Stealth Low-Level Manipulation of Programmable Logic Controllers I/O by Pin Control Exploitation

• Published in: Critical Information Infrastructures Security Vol. 10242; pp. 1 - 12
• Main Authors: Abbasi, Ali, Hashemi, Majid, Zambon, Emmanuele, Etalle, Sandro
• Format: Book Chapter
• Language: English
• Published: Switzerland Springer International Publishing AG 2017; Springer International Publishing
• Series: Lecture Notes in Computer Science
• Subjects: Exploiting; ICS; PLC; SoC
• ISBN: 3319713671; 9783319713670
• ISSN: 0302-9743; 1611-3349
• DOI: 10.1007/978-3-319-71368-7_1

Input/Output is the mechanism through which Programmable Logic Controllers (PLCs) interact with and control the outside world. Particularly when employed in critical infrastructures, the I/O of PLCs has to be both reliable and secure. PLCs I/O like other embedded devices are controlled by a pin based approach. In this paper, we investigate the security implications of the PLC pin control system. In particular, we show how an attacker can tamper with the integrity and availability of PLCs I/O by exploiting certain pin control operations and the lack of hardware interrupts associated to them.