (SCADA) systems offer promising targets to potential attackers. Field devices, such as programmable logic controllers (PLCs), are of particular concern because they directly monitor and control industrial processes. Although attacks targeting SCADA systems have increased, relatively little research has focused on exploring the vulnerabilities directly associated with the exploitation of field devices. Attacks such as Stuxnet have targeted operating characteristics, but not low-level firmware code. As attacks increase in sophistication, it is reasonable to expect increased exploitation of the field device firmware. This paper examines the feasibility of modifying PLC firmware to execute remotely-triggered attacks. A general method is used to reverse engineer the firmware to determine its structure. After the structure is understood, the firmware is modified to add an exploitable feature that can remotely disable a PLC. The attacks described in this paper utilize a variety of triggers and leverage existing functions to exploit PLCs. Important segments of the firmware are described to demonstrate how they can be used in attack development. Finally, design recommendations are suggested to help mitigate potential weaknesses in future firmware development. Published by Elsevier B.V.
The MTS method (net transformation method) of synthesis of sequential control systems of discrete manufacturing processes is presented in this paper. The procedure for designing the diagram equation of a sequential sy...
详细信息
The MTS method (net transformation method) of synthesis of sequential control systems of discrete manufacturing processes is presented in this paper. The procedure for designing the diagram equation of a sequential system has been discussed. Principles of realization of control-system memory have been formulated. It has been proved that the diagram equation provides the basis for recording, by means of a ladder logic language, an application for a programmablelogic controller (PLC). The use of the MTS method for modelling discrete processes and programming PLCs has been illustrated by an example of the automation of a selected discrete technological process. (C) 1998 Elsevier Science Ltd. All rights reserved.
Advances in the processing power and efficiency of computers have led to the proliferation of information technology (IT) systems in nearly every aspect of our daily lives. The pervasiveness and reliance on IT systems...
详细信息
Advances in the processing power and efficiency of computers have led to the proliferation of information technology (IT) systems in nearly every aspect of our daily lives. The pervasiveness and reliance on IT systems, however, have increased the susceptibility to cyber attacks. This is of particular concern with regard to supervisory control and data acquisition (SCADA) systems in the critical infrastructure. Compromises of SCADA systems - in particular, the programmable logic controllers (PLCs) used as field devices to control and monitor remote processes - could have devastating consequences. However, because of their limited onboard computing resources (e.g., processing power and memory), conventional bit-level IT security mechanisms are not well suited to safeguarding PLCs. This paper describes a methodology for detecting anomalous operations of PLCs. The methodology uses information extracted from radio frequency (RF) features to identify changes in operating characteristics due to malicious actions or system failure. The experimental results demonstrate the utility of the RF-based anomaly detection methodology for PLC verification. (C) 2012 Published by Elsevier B.V.
Recent attacks on industrial control systems, such as the highly publicized Stuxnet malware, have intensified a "race to the bottom" where lower-level attacks have a tactical advantage. programmablelogic co...
详细信息
Recent attacks on industrial control systems, such as the highly publicized Stuxnet malware, have intensified a "race to the bottom" where lower-level attacks have a tactical advantage. programmablelogic controller (PLC) firmware, which provides a software-driven interface between system inputs and physical outputs, can be easily modified at the user level. Efforts directed at protecting against firmware modification are hindered by the lack of foundational research about attack development and implementation. This paper examines the vulnerability of PLCs to intentional firmware modifications in order to obtain a better understanding of the threats posed by PLC firmware modification attacks and the feasibility of these attacks. A general firmware analysis methodology is presented, and a proof-of-concept experiment is used to demonstrate how legitimate firmware can be updated and uploaded to an Allen-Bradley ControlLogix L61 PLC. Published by Elsevier B.V.
programmable logic controllers (PLCs) are massively used as the central processing control units in industrial automation solutions. Unfortunately, the lack of performance of these controllers requires coupling specif...
详细信息
programmable logic controllers (PLCs) are massively used as the central processing control units in industrial automation solutions. Unfortunately, the lack of performance of these controllers requires coupling specific drivers to the PLCs to enable deterministic response in time-sensitive real-time applications, thus reducing the importance of the PLCs in the entire automation systems. Current solutions do not focus on PLC performance, and it is, therefore, safer to use the design pattern with these specific drivers when required. This situation does not give PLC users of those solutions full control of the provided automation and, consequently, it increases the price of the entire system, as well as the need for spare parts. To put PLCs back as central processing units of industrial automation technology and to reduce the need for specific drivers, this work proposes a novel architecture with enhanced improvements based mainly on the concepts of data flow computation and memoization technique to boost PLC performance. Evaluations made on the proposed design demonstrate a reduction of 95% in the proposed architecture's scan time and show significant performance boost even in small-scale, didactic and straightforward examples. Moreover, the experimental evaluations also have demonstrated the potential for continued performance improvement with the increase of the program size.
A special purpose RISC (reduced instruction set computer) microprocessor for programmable logic controllers (PLC), named PLCRISC, is proposed. To develop an optimal PLCRISC, we analysed existing PLC programs currently...
详细信息
A special purpose RISC (reduced instruction set computer) microprocessor for programmable logic controllers (PLC), named PLCRISC, is proposed. To develop an optimal PLCRISC, we analysed existing PLC programs currently used in factories, with special attention to the instruction execution characteristics and features required for a high performance PLC processor. Based on this analysis, an optimal RISC-style instruction set and an architecture suitable for the required features are suggested. In particular, the instruction format, the instruction pipeline, and the detailed internal architecture are the significant characteristics of the proposed PLCRISC. The performance enhancement achieved with a PLCRISC is seen from a straightforward evaluation. ASIC implementation with VHDL is also discussed. The PLCRISC is under fabrication in a 0.8 mu m CMOS technology.
In this paper the development and use of multimedia-based courseware to support teaching and undergraduate laboratory sessions in the subject area of programmablelogic control are discussed. The multimedia-based cour...
详细信息
In this paper the development and use of multimedia-based courseware to support teaching and undergraduate laboratory sessions in the subject area of programmablelogic control are discussed. The multimedia-based courseware described is designed to be used by undergraduate students meeting programmable logic controllers (PLCs) for the first time. Two developed prototype multimedia packages are described.
This paper deals with the synthesis of a suboptimal controller based on the solution of the algebraic Riccati equation (ARE). The numerical procedure for obtaining the solution is presented. In applications the contro...
详细信息
This paper deals with the synthesis of a suboptimal controller based on the solution of the algebraic Riccati equation (ARE). The numerical procedure for obtaining the solution is presented. In applications the controlled system parameters often differ from the ones used in the ARE. In this case the optimality of the control system and even its stability are questionable. Therefore, it would be very useful to design an adaptive linear suboptimal controller Such a controller should be able to detect changes in the system parameters and adjust its parameters. (C) 2006 Journal of Mechanical Engineering. All rights reserved.
Thanks to the development of education and internet technologies, two-dimensional educational environments such as internet pages in distance education are starting to leave their places to three-dimensional virtual w...
详细信息
programmable logic controllers (PLCs) are indispensable in critical infrastructures and industrial control systems. The increasing demand for enhanced cost-effectiveness and production efficiency has driven automation...
详细信息
programmable logic controllers (PLCs) are indispensable in critical infrastructures and industrial control systems. The increasing demand for enhanced cost-effectiveness and production efficiency has driven automation manufacturers to integrate PLC-based applications and systems with external networks, such as Internet. Unfortunately, this connectivity has exposed systems to potential malicious attacks from motivated adversaries. Addressing this pressing issue necessitates a comprehensive summary of ongoing research related to PLCs and their related systems. This summary should classify these systems based on disclosed vulnerabilities, potential threats, and proposed security solutions, catering to both scientists and industrial engineers. While several recent surveys have reviewed and discussed PLC security and related topics, they often fell short of covering all essential aspects comprehensively. Furthermore, prior surveys tended to focus on analyzing vulnerabilities at the system level, overlooking the vulnerabilities specific to PLCs themselves. Consequently, their findings failed to effectively secure current operational systems or propose improved solutions for future PLC designs. In this article, we bridge this research gap by providing a detailed review of all aspects concerning the security of PLCs and related systems. This includes vulnerabilities, potential attacks, and security solutions including digital forensics. We aim to offer a precise analysis, addressing the shortcomings of previous studies. Finally, we conclude this article by presenting our recommendations tailored for PLC manufacturers, researchers, and engineers. We hope that these recommendations will contribute to the development of more secure PLCs in the future.
暂无评论