Vulnerability analysis on cyber-physical systems: MELSOFT protocol null Mumbai Meet 14 April 2018 null & OWASP Monthly Meet
Abstract
Industrial Control Systems (ICS) lie at the very heart of the industrial cyber security issue. As a preferred target of attackers striking the industrial sector, ICS control and pilot large infrastructures in areas such as energy, defense, transportation and other large-scale structures including road networks and next-generation stadiums.
The technology operating in ICS includes distributed control systems (DCS), supervisory control and data acquisition systems (SCADA) and programmable logic controllers (PLC). All these systems falling under operational technology (OT) tend to be increasingly connected by information technology (IT). This transition, however, is not smooth sailing since existing equipment was not initially designed to operate in a network and sometimes does not even have any system resources.
Yesterday’s OT environments harbor certain weaknesses when it comes to cybersecurity, especially at a time when the Internet of Things (IoT) and the Industrial Internet of Things (IIoT) are booming.
The project proposes to infect the ladder logic which controls the end factory and manufacturing processes and try to catch this event through a security appliance and generate logs or alerts to inform the end user. Infection may be through illegal access and possess an ability to read hidden logic or it may be also leading to ability to alter logic. In ICS environments, there are typically no authentication or encryption mechanisms. This means that there are no restrictions preventing those operating in ICS networks from making changes to the controllers: anyone with network access, whether a trusted employee or malicious attacker, has unfettered access to these devices. It is important to emphasize that in a properly designed system, an attempt to cause disruption via the data-plane will probably not result in catastrophic events. An attack via the control-plane that shuts down a controller or alters its logic, can cause various disruptions, ranging from minor process glitches to major physical catastrophes, including the leakage of dangerous materials, contamination, and even explosions. Eventually, we propose to generate a prevention mechanism which might be protocol based or module based that shall add a layer of security against such attack from happening.
Speaker
Timing
Starts at Saturday April 14 2018, 11:15 AM. The sessions runs for about 1 hour.