On PLC network security

Programmable Logic Controller (PLC) is an important component in modern Industrial Control Systems (ICS) particular in Supervisory Control and Data Acquisition (SCADA) systems. Disturbing the normal operation of PLCs can lead to significant damages ranging from minor annoyance to large scale incidents threatening the life of people. While most of existing work in the SCADA security literature focuses on the communication between PLCs and field devices, this paper presents a network security analysis of the communication between PLCs and the engineering stations in charge of setting up and configuring them. Interestingly, this aspect of SCADA security was exploited by the most famous SCADA attack, namely, Stuxnet. Using a testbed with a common PLC device, we successfully carried out three network attacks leading to serious compromise of typical PLCs.