On PLC network security

Asem Ghaleb; Sami Zhioua; Ahmad Almulhem

doi:10.1016/j.ijcip.2018.05.004

On PLC network security

Asem Ghaleb, Sami Zhioua^*, Ahmad Almulhem

^*Corresponding author for this work

Research output: Contribution to journal › Article › peer-review

30 Scopus citations

Abstract

Programmable Logic Controller (PLC) is an important component in modern Industrial Control Systems (ICS) particular in Supervisory Control and Data Acquisition (SCADA) systems. Disturbing the normal operation of PLCs can lead to significant damages ranging from minor annoyance to large scale incidents threatening the life of people. While most of existing work in the SCADA security literature focuses on the communication between PLCs and field devices, this paper presents a network security analysis of the communication between PLCs and the engineering stations in charge of setting up and configuring them. Interestingly, this aspect of SCADA security was exploited by the most famous SCADA attack, namely, Stuxnet. Using a testbed with a common PLC device, we successfully carried out three network attacks leading to serious compromise of typical PLCs.

Original language	English
Pages (from-to)	62-69
Number of pages	8
Journal	International Journal of Critical Infrastructure Protection
Volume	22
DOIs	https://doi.org/10.1016/j.ijcip.2018.05.004
State	Published - Sep 2018

Bibliographical note

Funding Information:
The authors would like to acknowledge the support of the National Science, Technology and Innovation Plan (NSTIP) under project number 13-INF281-04 .

Publisher Copyright:
© 2018 Elsevier B.V.

Keywords

Industrial Control Systems Security
SCADA Security

ASJC Scopus subject areas

Modeling and Simulation
Safety, Risk, Reliability and Quality
Computer Science Applications
Information Systems and Management

Access to Document

10.1016/j.ijcip.2018.05.004

Cite this

@article{cc84ff4ff20c46d395ffc640081fb397,

title = "On PLC network security",

abstract = "Programmable Logic Controller (PLC) is an important component in modern Industrial Control Systems (ICS) particular in Supervisory Control and Data Acquisition (SCADA) systems. Disturbing the normal operation of PLCs can lead to significant damages ranging from minor annoyance to large scale incidents threatening the life of people. While most of existing work in the SCADA security literature focuses on the communication between PLCs and field devices, this paper presents a network security analysis of the communication between PLCs and the engineering stations in charge of setting up and configuring them. Interestingly, this aspect of SCADA security was exploited by the most famous SCADA attack, namely, Stuxnet. Using a testbed with a common PLC device, we successfully carried out three network attacks leading to serious compromise of typical PLCs.",

keywords = "Industrial Control Systems Security, SCADA Security",

author = "Asem Ghaleb and Sami Zhioua and Ahmad Almulhem",

note = "Funding Information: The authors would like to acknowledge the support of the National Science, Technology and Innovation Plan (NSTIP) under project number 13-INF281-04 . Publisher Copyright: {\textcopyright} 2018 Elsevier B.V.",

year = "2018",

month = sep,

doi = "10.1016/j.ijcip.2018.05.004",

language = "English",

volume = "22",

pages = "62--69",

journal = "International Journal of Critical Infrastructure Protection",

issn = "1874-5482",

publisher = "Elsevier",

}

TY - JOUR

T1 - On PLC network security

AU - Ghaleb, Asem

AU - Zhioua, Sami

AU - Almulhem, Ahmad

N1 - Funding Information: The authors would like to acknowledge the support of the National Science, Technology and Innovation Plan (NSTIP) under project number 13-INF281-04 . Publisher Copyright: © 2018 Elsevier B.V.

PY - 2018/9

Y1 - 2018/9

N2 - Programmable Logic Controller (PLC) is an important component in modern Industrial Control Systems (ICS) particular in Supervisory Control and Data Acquisition (SCADA) systems. Disturbing the normal operation of PLCs can lead to significant damages ranging from minor annoyance to large scale incidents threatening the life of people. While most of existing work in the SCADA security literature focuses on the communication between PLCs and field devices, this paper presents a network security analysis of the communication between PLCs and the engineering stations in charge of setting up and configuring them. Interestingly, this aspect of SCADA security was exploited by the most famous SCADA attack, namely, Stuxnet. Using a testbed with a common PLC device, we successfully carried out three network attacks leading to serious compromise of typical PLCs.

AB - Programmable Logic Controller (PLC) is an important component in modern Industrial Control Systems (ICS) particular in Supervisory Control and Data Acquisition (SCADA) systems. Disturbing the normal operation of PLCs can lead to significant damages ranging from minor annoyance to large scale incidents threatening the life of people. While most of existing work in the SCADA security literature focuses on the communication between PLCs and field devices, this paper presents a network security analysis of the communication between PLCs and the engineering stations in charge of setting up and configuring them. Interestingly, this aspect of SCADA security was exploited by the most famous SCADA attack, namely, Stuxnet. Using a testbed with a common PLC device, we successfully carried out three network attacks leading to serious compromise of typical PLCs.

KW - Industrial Control Systems Security

KW - SCADA Security

UR - http://www.scopus.com/inward/record.url?scp=85050861553&partnerID=8YFLogxK

U2 - 10.1016/j.ijcip.2018.05.004

DO - 10.1016/j.ijcip.2018.05.004

M3 - Article

AN - SCOPUS:85050861553

SN - 1874-5482

VL - 22

SP - 62

EP - 69

JO - International Journal of Critical Infrastructure Protection

JF - International Journal of Critical Infrastructure Protection

ER -

On PLC network security

Abstract

Bibliographical note

Keywords

ASJC Scopus subject areas

Access to Document

Fingerprint

Cite this