A Flashback on Control Logic Injection Attacks against Programmable Logic Controllers

Loading...
Thumbnail Image
Date
2022
Volume
3
Issue
4
Journal
Series Titel
Book Title
Publisher
Basel : MDPI
Abstract

Programmable logic controllers (PLCs) make up a substantial part of critical infrastructures (CIs) and industrial control systems (ICSs). They are programmed with a control logic that defines how to drive and operate critical processes such as nuclear power plants, petrochemical factories, water treatment systems, and other facilities. Unfortunately, these devices are not fully secure and are prone to malicious threats, especially those exploiting vulnerabilities in the control logic of PLCs. Such threats are known as control logic injection attacks. They mainly aim at sabotaging physical processes controlled by exposed PLCs, causing catastrophic damage to target systems as shown by Stuxnet. Looking back over the last decade, many research endeavors exploring and discussing these threats have been published. In this article, we present a flashback on the recent works related to control logic injection attacks against PLCs. To this end, we provide the security research community with a new systematization based on the attacker techniques under three main attack scenarios. For each study presented in this work, we overview the attack strategies, tools, security goals, infected devices, and underlying vulnerabilities. Based on our analysis, we highlight the current security challenges in protecting PLCs from such severe attacks and suggest security recommendations for future research directions.

Description
Keywords
industrial control system, programmable logic controller, control logic injection attack, program injection, program modification
Citation
Alsabbagh, W., & Langendörfer, P. (2022). A Flashback on Control Logic Injection Attacks against Programmable Logic Controllers. 3(4). https://doi.org//10.3390/automation3040030
License
CC BY 4.0 Unported