Walking under the ladder logic: PLC-VBS: a PLC control logic vulnerability scanning tool. Issue 127 (April 2023)
- Record Type:
- Journal Article
- Title:
- Walking under the ladder logic: PLC-VBS: a PLC control logic vulnerability scanning tool. Issue 127 (April 2023)
- Main Title:
- Walking under the ladder logic: PLC-VBS: a PLC control logic vulnerability scanning tool
- Authors:
- Maesschalck, Sam
Staves, Alexander
Derbyshire, Richard
Green, Benjamin
Hutchison, David - Abstract:
- Highlights: A previously unconsidered approach towards the understanding of PLC vulnerabilities. A tool, PLC-VBS, supporting the identification of vulnerable PLC memory. The results of a vulnerability scan conducted against a vendor-provided PLC code base commonly used in practice. Abstract: Cyber security risk assessments provide a crucial starting point towards the understanding of existing risk exposure, via which suitable mitigation strategies can be formed. Risk is viewed as a product of threat, vulnerability and impact, and equal understanding of each of these elements is vitally important. This can be a challenge in Industrial Control System (ICS) environments, where adopted technologies are typically not only bespoke, but interact directly with the physical world. To date, existing vulnerability identification has focused on traditional vulnerability categories. While this approach provides risk assessors with a baseline understanding and the ability to hypothesize about potential resulting impacts, it is rather high level, operating at a level of abstraction that would be viewed as incomplete within a traditional information system context. The work presented in this paper takes the understanding of ICS device vulnerabilities a step deeper. It offers a tool, PLC-VBS, that helps identify Programmable Logic Controller (PLC) vulnerabilities, specifically within logic used to monitor, control, and automate operational processes. PLC-VBS gives risk assessors a moreHighlights: A previously unconsidered approach towards the understanding of PLC vulnerabilities. A tool, PLC-VBS, supporting the identification of vulnerable PLC memory. The results of a vulnerability scan conducted against a vendor-provided PLC code base commonly used in practice. Abstract: Cyber security risk assessments provide a crucial starting point towards the understanding of existing risk exposure, via which suitable mitigation strategies can be formed. Risk is viewed as a product of threat, vulnerability and impact, and equal understanding of each of these elements is vitally important. This can be a challenge in Industrial Control System (ICS) environments, where adopted technologies are typically not only bespoke, but interact directly with the physical world. To date, existing vulnerability identification has focused on traditional vulnerability categories. While this approach provides risk assessors with a baseline understanding and the ability to hypothesize about potential resulting impacts, it is rather high level, operating at a level of abstraction that would be viewed as incomplete within a traditional information system context. The work presented in this paper takes the understanding of ICS device vulnerabilities a step deeper. It offers a tool, PLC-VBS, that helps identify Programmable Logic Controller (PLC) vulnerabilities, specifically within logic used to monitor, control, and automate operational processes. PLC-VBS gives risk assessors a more coherent picture about the potential impact should the identified vulnerabilities be exploited; this applies specifically to operational process elements. … (more)
- Is Part Of:
- Computers & security. Issue 127(2023)
- Journal:
- Computers & security
- Issue:
- Issue 127(2023)
- Issue Display:
- Volume 127, Issue 127 (2023)
- Year:
- 2023
- Volume:
- 127
- Issue:
- 127
- Issue Sort Value:
- 2023-0127-0127-0000
- Page Start:
- Page End:
- Publication Date:
- 2023-04
- Subjects:
- ICS -- SCADA -- PLC -- Cyber security -- PLC vulnerability scanner -- PLC programming practices
Computer security -- Periodicals
Electronic data processing departments -- Security measures -- Periodicals
005.805 - Journal URLs:
- http://www.sciencedirect.com/science/journal/01674048 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.cose.2023.103116 ↗
- Languages:
- English
- ISSNs:
- 0167-4048
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.781000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 26009.xml