PCaaD: Towards automated determination and exploitation of industrial systems. Issue 110 (November 2021)
- Record Type:
- Journal Article
- Title:
- PCaaD: Towards automated determination and exploitation of industrial systems. Issue 110 (November 2021)
- Main Title:
- PCaaD: Towards automated determination and exploitation of industrial systems
- Authors:
- Green, Benjamin
Derbyshire, Richard
Krotofil, Marina
Knowles, William
Prince, Daniel
Suri, Neeraj - Abstract:
- Abstract: Over the last decade, Programmable Logic Controllers (PLCs) have been increasingly targeted by attackers to obtain control over industrial processes that support critical services. Such targeted attacks typically require detailed knowledge of system-specific attributes, including hardware configurations, adopted protocols, and PLC control-logic, i.e., process comprehension. The consensus from both academics and practitioners suggests stealthy process comprehension obtained from a PLC alone, to execute targeted attacks, is impractical. In contrast, we assert that current PLC programming practices open the door to a new vulnerability class, affording attackers an increased level of process comprehension. To support this, we propose the concept of Process Comprehension at a Distance (PCaaD), as a novel methodological and automatable approach towards the system-agnostic identification of PLC library functions. This leads to the targeted exfiltration of operational data, manipulation of control-logic behavior, and establishment of covert command and control channels through unused memory. We validate PCaaD on widely used PLCs through its practical application.
- Is Part Of:
- Computers & security. Issue 110(2021)
- Journal:
- Computers & security
- Issue:
- Issue 110(2021)
- Issue Display:
- Volume 110, Issue 110 (2021)
- Year:
- 2021
- Volume:
- 110
- Issue:
- 110
- Issue Sort Value:
- 2021-0110-0110-0000
- Page Start:
- Page End:
- Publication Date:
- 2021-11
- Subjects:
- PLC Programming Practices -- Reconnaissance -- Process Comprehension -- C2 -- ICS -- SCADA -- OT
Computer security -- Periodicals
Electronic data processing departments -- Security measures -- Periodicals
005.805 - Journal URLs:
- http://www.sciencedirect.com/science/journal/01674048 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.cose.2021.102424 ↗
- Languages:
- English
- ISSNs:
- 0167-4048
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.781000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 19558.xml