On PLC network security

Asem Ghaleb, Sami Zhioua*, Ahmad Almulhem

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

30 Scopus citations


Programmable Logic Controller (PLC) is an important component in modern Industrial Control Systems (ICS) particular in Supervisory Control and Data Acquisition (SCADA) systems. Disturbing the normal operation of PLCs can lead to significant damages ranging from minor annoyance to large scale incidents threatening the life of people. While most of existing work in the SCADA security literature focuses on the communication between PLCs and field devices, this paper presents a network security analysis of the communication between PLCs and the engineering stations in charge of setting up and configuring them. Interestingly, this aspect of SCADA security was exploited by the most famous SCADA attack, namely, Stuxnet. Using a testbed with a common PLC device, we successfully carried out three network attacks leading to serious compromise of typical PLCs.

Original languageEnglish
Pages (from-to)62-69
Number of pages8
JournalInternational Journal of Critical Infrastructure Protection
StatePublished - Sep 2018

Bibliographical note

Funding Information:
The authors would like to acknowledge the support of the National Science, Technology and Innovation Plan (NSTIP) under project number 13-INF281-04 .

Publisher Copyright:
© 2018 Elsevier B.V.


  • Industrial Control Systems Security
  • SCADA Security

ASJC Scopus subject areas

  • Modeling and Simulation
  • Safety, Risk, Reliability and Quality
  • Computer Science Applications
  • Information Systems and Management


Dive into the research topics of 'On PLC network security'. Together they form a unique fingerprint.

Cite this