Stealth low-level manipulation of programmable logic controllers I/O by pin control exploitation

Ali Abbasi; Majid Hashemi; Emmanuele Zambon; Sandro Etalle

doi:10.1007/978-3-319-71368-7_1

Stealth low-level manipulation of programmable logic controllers I/O by pin control exploitation

Ali Abbasi, Majid Hashemi, Emmanuele Zambon, Sandro Etalle

Security

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

60 Citations (Scopus)

Abstract

Input/Output is the mechanism through which Programmable Logic Controllers (PLCs) interact with and control the outside world. Particularly when employed in critical infrastructures, the I/O of PLCs has to be both reliable and secure. PLCs I/O like other embedded devices are controlled by a pin based approach. In this paper, we investigate the security implications of the PLC pin control system. In particular, we show how an attacker can tamper with the integrity and availability of PLCs I/O by exploiting certain pin control operations and the lack of hardware interrupts associated to them.

Original language	English
Title of host publication	Critical Information Infrastructures Security - 11th International Conference, CRITIS 2016, Revised Selected Papers
Subtitle of host publication	11th International Conference, CRITIS 2016, Paris, France, October 10–12, 2016, Revised Selected Papers
Editors	G. Havarneanu, R. Setola, H. Nassopoulos, S. Wolthusen
Place of Publication	Dordrecht
Publisher	Springer
Pages	1-12
Number of pages	12
ISBN (Electronic)	978-3-319-71368-7
ISBN (Print)	978-3-319-71367-0
DOIs	https://doi.org/10.1007/978-3-319-71368-7_1
Publication status	Published - 10 Oct 2016
Event	11th International Conference on Critical Information Infrastructures Security (CRITIS 2016) - Paris, France Duration: 10 Oct 2016 → 12 Oct 2016 Conference number: 11

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	10242 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	11th International Conference on Critical Information Infrastructures Security (CRITIS 2016)
Abbreviated title	CRITS 2016
Country/Territory	France
City	Paris
Period	10/10/16 → 12/10/16

Keywords

Exploiting
ICS
PLC
SoC

Access to Document

10.1007/978-3-319-71368-7_1

Cite this

Abbasi, A., Hashemi, M., Zambon, E., & Etalle, S. (2016). Stealth low-level manipulation of programmable logic controllers I/O by pin control exploitation. In G. Havarneanu, R. Setola, H. Nassopoulos, & S. Wolthusen (Eds.), Critical Information Infrastructures Security - 11th International Conference, CRITIS 2016, Revised Selected Papers: 11th International Conference, CRITIS 2016, Paris, France, October 10–12, 2016, Revised Selected Papers (pp. 1-12). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10242 LNCS). Springer. https://doi.org/10.1007/978-3-319-71368-7_1

Abbasi, Ali ; Hashemi, Majid ; Zambon, Emmanuele et al. / Stealth low-level manipulation of programmable logic controllers I/O by pin control exploitation. Critical Information Infrastructures Security - 11th International Conference, CRITIS 2016, Revised Selected Papers: 11th International Conference, CRITIS 2016, Paris, France, October 10–12, 2016, Revised Selected Papers. editor / G. Havarneanu ; R. Setola ; H. Nassopoulos ; S. Wolthusen. Dordrecht : Springer, 2016. pp. 1-12 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{3512d7306f9b4bb3acf1067d9a87d20d,

title = "Stealth low-level manipulation of programmable logic controllers I/O by pin control exploitation",

abstract = "Input/Output is the mechanism through which Programmable Logic Controllers (PLCs) interact with and control the outside world. Particularly when employed in critical infrastructures, the I/O of PLCs has to be both reliable and secure. PLCs I/O like other embedded devices are controlled by a pin based approach. In this paper, we investigate the security implications of the PLC pin control system. In particular, we show how an attacker can tamper with the integrity and availability of PLCs I/O by exploiting certain pin control operations and the lack of hardware interrupts associated to them.",

keywords = "Exploiting, ICS, PLC, SoC",

author = "Ali Abbasi and Majid Hashemi and Emmanuele Zambon and Sandro Etalle",

year = "2016",

month = oct,

day = "10",

doi = "10.1007/978-3-319-71368-7_1",

language = "English",

isbn = "978-3-319-71367-0",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer",

pages = "1--12",

editor = "G. Havarneanu and R. Setola and H. Nassopoulos and S. Wolthusen",

booktitle = "Critical Information Infrastructures Security - 11th International Conference, CRITIS 2016, Revised Selected Papers",

address = "Germany",

note = "11th International Conference on Critical Information Infrastructures Security (CRITIS 2016), CRITS 2016 ; Conference date: 10-10-2016 Through 12-10-2016",

}

Abbasi, A, Hashemi, M, Zambon, E & Etalle, S 2016, Stealth low-level manipulation of programmable logic controllers I/O by pin control exploitation. in G Havarneanu, R Setola, H Nassopoulos & S Wolthusen (eds), Critical Information Infrastructures Security - 11th International Conference, CRITIS 2016, Revised Selected Papers: 11th International Conference, CRITIS 2016, Paris, France, October 10–12, 2016, Revised Selected Papers. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 10242 LNCS, Springer, Dordrecht, pp. 1-12, 11th International Conference on Critical Information Infrastructures Security (CRITIS 2016), Paris, France, 10/10/16. https://doi.org/10.1007/978-3-319-71368-7_1

Stealth low-level manipulation of programmable logic controllers I/O by pin control exploitation. / Abbasi, Ali; Hashemi, Majid; Zambon, Emmanuele et al.

Critical Information Infrastructures Security - 11th International Conference, CRITIS 2016, Revised Selected Papers: 11th International Conference, CRITIS 2016, Paris, France, October 10–12, 2016, Revised Selected Papers. ed. / G. Havarneanu; R. Setola; H. Nassopoulos; S. Wolthusen. Dordrecht : Springer, 2016. p. 1-12 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10242 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - Stealth low-level manipulation of programmable logic controllers I/O by pin control exploitation

AU - Abbasi, Ali

AU - Hashemi, Majid

AU - Zambon, Emmanuele

AU - Etalle, Sandro

N1 - Conference code: 11

PY - 2016/10/10

Y1 - 2016/10/10

N2 - Input/Output is the mechanism through which Programmable Logic Controllers (PLCs) interact with and control the outside world. Particularly when employed in critical infrastructures, the I/O of PLCs has to be both reliable and secure. PLCs I/O like other embedded devices are controlled by a pin based approach. In this paper, we investigate the security implications of the PLC pin control system. In particular, we show how an attacker can tamper with the integrity and availability of PLCs I/O by exploiting certain pin control operations and the lack of hardware interrupts associated to them.

AB - Input/Output is the mechanism through which Programmable Logic Controllers (PLCs) interact with and control the outside world. Particularly when employed in critical infrastructures, the I/O of PLCs has to be both reliable and secure. PLCs I/O like other embedded devices are controlled by a pin based approach. In this paper, we investigate the security implications of the PLC pin control system. In particular, we show how an attacker can tamper with the integrity and availability of PLCs I/O by exploiting certain pin control operations and the lack of hardware interrupts associated to them.

KW - Exploiting

KW - ICS

KW - PLC

KW - SoC

UR - http://www.scopus.com/inward/record.url?scp=85036657085&partnerID=8YFLogxK

UR - http://wwwhome.cs.utwente.nl/~abbasia/CRITIS2016.pdf

U2 - 10.1007/978-3-319-71368-7_1

DO - 10.1007/978-3-319-71368-7_1

M3 - Conference contribution

AN - SCOPUS:84962218239

SN - 978-3-319-71367-0

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 1

EP - 12

BT - Critical Information Infrastructures Security - 11th International Conference, CRITIS 2016, Revised Selected Papers

A2 - Havarneanu, G.

A2 - Setola, R.

A2 - Nassopoulos, H.

A2 - Wolthusen, S.

PB - Springer

CY - Dordrecht

T2 - 11th International Conference on Critical Information Infrastructures Security (CRITIS 2016)

Y2 - 10 October 2016 through 12 October 2016

ER -

Abbasi A, Hashemi M, Zambon E , Etalle S. Stealth low-level manipulation of programmable logic controllers I/O by pin control exploitation. In Havarneanu G, Setola R, Nassopoulos H, Wolthusen S, editors, Critical Information Infrastructures Security - 11th International Conference, CRITIS 2016, Revised Selected Papers: 11th International Conference, CRITIS 2016, Paris, France, October 10–12, 2016, Revised Selected Papers. Dordrecht: Springer. 2016. p. 1-12. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-319-71368-7_1

Stealth low-level manipulation of programmable logic controllers I/O by pin control exploitation

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Vanishing Point: New PLC Malware Leverages Processor Problems to Go Dark

Cite this

Stealth low-level manipulation of programmable logic controllers I/O by pin control exploitation

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Press / Media

Vanishing Point: New PLC Malware Leverages Processor Problems to Go Dark

Cite this