Stealth Low-Level Manipulation of Programmable Logic Controllers I/O by Pin Control Exploitation

Abstract

Input/Output is the mechanism through which Programmable Logic Controllers (PLCs) interact with and control the outside world. Particularly when employed in critical infrastructures, the I/O of PLCs has to be both reliable and secure. PLCs I/O like other embedded devices are controlled by a pin based approach. In this paper, we investigate the security implications of the PLC pin control system. In particular, we show how an attacker can tamper with the integrity and availability of PLCs I/O by exploiting certain pin control operations and the lack of hardware interrupts associated to them.

Publication
In Proceedings of the the 11th International Conference on Critical Information Infrastructures Security
Emmanuele Zambon
Emmanuele Zambon
Assistant Professor

My research interests include Industrial Control System security and network intrusion detection.