Abstract
Programmable Logic Controllers (PLCs) are a family of embedded devices used for physical process control. Similar to other embedded devices, PLCs are vulnerable to cyber attacks. Because they are used to control the physical processes of critical infrastructures, compromised PLCs constitute a significant security and safety risk. Previously we introduced specific attack against PLCs which can stealthily manipulate the physical process it controls by tampering with the device I/O at a low level. We implemented different variants of the attack in the form of a rootkit and a user-space malicious code over a candidate PLC. We then move forward with a tailored defense which specifically detect modification of PLCs I/O to detect our attack.
Original language | English |
---|---|
Title of host publication | Ghost in the PLC vs GhostBuster |
Subtitle of host publication | On the Feasibility of Detecting Pin Control Attack in Programmable Logic Controllers |
Number of pages | 72 |
Publication status | Unpublished - 1 May 2017 |
Keywords
- PLC
- PCA
- detection
- ICS
- SCADA
Fingerprint
Dive into the research topics of 'Ghost in the PLC vs GhostBuster: on the feasibility of detecting pin control attack in Programmable Logic Controllers'. Together they form a unique fingerprint.Press / Media
-
Vanishing Point: New PLC Malware Leverages Processor Problems to Go Dark
Ali Abbasi
3/12/16
1 item of Media coverage
Press/Media: Expert Comment