PLC Code Protection

60 %
40 %
Information about PLC Code Protection

Published on March 5, 2014

Author: dgpeters

Source: slideshare.net

Air Force Institute of Technology The AFIT of Today is the Air Force of Tomorrow. PLC Code Protection Center for Cyberspace Research Stephen Dunlap Jonathan Butts, PhD CCR - The Center for Cyberspace Research

What’s the Story? The AFIT of Today is the Air Force of Tomorrow. CCR - The Center for Cyberspace Research

Tactical Questions The AFIT of Today is the Air Force of Tomorrow. CCR - The Center for Cyberspace Research

Resources The AFIT of Today is the Air Force of Tomorrow. •  Requirements •  Helpful: CCR - The Center for Cyberspace Research

Static Analysis The AFIT of Today is the Air Force of Tomorrow. Device? We don’t need no stinkin device… CCR - The Center for Cyberspace Research

Hardware Analysis The AFIT of Today is the Air Force of Tomorrow. But I’ll take it if I can get it… CCR - The Center for Cyberspace Research

Dynamic Analysis The AFIT of Today is the Air Force of Tomorrow. I don’t always do dynamic analysis, but when I do, I use JTAG… CCR - The Center for Cyberspace Research

Let’s Do This The AFIT of Today is the Air Force of Tomorrow. Attacks Need: Triggers Payloads Deployment CCR - The Center for Cyberspace Research

The AFIT of Today is the Air Force of Tomorrow. CCR - The Center for Cyberspace Research

Time Bomb The AFIT of Today is the Air Force of Tomorrow. •  Hook regularly executed function •  Count executions Jump Instruction before modification After modification CCR - The Center for Cyberspace Research

Time Bomb Cont. The AFIT of Today is the Air Force of Tomorrow. Store a counter in memory Load counter and subtract Test for zero Continue operation if greater CCR - The Center for Cyberspace Research

Logic Bomb The AFIT of Today is the Air Force of Tomorrow. •  Hook jump table for CPU mode change •  Keep track of changes for specific sequence RUN REM PROG PROG REM RUN CCR - The Center for Cyberspace Research

Remote Commands The AFIT of Today is the Air Force of Tomorrow. •  Hook CIP command handler jump table CCR - The Center for Cyberspace Research

Remote Commands Cont. The AFIT of Today is the Air Force of Tomorrow. •  Check for custom service and instance CCR - The Center for Cyberspace Research

The AFIT of Today is the Air Force of Tomorrow. CCR - The Center for Cyberspace Research

Soft DoS The AFIT of Today is the Air Force of Tomorrow. •  Endless loop causes recoverable fault •  Fault shutdown routine CCR - The Center for Cyberspace Research

Persistent DoS The AFIT of Today is the Air Force of Tomorrow. •  Write value to flash •  Fault if value exists •  Exploit Flash Writing Function •  R0 – Destination address •  R1 – Source Address •  R1 – Data Length Flash end address CCR - The Center for Cyberspace Research

Where to From Here? The AFIT of Today is the Air Force of Tomorrow. •  Traffic Modification •  Modify CIP values •  Propagation •  Persistence •  Implant in bootloader •  Ignore firmware updates •  Modify version number CCR - The Center for Cyberspace Research

The AFIT of Today is the Air Force of Tomorrow. CCR - The Center for Cyberspace Research

Pivoting Through Firewall The AFIT of Today is the Air Force of Tomorrow. CCR - The Center for Cyberspace Research

Pivoting Through Router The AFIT of Today is the Air Force of Tomorrow. CCR - The Center for Cyberspace Research

Pivoting Through Router The AFIT of Today is the Air Force of Tomorrow. CCR - The Center for Cyberspace Research

Implications The AFIT of Today is the Air Force of Tomorrow. •  •  •  •  Vendor agnostic Expensive devices not needed Supply chain Cost of entry •  Team composition: Two guys •  Time: Approx 3 months •  Money: $3,500 NATION STATE NOT REQUIRED CCR - The Center for Cyberspace Research

Protection Mechanisms The AFIT of Today is the Air Force of Tomorrow. •  Vendor •  Digital Signatures •  Trusted Platform Module •  Integrator •  Source Verification •  Access Control •  Configuration Management •  Asset Owner •  Deep Packet Inspection •  Data Diodes •  Configuration Management CCR - The Center for Cyberspace Research

Thank You The AFIT of Today is the Air Force of Tomorrow. CCR - The Center for Cyberspace Research

Add a comment

Related presentations

Related pages

Unlock protected block in simatic manager (Siemens S7 PLC ...

Unlock protected block in simatic manager (Siemens S7 PLC) ... Simatic Manager: Remove Protection using Microsoft Access - Duration: 4:32.
Read more

Source Code Protection For Your SIMATIC S7-1200 PLC in TIA ...

From time to time, we'll run across situations where a client believes it is necessary to lock down code on a PLC. In some cases, there may be valuable ...
Read more

Free Best Plc Code Protection to download at Shareware ...

Best Plc Code Protection software free downloads. Best Plc Code Protection shareware, freeware, demos: Best QR Code Scanner - Scan + Create Your Own QR ...
Read more

Practical Law - Home - UK

Data Protection; Dispute Resolution; ... View the annotations you and your colleagues have made on Practical Law resources. ... is to the PLC Reference ID.
Read more

Programmable logic controller - Wikipedia

A programmable logic controller (PLC), or programmable controller is an industrial digital computer which has been ruggedised and adapted for the control ...
Read more

Best Plc Code Protection - Super Shareware

3.NET Obfuscator Freeware; NET Obfuscator, a code-protection tool for .NET app obfuscation. The Light version is the Free edition of Skater .NET Obfuscator.
Read more

PLC Automation | ABB

PLC Automation. ABB's automation ... AC500-S and AC500-XC PLC ranges provide solutions for small, middle and high-end applications. ... Zip code. Your message.
Read more

P &PLC APPENDIXPPENDIX CODE TABLES A

See the explanation for error code PLC-499 below for DirectLOGIC and proceeding each set of PLC error code tables that use this error code.
Read more

Euro Parking Collection plc

Euro Parking Collection plc (EPC) 83-93 ... 44 (0)20 7288 9740 Fax: +44 (0)20 7288 9741 www.epcplc.com. Company Reg.: GB3515275 Data Protection Reg.: ...
Read more