On PLC network security

Asem Ghaleb; Sami Zhioua; Ahmad Almulhem

doi:10.1016/j.ijcip.2018.05.004

On PLC network security

Asem Ghaleb, Sami Zhioua, Ahmad Almulhem

King Fahd University of Petroleum and Minerals

Research output: Contribution to journal › Article › peer-review

Abstract

Programmable Logic Controller (PLC) is an important component in modern Industrial Control Systems (ICS) particular in Supervisory Control and Data Acquisition (SCADA) systems. Disturbing the normal operation of PLCs can lead to significant damages ranging from minor annoyance to large scale incidents threatening the life of people. While most of existing work in the SCADA security literature focuses on the communication between PLCs and field devices, this paper presents a network security analysis of the communication between PLCs and the engineering stations in charge of setting up and configuring them. Interestingly, this aspect of SCADA security was exploited by the most famous SCADA attack, namely, Stuxnet. Using a testbed with a common PLC device, we successfully carried out three network attacks leading to serious compromise of typical PLCs.

Original language	English
Pages (from-to)	62-69
Number of pages	8
Journal	International Journal of Critical Infrastructure Protection
Volume	22
DOIs	https://doi.org/10.1016/j.ijcip.2018.05.004
Publication status	Published - 1 Sept 2018
Externally published	Yes

Keywords

Industrial Control Systems Security
SCADA Security

Access to Document

10.1016/j.ijcip.2018.05.004

Cite this

@article{9c58403f14ce48eda8f8b0513fd708dd,

title = "On PLC network security",

abstract = "Programmable Logic Controller (PLC) is an important component in modern Industrial Control Systems (ICS) particular in Supervisory Control and Data Acquisition (SCADA) systems. Disturbing the normal operation of PLCs can lead to significant damages ranging from minor annoyance to large scale incidents threatening the life of people. While most of existing work in the SCADA security literature focuses on the communication between PLCs and field devices, this paper presents a network security analysis of the communication between PLCs and the engineering stations in charge of setting up and configuring them. Interestingly, this aspect of SCADA security was exploited by the most famous SCADA attack, namely, Stuxnet. Using a testbed with a common PLC device, we successfully carried out three network attacks leading to serious compromise of typical PLCs.",

keywords = "Industrial Control Systems Security, SCADA Security",

author = "Asem Ghaleb and Sami Zhioua and Ahmad Almulhem",

note = "Publisher Copyright: {\textcopyright} 2018 Elsevier B.V.",

year = "2018",

month = sep,

day = "1",

doi = "10.1016/j.ijcip.2018.05.004",

language = "English",

volume = "22",

pages = "62--69",

journal = "International Journal of Critical Infrastructure Protection",

issn = "1874-5482",

}

TY - JOUR

T1 - On PLC network security

AU - Ghaleb, Asem

AU - Zhioua, Sami

AU - Almulhem, Ahmad

PY - 2018/9/1

Y1 - 2018/9/1

N2 - Programmable Logic Controller (PLC) is an important component in modern Industrial Control Systems (ICS) particular in Supervisory Control and Data Acquisition (SCADA) systems. Disturbing the normal operation of PLCs can lead to significant damages ranging from minor annoyance to large scale incidents threatening the life of people. While most of existing work in the SCADA security literature focuses on the communication between PLCs and field devices, this paper presents a network security analysis of the communication between PLCs and the engineering stations in charge of setting up and configuring them. Interestingly, this aspect of SCADA security was exploited by the most famous SCADA attack, namely, Stuxnet. Using a testbed with a common PLC device, we successfully carried out three network attacks leading to serious compromise of typical PLCs.

AB - Programmable Logic Controller (PLC) is an important component in modern Industrial Control Systems (ICS) particular in Supervisory Control and Data Acquisition (SCADA) systems. Disturbing the normal operation of PLCs can lead to significant damages ranging from minor annoyance to large scale incidents threatening the life of people. While most of existing work in the SCADA security literature focuses on the communication between PLCs and field devices, this paper presents a network security analysis of the communication between PLCs and the engineering stations in charge of setting up and configuring them. Interestingly, this aspect of SCADA security was exploited by the most famous SCADA attack, namely, Stuxnet. Using a testbed with a common PLC device, we successfully carried out three network attacks leading to serious compromise of typical PLCs.

KW - Industrial Control Systems Security

KW - SCADA Security

U2 - 10.1016/j.ijcip.2018.05.004

DO - 10.1016/j.ijcip.2018.05.004

M3 - Article

AN - SCOPUS:85050861553

SN - 1874-5482

VL - 22

SP - 62

EP - 69

JO - International Journal of Critical Infrastructure Protection

JF - International Journal of Critical Infrastructure Protection

ER -

On PLC network security

Abstract

Keywords

Access to Document

Fingerprint

Cite this