An Overview of the Security of Programmable Logic Controllers in Industrial Control Systems
Abstract
:1. Introduction
1.1. Related Works
1.2. Organization
2. Background
2.1. PLC Architecture
2.2. Hardware Layer
2.3. Programming Layer
2.4. Firmware Layer
2.5. Scan Cycle and Control Logic
2.6. PLC Vendors
2.7. Simulation Tools
3. Adversarial Model
3.1. Stealthiness
3.2. Control Logic
3.3. Firmware
4. Different Types of Attacks
4.1. Code Vulnerabilities
4.2. Control Logic Injection Attacks
4.3. Firmware Modification Attacks
4.4. Attacks against Communication Protocols
4.5. Memory Attacks
5. Countermeasures
5.1. Firmware Integrity
5.2. Secure PLC Programs
5.3. Defence Detection
5.4. Network Protocol Security
5.5. Encryption
6. Future Works
6.1. Attacks
6.2. Defense
- There are no common frameworks to conduct the formal validation of PLC code, and thus, a unified and effective approach for PLC code auditing is yet to be proposed.
- Considering that PLC programs are different from traditional computer programs, contributions to accurate detection and overhead mitigation are still expected.
- Encryption has been considered as an approach to enchance the security of communication protocols for PLC-based systems; however, applying encryption algorithms to the whole large-scale ICS network without affecting the normal operation of the service network is still a challenge.
7. Conclusions
Author Contributions
Funding
Institutional Review Board Statement
Informed Consent Statement
Data Availability Statement
Acknowledgments
Conflicts of Interest
References
- Algburi, R.; Gao, H.; Al-Huda, Z. Design and implementation fuzzy-PLC temperature controller for the cooling tower to reduce dust emission in cement plant. In Proceedings of the World Scientific Proceedings Series on Computer Engineering and Information Science Developments of Artificial Intelligence Technologies in Computation and Robotics, WSPC, Cologne, Germany, 18–21 August 2020; pp. 1270–1279. [Google Scholar]
- Bytes, A.; Zhou, J. Post-exploitation and Persistence Techniques Against Programmable Logic Controller. In Lecture Notes in Computer Science, Proceedings of the Applied Cryptography and Network Security Workshops—ACNS 2020 Satellite Workshops, AIBlock, AIHWS, AIoTS, Cloud S&P, SCI, SecMT, and SiMLA, Rome, Italy, 19–22 October 2020; Zhou, J., Conti, M., Ahmed, C.M., Au, M.H., Batina, L., Li, Z., Lin, J., Losiouk, E., Luo, B., Majumdar, S., et al., Eds.; Springer: Cham, Switzerland, 2020; Volume 12418, pp. 255–273. [Google Scholar] [CrossRef]
- MarketsANDMarkets-Industrial Control Systems Security Market. Industrial Control Systems (ICS) Security Market by Component (Solution and Services), Solution, Security type (Network Security, Endpoint Security, Application Security, Database security), Vertical, and Region—Global Forecast to 2026. Available online: https://www.marketsandmarkets.com/Market-Reports/industrial-control-systems-security-ics-market-1273.html (accessed on 16 October 2023).
- Chen, T.; Chen, S.; Tang, W.; Chen, B. Internet of Things: Development Intelligent Programmable IoT Controller for Emerging Industry Applications. Sensors 2022, 22, 5138. [Google Scholar] [CrossRef] [PubMed]
- Gaspar, F.J.F.; González, I.; Calderón, A.J. Data acquisition and monitoring system framed in Industrial Internet of Things for PEM hydrogen generators. Internet Things 2023, 22, 100795. [Google Scholar] [CrossRef]
- Smith, T. Hacker Jailed for Revenge Sewage Attacks. 2001. Available online: https://www.theregister.com/2001/10/31/hacker_jailed_for_revenge_sewage/ (accessed on 31 July 2023).
- Johnson, R.E., III. Survey of SCADA security challenges and potential attack vectors. In Proceedings of the 5th International Conference for Internet Technology and Secured Transactions, ICITST 2010, London, UK, 8–10 November 2010; pp. 1–5. [Google Scholar]
- Falliere, N.; Murchu, L.O.; Chien, E. W32.Stuxnet Dossier. 2010. Available online: https://www.wired.com/images_blogs/threatlevel/2010/11/w32_stuxnet_dossier.pdf (accessed on 12 September 2023).
- Basnight, Z.; Butts, J.; Lopez, J., Jr.; Dubé, T. Firmware modification attacks on programmable logic controllers. Int. J. Crit. Infrastruct. Prot. 2013, 6, 76–84. [Google Scholar] [CrossRef]
- Sandaruwan, G.P.H.; Ranaweera, P.S.; Oleshchuk, V.A. PLC security and critical infrastructure protection. In Proceedings of the 2013 IEEE 8th International Conference on Industrial and Information Systems, Peradeniya, Sri Lanka, 17–20 December 2013; pp. 81–85. [Google Scholar] [CrossRef]
- Wardak, H.; Zhioua, S.; Almulhem, A. PLC access control: A security analysis. In Proceedings of the 2016 World Congress on Industrial Control Systems Security, WCICSS, London, UK, 12–14 December 2016; pp. 56–61. [Google Scholar] [CrossRef]
- Ghaleb, A.; Zhioua, S.; Almulhem, A. On PLC network security. Int. J. Crit. Infrastructure Prot. 2018, 22, 62–69. [Google Scholar] [CrossRef]
- Serhane, A.; Raad, M.; Raad, R.; Susilo, W. Programmable logic controllers based systems (PLC-BS): Vulnerabilities and threats. SN Appl. Sci. 2019, 1, 1. [Google Scholar] [CrossRef]
- Wu, H.; Geng, Y.; Liu, K.; Liu, W. Research on Programmable Logic Controller Security. IOP Conf. Ser. Mater. Sci. Eng. 2019, 569, 042031. [Google Scholar] [CrossRef]
- Pan, X.; Wang, Z.; Sun, Y. Review of PLC Security Issues in Industrial Control System. J. Cyber Secur. 2020, 2, 59–68. [Google Scholar] [CrossRef]
- Telstar Inc. How SCADA, HMI, and PLC Work Together. 2019. Available online: https://www.telstarinc.com/how-scada-hmi-and-plc-work-together/ (accessed on 6 December 2023).
- Institute of Electrical and Electronic Engineers. EtherNet/IP: Industrial Protocol White Paper. 2001. Available online: https://literature.rockwellautomation.com/idc/groups/literature/documents/wp/enet-wp001_-en-p.pdf (accessed on 5 October 2023).
- Modbus Organization. Modbus. 1979. Available online: https://modbus.org/ (accessed on 15 August 2023).
- DNP Users Group. DNP3. 1993. Available online: https://www.dnp.org/ (accessed on 1 December 2023).
- Ait, R.; Yahia, A. PLC MQTT Communication Using TIA Portal, Mosquitto and Node-RED. 2023. Available online: https://www.solisplc.com/tutorials/plc-mqtt-communication-using-tia-portal-mosquitto-and-node-red#:~:text=MQTT%20is%20a%20protocol%20based,recipients%20subscribed%20to%20that%20topic (accessed on 5 December 2023).
- PLC Table. PLC and OPC UA. 2023. Available online: https://www.plctable.com/plc-and-opc-ua/#:~:text=OPC%20UA%20can%20provide%20a,opportunities%20for%20optimization%20and%20development (accessed on 5 December 2023).
- McMinn, L.; Butts, J. A Firmware Verification Tool for Programmable Logic Controllers. In IFIP Advances in Information and Communication Technology, Proceedings of the Critical Infrastructure Protection VI—6th IFIP WG 11.10 International Conference, ICCIP 2012, Washington, DC, USA, 19–21 March 2012; Revised Selected Papers; Butts, J., Shenoi, S., Eds.; Springer: Berlin/Heidelberg, Germany, 2012; Volume 390, pp. 59–69. [Google Scholar] [CrossRef]
- PLCopen. International Electrotechnical Commission (IEC), Programmable Controllers—Part 3: Programming Languages. 2013. Available online: https://plcopen.org/iec-61131-3 (accessed on 9 November 2023).
- Rockwell Automation. Logix 5000 Controllers General Instructions. 2020. Available online: https://literature.rockwellautomation.com/idc/groups/literature/documents/rm/1756-rm003_-en-p.pdf (accessed on 14 June 2023).
- Yoo, H.; Ahmed, I. Control Logic Injection Attacks on Industrial Control Systems. In IFIP Advances in Information and Communication Technology, Proceedings of the ICT Systems Security and Privacy Protection—34th IFIP TC 11 International Conference, SEC 2019, Lisbon, Portugal, 25–27 June 2019; Dhillon, G., Karlsson, F., Hedström, K., Zúquete, A., Eds.; Springer: Cham, Switzerland, 2019; Volume 562, pp. 33–48. [Google Scholar] [CrossRef]
- De Sousa, M. MatPLC-the truly open automation controller. In Proceedings of the IEEE 2002 28th Annual Conference of the Industrial Electronics Society, IECON 02, Seville, Spain, 5–8 November 2002; Volume 3, pp. 2278–2283. [Google Scholar] [CrossRef]
- Tisserant, E.; Bessard, L.; de Sousa, M. An Open Source IEC 61131-3 Integrated Development Environment. In Proceedings of the 2007 5th IEEE International Conference on Industrial Informatics, Vienna, Austria, 23–27 June 2007; Volume 1, pp. 183–187. [Google Scholar] [CrossRef]
- Alves, T.; Morris, T.H. OpenPLC: An IEC 61, 131-3 compliant open source industrial controller for cyber security research. Comput. Secur. 2018, 78, 364–379. [Google Scholar] [CrossRef]
- Siemens. SIMATIC S7-PLCSIM—Software for SIMATIC Controllers. 2017. Available online: https://www.s7automation.com/tia-portal/ (accessed on 30 June 2023).
- Rockwell Automation. Studio 5000 Logix Emulate. 2017. Available online: https://www.rockwellautomation.com/rockwellsoftware/products/studio5000-logix-emulate.page (accessed on 27 July 2023).
- U.S. Naval Research Lab. Common Open Research Emulator (CORE). 2017. Available online: https://www.nrl.navy.mil/itd/ncs/products/core (accessed on 26 July 2023).
- Genge, B.; Siaterlis, C.; Hohenadel, M. AMICI: An Assessment Platform for Multi-domain Security Experimentation on Critical Infrastructures. In Lecture Notes in Computer Science, Proceedings of the Critical Information Infrastructures Security—7th International Workshop, CRITIS 2012, Lillehammer, Norway, 17–18 September 2012; Revised Selected Papers; Hämmerli, B.M., Svendsen, N.K., López, J., Eds.; Springer: Berlin/Heidelberg, Germany, 2012; Volume 7722, pp. 228–239. [Google Scholar] [CrossRef]
- Modbus Tools. Modbus Slave. 2012. Available online: https://www.modbustools.com/modbus_slave.html (accessed on 21 June 2023).
- Garcia, L.; Brasser, F.; Cintuglu, M.H.; Sadeghi, A.; Mohammed, O.A.; Zonouz, S.A. Hey, My Malware Knows Physics! Attacking PLCs with Physical Model Aware Rootkit. In Proceedings of the 24th Annual Network and Distributed System Security Symposium, NDSS 2017, San Diego, CA, USA, 26 February–1 March 2017; The Internet Society: Reston, VA, USA, 2017. [Google Scholar]
- McLaughlin, S.E.; Zonouz, S.A.; Pohly, D.J.; McDaniel, P.D. A Trusted Safety Verifier for Process Controller Code. In Proceedings of the 21st Annual Network and Distributed System Security Symposium, NDSS 2014, San Diego, CA, USA, 23–26 February 2014; The Internet Society: Reston, VA, USA, 2014. [Google Scholar]
- Castellanos, J.H.; Ochoa, M.; Cárdenas, A.A.; Arden, O.; Zhou, J. AttkFinder: Discovering Attack Vectors in PLC Programs using Information Flow Analysis. In Proceedings of the RAID ’21: 24th International Symposium on Research in Attacks, Intrusions and Defenses, San Sebastian, Spain, 6–8 October 2021; ACM: New York, NY, USA, 2011; pp. 235–250. [Google Scholar] [CrossRef]
- Assante, M.J.; Lee, R.M. The Industrial Control System Cyber Kill Chain. 2015. Available online: https://na-production.s3.amazonaws.com/documents/industrial-control-system-cyber-kill-chain-36297.pdf (accessed on 4 July 2023).
- Yau, K.; Chow, K.; Yiu, S.; Chan, C. Detecting anomalous behavior of PLC using semi-supervised machine learning. In Proceedings of the 2017 IEEE Conference on Communications and Network Security, CNS 2017, Las Vegas, NV, USA, 9–11 October 2017; pp. 580–585. [Google Scholar] [CrossRef]
- Boateng, E.A.; Bruce, J.W. Unsupervised Machine Learning Techniques for Detecting PLC Process Control Anomalies. J. Cybersecur. Priv. 2022, 2, 220–244. [Google Scholar] [CrossRef]
- Valentine, S.E., Jr. PLC Code V C Code Vulnerabilities Thr abilities through SCAD ough SCADA Systems A Systems. Ph.D. Thesis, University of South Carolina, Columbia, SC, USA, 2013. [Google Scholar]
- Langner. A Time Bomb with Fourteen Bytes. 2011. Available online: https://www.langner.com/2011/07/a-time-bomb-with-fourteen-bytes/ (accessed on 24 July 2023).
- McLaughlin, S.E. On Dynamic Malware Payloads Aimed at Programmable Logic Controllers. In Proceedings of the 6th USENIX Workshop on Hot Topics in Security, HotSec’11, San Francisco, CA, USA, 9 August 2011; USENIX Association: Berkeley, CA, USA, 2011. [Google Scholar]
- McLaughlin, S.E.; McDaniel, P.D. SABOT: Specification-based payload generation for programmable logic controllers. In Proceedings of the the ACM Conference on Computer and Communications Security, CCS’12, Raleigh, NC, USA, 16–18 October 2012; ACM: New York, NY, USA, 2012; pp. 439–449. [Google Scholar] [CrossRef]
- Spenneberg, R.; Brüggemann, M.; Schwartke, H. PLC-Blaster: A Worm Living Solely in the PLC. 2015. Available online: https://www.blackhat.com/docs/asia-16/materials/asia-16-Spenneberg-PLC-Blaster-A-Worm-Living-Solely-In-The-PLC-wp.pdf (accessed on 30 June 2023).
- Abbasi, A.; Hashemi, M. Ghost in the PLC Designing an Undetectable Programmable Logic Controller Rootkit via Pin Control Attack. 2016. Available online: https://www.blackhat.com/docs/eu-16/materials/eu-16-Abbasi-Ghost-In-The-PLC-Designing-An-Undetectable-Programmable-Logic-Controller-Rootkit-wp.pdf (accessed on 2 August 2023).
- Senthivel, S.; Dhungana, S.; Yoo, H.; Ahmed, I.; Roussev, V. Denial of Engineering Operations Attacks in Industrial Control Systems. In Proceedings of the Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy, CODASPY 2018, Tempe, AZ, USA, 19–21 March 2018; ACM: New York, NY, USA, 2018; pp. 319–329. [Google Scholar] [CrossRef]
- Claroty Team82. Vulnerabilities in Rockwell Automation PLCs Could Enable Stuxnet-like Attacks. 2022. Available online: https://nvd.nist.gov/vuln/detail/cve-2022-1161 (accessed on 8 September 2023).
- McLaughlin, S.E.; Zonouz, S.A. Controller-aware false data injection against programmable logic controllers. In Proceedings of the 2014 IEEE International Conference on Smart Grid Communications, SmartGridComm 2014, Venice, Italy, 3–6 November 2014; pp. 848–853. [Google Scholar] [CrossRef]
- Dillon Beresford. Exploiting Siemens Simatic S7 PLCs. 2011. Available online: https://paper.bobylive.com/Meeting_Papers/BlackHat/USA-2011/BH_US11_Beresford_S7_PLCs_WP.pdf, (accessed on 5 December 2023).
- Meixell, B.; Forner, E. Out of Control: Demonstrating SCADA Device Exploitation. 2013. Available online: https://infocondb.org/con/black-hat/black-hat-usa-2013/out-of-control-demonstrating-scada-device-exploitation (accessed on 13 September 2023).
- Klick, J.; Lau, S.; Marzin, D.; Malchow, J.; Roth, V. Internet-Facing PLCs—A New Back Orifice. 2015. Available online: https://www.blackhat.com/docs/us-15/materials/us-15-Klick-Internet-Facing-PLCs-A-New-Back-Orifice-wp.pdf (accessed on 19 August 2023).
- Kovacs, E. New Vulnerabilities Can Allow Hackers to Remotely Crash Siemens PLCs. 2022. Available online: https://www.securityweek.com/new-vulnerabilities-can-allow-hackers-remotely-crash-siemens-plcs (accessed on 22 October 2023).
- Cox, C. EXPLOITED: Siemens PLCs, SIMATIC S7-1200 & S7-1500. 2023. Available online: https://embeddedcomputing.com/technology/security/exploited-siemens-plcs-simatic-s7-1200-s7-1500 (accessed on 6 December 2023).
- Gao, W.; Morris, T.H.; Reaves, B.; Richey, D. On SCADA control system command and response injection and intrusion detection. In Proceedings of the 2010 eCrime Researchers Summit, eCrime 2010, Dallas, TX, USA, 18–20 October 2010; pp. 1–9. [Google Scholar] [CrossRef]
- Fovino, I.N.; Carcano, A.; Masera, M.; Trombetta, A. Design and Implementation of a Secure Modbus Protocol. In IFIP Advances in Information and Communication Technology, Proceedings of the Critical Infrastructure Protection III—Third Annual IFIP WG 11.10 International Conference on Critical Infrastructure Protection, Hanover, NH, USA, 23–25 March 2009; Revised Selected Papers; Palmer, C.C., Shenoi, S., Eds.; Springer: Berlin/Heidelberg, Germany, 2009; Volume 311, pp. 83–96. [Google Scholar] [CrossRef]
- Morris, T.H.; Gao, W. Industrial Control System Cyber Attacks. In Workshops in Computing, Proceedings of the 1st International Symposium for ICS & SCADA Cyber Security Research 2013, ICS-CSR 2013, Leicester, UK, 16–17 September 2013; Janicke, H., Jones, K.I., Eds.; BCS: Swindon, UK, 2013. [Google Scholar]
- Rahman, A.; Mustafa, G.; Khan, A.Q.; Abid, M.; Durad, M.H. Launch of denial of service attacks on the modbus/TCP protocol and development of its protection mechanisms. Int. J. Crit. Infrastruct. Prot. 2022, 39, 100568. [Google Scholar] [CrossRef]
- Polge, J.; Robert, J.; Traon, Y.L. Assessing the impact of attacks on OPC-UA applications in the Industry 4.0 era. In Proceedings of the 16th IEEE Annual Consumer Communications & Networking Conference, CCNC 2019, Las Vegas, NV, USA, 11–14 January 2019; pp. 1–6. [Google Scholar] [CrossRef]
- Mathur, A.P.; Tippenhauer, N.O. SWaT: A water treatment testbed for research and training on ICS security. In Proceedings of the 2016 International Workshop on Cyber-physical Systems for Smart Water Networks, CySWater@CPSWeek 2016, Vienna, Austria, 11 April 2016; IEEE Computer Society: Los Alamitos, CA, USA, 2016; pp. 31–36. [Google Scholar] [CrossRef]
- Cheng, L.; Li, D.; Ma, L. The Spear to Break the Security Wall of S7CommPlus. 2017. Available online: https://www.blackhat.com/docs/eu-17/materials/eu-17-Lei-The-Spear-To-Break%20-The-Security-Wall-Of-S7CommPlus-wp.pdf (accessed on 5 December 2023).
- Ylmaz, E.N.; Ciylan, B.; Gönen, S.; Sindiren, E.; Karacayılmaz, G. Cyber security in industrial control systems: Analysis of DoS attacks against PLCs and the insider effect. In Proceedings of the 2018 6th International Istanbul Smart Grids and Cities Congress and Fair (ICSG), Istanbul, Turkey, 25–26 April 2018; pp. 81–85. [Google Scholar] [CrossRef]
- Robles-Durazno, A.; Moradpoor, N.; McWhinnie, J.; Russell, G.; Maneru-Marin, I. PLC memory attack detection and response in a clean water supply system. Int. J. Crit. Infrastructure Prot. 2019, 26. [Google Scholar] [CrossRef]
- Cook, M.M.; Marnerides, A.K.; Pezaros, D. PLCPrint: Fingerprinting Memory Attacks in Programmable Logic Controllers. IEEE Trans. Inf. Forensics Secur. 2023, 18, 3376–3387. [Google Scholar] [CrossRef]
- Adelstein, F.; Stillerman, M.; Kozen, D. Malicious Code Detection for Open Firmware. In Proceedings of the 18th Annual Computer Security Applications Conference (ACSAC 2002), Las Vegas, NV, USA, 9–13 December 2002; IEEE Computer Society: Los Alamitos, CA, USA, 2002; pp. 403–412. [Google Scholar] [CrossRef]
- Schwartz, E.J.; Avgerinos, T.; Brumley, D. All You Ever Wanted to Know about Dynamic Taint Analysis and Forward Symbolic Execution (but Might Have Been Afraid to Ask). In Proceedings of the 31st IEEE Symposium on Security and Privacy, S&P 2010, Berleley/Oakland, CA, USA, 16–19 May 2010; IEEE Computer Society: Los Alamitos, CA, USA, 2010; pp. 317–331. [Google Scholar] [CrossRef]
- Canet, G.; Couffin, S.; Lesage, J.; Petit, A.; Schnoebelen, P. Towards the automatic verification of PLC programs written in Instruction List. In Proceedings of the IEEE International Conference on Systems, Man & Cybernetics: “Cybernetics Evolving to Systems, Humans, Organizations, and their Complex Interactions”, Sheraton Music City Hotel, Nashville, TN, USA, 8–11 October 2000; pp. 2449–2454. [Google Scholar] [CrossRef]
- Garcia, A.M. Firmware Modification Analysis in Programmable Logic Controllers. Ph.D. Thesis, Air Force Institute of Technology, Dayton, OH, USA, 2014. [Google Scholar]
- Younis, M.B.; Frey, G. UML-based Approach for the Re-Engineering of PLC Programs. In Proceedings of the IECON 2006—32nd Annual Conference on IEEE Industrial Electronics, Paris, France, 6–10 November 2006; pp. 3691–3696. [Google Scholar] [CrossRef]
- PNF Software. JEB. 2015. Available online: https://www.pnfsoftware.com/ (accessed on 28 July 2023).
- Keliris, A.; Maniatakos, M. ICSREF: A Framework for Automated Reverse Engineering of Industrial Control Systems Binaries. In Proceedings of the 26th Annual Network and Distributed System Security Symposium, NDSS 2019, San Diego, CA, USA, 24–27 February 2019; The Internet Society: Reston, VA, USA, 2019. [Google Scholar]
- Guo, S.; Wu, M.; Wang, C. Symbolic execution of programmable logic controller code. In Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering, ESEC/FSE 2017, Paderborn, Germany, 4–8 September 2017; ACM: New York, NY, USA, 2017; pp. 326–336. [Google Scholar] [CrossRef]
- Yau, K.; Chow, K. PLC Forensics Based on Control Program Logic Change Detection. J. Digit. Forensics Secur. Law 2015, 10, 59–68. [Google Scholar] [CrossRef]
- Abbasi, A.; Holz, T.; Zambon, E.; Etalle, S. ECFI: Asynchronous Control Flow Integrity for Programmable Logic Controllers. In Proceedings of the Proceedings of the 33rd Annual Computer Security Applications Conference, Orlando, FL, USA, 4–8 December 2017; ACM: New York, NY, USA, 2017; pp. 437–448. [Google Scholar] [CrossRef]
- Zonouz, S.A.; Rrushi, J.L.; McLaughlin, S.E. Detecting Industrial Control Malware Using Automated PLC Code Analytics. IEEE Secur. Priv. 2014, 12, 40–47. [Google Scholar] [CrossRef]
- Feng, T.; Shi, Y.; Gong, R.; Zhao, Q. The Security Assessment on Programmable Logic Controller based on Attack Tree Model and FAHP. In Proceedings of the 2019 IEEE International Conference on Power, Intelligent Computing and Systems (ICPICS), Shenyang, China, 12–14 July 2019; pp. 318–323. [Google Scholar] [CrossRef]
- Majdalawieh, M.; Parisi-Presicce, F.; Wijesekera, D. DNPSec: Distributed Network Protocol Version 3 (DNP3) Security Framework. In Proceedings of the Advances in Computer, Information, and Systems Sciences, and Engineering; Elleithy, K., Sobh, T., Mahmood, A., Iskander, M., Karim, M., Eds.; Springer: Dordrecht, The Netherlands, 2006; pp. 227–234. [Google Scholar]
- Voyiatzis, A.G.; Katsigiannis, K.; Koubias, S.A. A Modbus/TCP Fuzzer for testing internetworked industrial systems. In Proceedings of the 20th IEEE Conference on Emerging Technologies & Factory Automation, ETFA 2015, Luxembourg, 8–11 September 2015; pp. 1–6. [Google Scholar] [CrossRef]
- Desruisseaux, D. Modbus Security—New Protocol to Improve Control System Security. 2018. Available online: https://blog.se.com/industry/machine-and-process-management/2018/08/30/modbus-security-new-protocol-to-improve-control-system-security/ (accessed on 5 December 2023).
- Malchow, J.; Marzin, D.; Klick, J.; Kovacs, R.; Roth, V. PLC Guard: A practical defense against attacks on cyber-physical systems. In Proceedings of the 2015 IEEE Conference on Communications and Network Security, CNS 2015, Florence, Italy, 28–30 September 2015; pp. 326–334. [Google Scholar] [CrossRef]
- Akpinar, K.O.; Özçelik, I. Analysis of Machine Learning Methods in EtherCAT-Based Anomaly Detection. IEEE Access 2019, 7, 184365–184374. [Google Scholar] [CrossRef]
- Zhang, W.; Jiao, Y.; Wu, D.; Srinivasa, S.; De, A.; Ghosh, S.; Liu, P. Armor PLC: A Platform for Cyber Security Threats Assessments for PLCs. Procedia Manuf. 2019, 39, 270–278. [Google Scholar] [CrossRef]
- Heo, J.; Hong, C.S.; Ju, S.H.; Lim, Y.H.; Lee, B.S.; Hyun, D.H. A Security Mechanism for Automation Control in PLC-based Networks. In Proceedings of the 2007 IEEE International Symposium on Power Line Communications and Its Applications, Pisa, Italy, 26–28 March 2007; pp. 466–470. [Google Scholar] [CrossRef]
- Halas, M.; Bestak, I.; Orgon, M.; Kovac, A. Performance measurement of encryption algorithms and their effect on real running in PLC networks. In Proceedings of the 35th International Conference on Telecommunications and Signal Processing, TSP 2012, Prague, Czech Republic, 3–4 July 2012; pp. 161–164. [Google Scholar] [CrossRef]
- Alves, T.; Morris, T.H.; Yoo, S. Securing SCADA Applications Using OpenPLC With End-To-End Encryption. In Proceedings of the Proceedings of the 3rd Annual Industrial Control System Security Workshop, ICSS 2017, San Juan, PR, USA, 5 December 2017; ACM: New York, NY, USA, 2017; pp. 1–6. [Google Scholar] [CrossRef]
- Alves, T.; Das, R.; Morris, T.H. Embedding Encryption and Machine Learning Intrusion Prevention Systems on Programmable Logic Controllers. IEEE Embed. Syst. Lett. 2018, 10, 99–102. [Google Scholar] [CrossRef]
- Phoenix Contact. Industries and Applications. 2023. Available online: https://www.phoenixcontact.com/en-au/ (accessed on 7 December 2023).
Types | Descriptions |
---|---|
Logic | Errors that could cause state transition, timing, control, |
Errors | and data flow issues. |
Linkage | Errors that handle the failure to or the deletion of the |
and Scope | installation of a communication session between |
Errors | separate ladders. |
Syntax | Errors that were problematic in the compilation (not restricted). |
Errors | Such codes can be downloaded to the processor with at most |
one warning comparing to the individual downloading to the device. | |
Duplicate | Objects such as timers and counters that have been defined |
Objects | more than once. |
Unused | Objects that were never used in the ladder logic but defined |
Objects | in the initial database which can be used for random functions. |
Hidden | Software jumpers that avoid some parts of a rung |
jumpers | in a ladder logic routine. They are not searchable and can be |
easily hidden from the untrained eye. |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2024 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Cui, H.; Hong, J.; Louden, R. An Overview of the Security of Programmable Logic Controllers in Industrial Control Systems. Encyclopedia 2024, 4, 874-887. https://doi.org/10.3390/encyclopedia4020056
Cui H, Hong J, Louden R. An Overview of the Security of Programmable Logic Controllers in Industrial Control Systems. Encyclopedia. 2024; 4(2):874-887. https://doi.org/10.3390/encyclopedia4020056
Chicago/Turabian StyleCui, Hui, Jin Hong, and Rodney Louden. 2024. "An Overview of the Security of Programmable Logic Controllers in Industrial Control Systems" Encyclopedia 4, no. 2: 874-887. https://doi.org/10.3390/encyclopedia4020056
APA StyleCui, H., Hong, J., & Louden, R. (2024). An Overview of the Security of Programmable Logic Controllers in Industrial Control Systems. Encyclopedia, 4(2), 874-887. https://doi.org/10.3390/encyclopedia4020056