Cyberattacks on the Industrial Control System(ICS)have recently been increasing,made more intelligent by advancing technologies.As such,cybersecurity for such systems is attracting attention.As a core element of contr...Cyberattacks on the Industrial Control System(ICS)have recently been increasing,made more intelligent by advancing technologies.As such,cybersecurity for such systems is attracting attention.As a core element of control devices,the Programmable Logic Controller(PLC)in an ICS carries out on-site control over the ICS.A cyberattack on the PLC will cause damages on the overall ICS,with Stuxnet and Duqu as the most representative cases.Thus,cybersecurity for PLCs is considered essential,and many researchers carry out a variety of analyses on the vulnerabilities of PLCs as part of preemptive efforts against attacks.In this study,a vulnerability analysis was conducted on the XGB PLC.Security vulnerabilities were identified by analyzing the network protocols and memory structure of PLCs and were utilized to launch replay attack,memory modulation attack,and FTP/Web service account theft for the verification of the results.Based on the results,the attacks were proven to be able to cause the PLC to malfunction and disable it,and the identified vulnerabilities were defined.展开更多
基金This work was supported by the National Research Foundation of Korea(NRF)grant funded by the Korea government(MSIT:Ministry of Science and ICT)(Nos.NRF-2016M2A8A4952280 and NRF-2020R1A2C1012187).
文摘Cyberattacks on the Industrial Control System(ICS)have recently been increasing,made more intelligent by advancing technologies.As such,cybersecurity for such systems is attracting attention.As a core element of control devices,the Programmable Logic Controller(PLC)in an ICS carries out on-site control over the ICS.A cyberattack on the PLC will cause damages on the overall ICS,with Stuxnet and Duqu as the most representative cases.Thus,cybersecurity for PLCs is considered essential,and many researchers carry out a variety of analyses on the vulnerabilities of PLCs as part of preemptive efforts against attacks.In this study,a vulnerability analysis was conducted on the XGB PLC.Security vulnerabilities were identified by analyzing the network protocols and memory structure of PLCs and were utilized to launch replay attack,memory modulation attack,and FTP/Web service account theft for the verification of the results.Based on the results,the attacks were proven to be able to cause the PLC to malfunction and disable it,and the identified vulnerabilities were defined.
