Stealth Low-Level Manipulation of Programmable Logic Controllers I/O by Pin Control Exploitation

Ali Abbasi, Majid Hashemi, Emmanuele Zambon, Sandro Etalle

11th International Conference on Critical Information Infrastructures Security, October 10-12, 2016, Paris, France.


Abstract

Input/Output is the mechanism through which Programmable Logic Controllers (PLCs) interact with and control the outside world. Particularly when employed in critical infrastructures, the I/O of PLCs has to be both reliable and secure. PLCs I/O like other embedded devices are controlled by a pin based approach. In this paper, we investigate the security implications of the PLC pin control system. In particular, we show how an attacker can tamper with the integrity and availability of PLCs I/O by exploiting certain pin control operations and the lack of hardware interrupts associated to them.

[PDF]

tags: PLC