Programmable Logic Controller (PLC) is an important component in modern Industrial Control Systems (ICS) particular in Supervisory Control and Data Acquisition (SCADA) systems. Disturbing the normal operation of PLCs can lead to significant damages ranging from minor annoyance to large scale incidents threatening the life of people. While most of existing work in the SCADA security literature focuses on the communication between PLCs and field devices, this paper presents a network security analysis of the communication between PLCs and the engineering stations in charge of setting up and configuring them. Interestingly, this aspect of SCADA security was exploited by the most famous SCADA attack, namely, Stuxnet. Using a testbed with a common PLC device, we successfully carried out three network attacks leading to serious compromise of typical PLCs.
|Number of pages||8|
|Journal||International Journal of Critical Infrastructure Protection|
|State||Published - Sep 2018|
Bibliographical noteFunding Information:
The authors would like to acknowledge the support of the National Science, Technology and Innovation Plan (NSTIP) under project number 13-INF281-04 .
© 2018 Elsevier B.V.
- Industrial Control Systems Security
- SCADA Security
ASJC Scopus subject areas
- Modeling and Simulation
- Safety, Risk, Reliability and Quality
- Computer Science Applications
- Information Systems and Management