Skip to main content
placeholder image

PLC Code-Level Vulnerabilities

Conference Paper


Abstract


  • Code vulnerabilities in the ladder logic of PLCs (Programmable Logic Controllers) have not been sufficiently addressed in the literature. Most of the research related to PLC threats or attacks focuses on the hardware portion of ICS (Industrial Control Systems) or SCADA (Supervisory Control and Data Acquisition) systems such as: industrial components, peripheral devices, or networks. It does not adequately discuss PLC code-level vulnerabilities and attacks. This paper provides an overview of some critical vulnerabilities within the PLC ladder logic code or program and recommends corresponding steps or methods to keep PLCs safer and more secure. The paper focuses on ladder logic code vulnerabilities and weak points that might be exploited by malicious attacks. Those weak points could be a result of intentional malicious pieces of code embedded within the ladder logic code or inadvertent ones such as bad code practices or human errors.

Authors


Publication Date


  • 2018

Citation


  • A. Serhane, M. Raad, R. Raad & W. Susilo, "PLC Code-Level Vulnerabilities," in 2018 International Conference on Computer and Applications, ICCA 2018, 2018, pp. 348-352.

Scopus Eid


  • 2-s2.0-85054474147

Start Page


  • 348

End Page


  • 352

Place Of Publication


  • United States

Abstract


  • Code vulnerabilities in the ladder logic of PLCs (Programmable Logic Controllers) have not been sufficiently addressed in the literature. Most of the research related to PLC threats or attacks focuses on the hardware portion of ICS (Industrial Control Systems) or SCADA (Supervisory Control and Data Acquisition) systems such as: industrial components, peripheral devices, or networks. It does not adequately discuss PLC code-level vulnerabilities and attacks. This paper provides an overview of some critical vulnerabilities within the PLC ladder logic code or program and recommends corresponding steps or methods to keep PLCs safer and more secure. The paper focuses on ladder logic code vulnerabilities and weak points that might be exploited by malicious attacks. Those weak points could be a result of intentional malicious pieces of code embedded within the ladder logic code or inadvertent ones such as bad code practices or human errors.

Authors


Publication Date


  • 2018

Citation


  • A. Serhane, M. Raad, R. Raad & W. Susilo, "PLC Code-Level Vulnerabilities," in 2018 International Conference on Computer and Applications, ICCA 2018, 2018, pp. 348-352.

Scopus Eid


  • 2-s2.0-85054474147

Start Page


  • 348

End Page


  • 352

Place Of Publication


  • United States