Access Control Attacks on PLC Vulnerabilities

In Industrial Control Systems (ICS), security issues are getting more and more attention. The number of hacking attacks per year is endless, and the attacks on industrial control systems are numerous. Programmable Logic Controller (PLC) is one of the main controllers of industrial processes. Since the industrial control system network is isolated from the external network, many people think that PLC is a safety device. However, virus attacks in recent years, such as Stuxnet, have confirmed the erroneousness of this idea. In this paper, we use the vulnerability of Siemens PLC to carry out a series of attacks, such as S7-200, S7-300, S7-400, S7-1200 and so on. We read the data from the PLC output and then rewrite the data and write it to the PLC. We tamper with the writing of data to achieve communication chaos. When we attack the primary station, all slave devices connected to the primary station will be in a state of communication confusion. The attack methods of us can cause delay or even loss of data in the communications from the Phasor Data Concentrator (PMU) to the data concentrator. The most important thing is that our attack method generates small traffic and short attack time, which is difficult to be identified by traditional detection methods.

[1]  Vladimir A. Oleshchuk,et al.  PLC security and critical infrastructure protection , 2013, 2013 IEEE 8th International Conference on Industrial and Information Systems.

[2]  Volker Roth,et al.  Internet-facing PLCs as a network backdoor , 2015, 2015 IEEE Conference on Communications and Network Security (CNS).

[3]  Liang Cheng,et al.  Detecting Payload Attacks on Programmable Logic Controllers (PLCs) , 2018, 2018 IEEE Conference on Communications and Network Security (CNS).

[4]  Ravishankar K. Iyer,et al.  Attack Induced Common-Mode Failures on PLC-Based Safety System in a Nuclear Power Plant: Practical Experience Report , 2017, 2017 IEEE 22nd Pacific Rim International Symposium on Dependable Computing (PRDC).

[5]  Sami Zhioua,et al.  PLC access control: a security analysis , 2016, 2016 World Congress on Industrial Control Systems Security (WCICSS).

[6]  Bünyamin Ciylan,et al.  Cyber security in industrial control systems: Analysis of DoS attacks against PLCs and the insider effect , 2018, 2018 6th International Istanbul Smart Grids and Cities Congress and Fair (ICSG).

[7]  Shaoyuan Li,et al.  Construction of false sequence attack against PLC based power control system , 2016, 2016 35th Chinese Control Conference (CCC).