Blog
About

303
views
0
recommends
+1 Recommend
1 collections
    4
    shares
      • Record: found
      • Abstract: found
      • Conference Proceedings: found
      Is Open Access

      Investigating Current PLC Security Issues Regarding Siemens S7 Communications and TIA Portal

      1 , 1

      5th International Symposium for ICS & SCADA Cyber Security Research 2018 (ICS-CSR 2018)

      ICS & SCADA Cyber Security Research

      29 - 30 August 2018

      Programmable Logic Controllers, PLC, cyber security

      Read this article at

      Bookmark
          There is no author summary for this article yet. Authors can add summaries to their articles on ScienceOpen to make them more accessible to a non-specialist audience.

          Abstract

          Programmable Logic Controllers (PLCs) are the essential components in many Industrial Control Systems that control physical processes. However, in recent years the security flaws of these devices have come under scrutiny, particularly since the widely discussed Stuxnet attack. To help the industry state-of-the-art to move forward and to provide information required to improve the security for these controllers, this work investigates potential exploits of the Siemens S7-1211C controllers and the Totally Integrated Automation (TIA) engineering software. Using Windbg and Scapy, the anti-replay mechanism of the Siemens proprietary communication protocol, S7CommPlus, and the Profinet Discovery and Basic Configuration Protocol are found to be vulnerable. Attacks like session stealing, phantom PLC, cross connecting controllers and denial of S7 connections are demonstrated. The lack of authentication and consequent exploitation of the S7-ACK packet, an application layer packet for the S7CommPlus protocol, is highlighted as a key issue in this investigation.

          Related collections

          Most cited references 16

          • Record: found
          • Abstract: not found
          • Article: not found

          From System Specification to Anomaly Detection (and back)

            Bookmark
            • Record: found
            • Abstract: not found
            • Article: not found

            PLC security and critical infrastructure protection

              Bookmark
              • Record: found
              • Abstract: not found
              • Article: not found

              Anomaly-based detection and classification of attacks in cyber-physical systems

                Bookmark

                Author and article information

                Contributors
                Conference
                August 2018
                August 2018
                : 67-73
                Affiliations
                [1 ]Centre for Secure Information Technologies (CSIT), Queen’s University Belfast
                Article
                10.14236/ewic/ICS2018.8
                © Hui et al. Published by BCS Learning and Development Ltd. Proceedings of ICS & SCADA 2018

                This work is licensed under a Creative Commons Attribution 4.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/

                5th International Symposium for ICS & SCADA Cyber Security Research 2018
                ICS-CSR 2018
                5
                University of Hamburg, Germany
                29 - 30 August 2018
                Electronic Workshops in Computing (eWiC)
                ICS & SCADA Cyber Security Research
                Product
                Product Information: 1477-9358BCS Learning & Development
                Self URI (journal page): https://ewic.bcs.org/
                Categories
                Electronic Workshops in Computing

                Comments

                Comment on this article