 Firmware modification attacks on programmable logic controllersZachry Basnight, Jonathan Butts, Juan Lopez and Thomas Dube International Journal of Critical Infrastructure Protection, 2013, vol. 6, issue 2, 76-84 Abstract: Recent attacks on industrial control systems, such as the highly publicized Stuxnet malware, have intensified a “race to the bottom” where lower-level attacks have a tactical advantage. Programmable logic controller (PLC) firmware, which provides a software-driven interface between system inputs and physical outputs, can be easily modified at the user level. Efforts directed at protecting against firmware modification are hindered by the lack of foundational research about attack development and implementation. This paper examines the vulnerability of PLCs to intentional firmware modifications in order to obtain a better understanding of the threats posed by PLC firmware modification attacks and the feasibility of these attacks. A general firmware analysis methodology is presented, and a proof-of-concept experiment is used to demonstrate how legitimate firmware can be updated and uploaded to an Allen-Bradley ControlLogix L61 PLC. Keywords: Industrial control systems; Programmable logic controllers; Firmware; Modification attacks; Reverse engineering (search for similar items in EconPapers) Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:eee:ijocip:v:6:y:2013:i:2:p:76-84 DOI: 10.1016/j.ijcip.2013.04.004 Access Statistics for this article International Journal of Critical Infrastructure Protection is currently edited by Leon Strous More articles in International Journal of Critical Infrastructure Protection from Elsevier |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.