What is it about?
Modern Programmable Logic Controllers (PLCs) contain more sophisticated technology than traditional PLCs that are often found in industrial settings, controlling critical processes. We utilise these advanced features to implement a security tool that runs on the PLC itself and that can diagnose the source of the problem and alert operators within seconds.
Featured Image
Why is it important?
PLCs are ubiquitous in engineering and control settings. From mall escalators to nuclear power plants, they are constantly controlling processes that allow us to lead more convenient lifestyles. Due to traditional PLC design, they have proven vulnerable to cyber-attacks, often with great effect (loss of electricity in Ukraine 2015, millions of dollars of damage in Iran 2010). To have a controller "smart" enough to figure out the issue it is encountering is an incredible tool in the arsenal of defensive cybersecurity experts.
Perspectives
While modern PLCs enable us to monitor and detect cyber anomalies in critical infrastructure, it is not a simple task to implement them. One of the most difficult tasks in switching to more secure components and architectures is finding the time to update while keeping downtime to a minimum, as well as ensuring confidence that the process under control has not been changed from its original design. Furthermore, modern PLCs carry a higher attack surface area, possibly introducing more opportunities for the attacker to sabotage the system. We walk a fine line between "up-to-date and secure" and "changing or widening the goalposts".
David Allison
AIT Austrian Institute of Technology GmbH
Read the Original
This page is a summary of: Goosewolf: An Embedded Intrusion Detection System for Advanced Programmable Logic Controllers, Digital Threats Research and Practice, September 2023, ACM (Association for Computing Machinery),
DOI: 10.1145/3617692.
You can read the full text:
Contributors
The following have contributed to this page
