Plc code vulnerabilities through scada systems

Supervisory Control and Data Acquisition (SCADA) systems are widely used in automated manufacturing and in all areas of our nation's infrastructure. Applications range from chemical processes and water treatment facilities to oil and gas production and electric power generation and distribution. Current research on SCADA system security focuses on the primary SCADA components and targets network centric attacks. Security risks via attacks against the peripheral devices such as the Programmable Logic Controllers (PLCs) have not been sufficiently addressed. Our research results address the need to develop PLC applications that are correct, safe and secure. This research provides an analysis of software safety and security threats. We develop countermeasures that are compatible with the existing PLC technologies. We study both intentional and unintentional software errors and propose methods to prevent them. The main contributions of this dissertation are: 1). Develop a taxonomy of software errors and attacks in ladder logic 2). Model ladder logic vulnerabilities 3). Develop security design patterns to avoid software vulnerabilities and incorrect practices 4). Implement a proof of concept static analysis tool which detects the vulnerabilities in the PLC code and recommend corresponding design patterns.

[1]  Mariana Hentea,et al.  Improving Security for SCADA Control Systems , 2008 .

[2]  Csilla Farkas,et al.  Software Safety and Security for Programmable Logic Controllers , 2013, 2013 10th International Conference on Information Technology: New Generations.

[3]  Timothy Grance,et al.  Guide to Supervisory Control and Data Acquisition (SCADA) and Other Industrial Control System Security , 2006 .

[4]  John Viega,et al.  19 deadly sins of software security : programming flaws and how to fix them , 2005 .

[5]  Jie Wu,et al.  On building secure SCADA systems using security patterns , 2009, CSIIRW '09.

[6]  Helge Janicke,et al.  SCADA security in the light of Cyber-Warfare , 2012, Comput. Secur..

[7]  May Robin Permann,et al.  Cyber Assessment Methods For SCADA Security , 2005 .

[8]  Csilla Farkas,et al.  Software security: Application-level vulnerabilities in SCADA systems , 2011, 2011 IEEE International Conference on Information Reuse & Integration.

[9]  Patrick D. McDaniel,et al.  Programmable Logic Controllers , 2012 .

[10]  Dong-Joo Kang,et al.  Proposal strategies of key management for data encryption in SCADA network of electric power systems , 2009 .

[11]  Vadim Okun,et al.  Effect of static analysis tools on software security: preliminary investigation , 2007, QoP '07.

[12]  Sandip C. Patel,et al.  Improving the cyber security of SCADA communication networks , 2009, CACM.

[13]  Amit M. Paradkar,et al.  A software flaw taxonomy: aiming tools at security , 2005, SESS@ICSE.

[14]  John D. Fernandez,et al.  SCADA systems: vulnerabilities and remediation , 2005 .

[15]  Robert Schaefer Relay ladder logic considered harmful , 2013, SOEN.

[16]  Siddharth Sridhar,et al.  Development of the PowerCyber SCADA security testbed , 2010, CSIIRW '10.