IDEAS home Printed from https://ideas.repec.org/a/eee/ijocip/v7y2014i1p61-68.html
   My bibliography  Save this article

An evaluation of modification attacks on programmable logic controllers

Author

Listed:
  • Schuett, Carl
  • Butts, Jonathan
  • Dunlap, Stephen

Abstract

Unprotected supervisory control and data acquisition (SCADA) systems offer promising targets to potential attackers. Field devices, such as programmable logic controllers (PLCs), are of particular concern because they directly monitor and control industrial processes. Although attacks targeting SCADA systems have increased, relatively little research has focused on exploring the vulnerabilities directly associated with the exploitation of field devices. Attacks such as Stuxnet have targeted operating characteristics, but not low-level firmware code. As attacks increase in sophistication, it is reasonable to expect increased exploitation of the field device firmware.

Suggested Citation

  • Schuett, Carl & Butts, Jonathan & Dunlap, Stephen, 2014. "An evaluation of modification attacks on programmable logic controllers," International Journal of Critical Infrastructure Protection, Elsevier, vol. 7(1), pages 61-68.
    • Handle: RePEc:eee:ijocip:v:7:y:2014:i:1:p:61-68
    DOI: 10.1016/j.ijcip.2014.01.004
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S1874548214000055
    Download Restriction: Full text for ScienceDirect subscribers only
    File URL: https://libkey.io/10.1016/j.ijcip.2014.01.004?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Basnight, Zachry & Butts, Jonathan & Lopez, Juan & Dube, Thomas, 2013. "Firmware modification attacks on programmable logic controllers," International Journal of Critical Infrastructure Protection, Elsevier, vol. 6(2), pages 76-84.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Safari, Mohammad & Parvinnia, Elham & Haddad, Alireza Keshavarz, 2021. "Industrial intrusion detection based on the behavior of rotating machine," International Journal of Critical Infrastructure Protection, Elsevier, vol. 34(C).
    2. Yadav, Geeta & Paul, Kolin, 2021. "Architecture and security of SCADA systems: A review," International Journal of Critical Infrastructure Protection, Elsevier, vol. 34(C).
    3. Zhu, Ruijin & Zhang, Baofeng & Mao, Junjie & Zhang, Quanxin & Tan, Yu-an, 2017. "A methodology for determining the image base of ARM-based industrial control system firmware," International Journal of Critical Infrastructure Protection, Elsevier, vol. 16(C), pages 26-35.
    4. Krotofil, Marina & Cárdenas, Alvaro & Larsen, Jason & Gollmann, Dieter, 2014. "Vulnerabilities of cyber-physical systems to stale data—Determining the optimal time to launch attacks," International Journal of Critical Infrastructure Protection, Elsevier, vol. 7(4), pages 213-232.
    5. Monzer, Mohamad-Houssein & Beydoun, Kamal & Ghaith, Alaa & Flaus, Jean-Marie, 2022. "Model-based IDS design for ICSs," Reliability Engineering and System Safety, Elsevier, vol. 225(C).
    6. Gopal Vishwakarma & Wonjun Lee, 2018. "Exploiting JTAG and Its Mitigation in IOT: A Survey," Future Internet, MDPI, vol. 10(12), pages 1-18, December.
    7. SICARD, Franck & ZAMAI, Éric & FLAUS, Jean-Marie, 2019. "An approach based on behavioral models and critical states distance notion for improving cybersecurity of industrial control systems," Reliability Engineering and System Safety, Elsevier, vol. 188(C), pages 584-603.

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Monzer, Mohamad-Houssein & Beydoun, Kamal & Ghaith, Alaa & Flaus, Jean-Marie, 2022. "Model-based IDS design for ICSs," Reliability Engineering and System Safety, Elsevier, vol. 225(C).
    2. adepu, Sridhar & Mathur, Aditya, 2021. "SafeCI: Avoiding process anomalies in critical infrastructure," International Journal of Critical Infrastructure Protection, Elsevier, vol. 34(C).
    3. SICARD, Franck & ZAMAI, Éric & FLAUS, Jean-Marie, 2019. "An approach based on behavioral models and critical states distance notion for improving cybersecurity of industrial control systems," Reliability Engineering and System Safety, Elsevier, vol. 188(C), pages 584-603.
    4. Yadav, Geeta & Paul, Kolin, 2021. "Architecture and security of SCADA systems: A review," International Journal of Critical Infrastructure Protection, Elsevier, vol. 34(C).
    5. Barry C. Ezell & R. Michael Robinson & Peter Foytik & Craig Jordan & David Flanagan, 2013. "Cyber risk to transportation, industrial control systems, and traffic signal controllers," Environment Systems and Decisions, Springer, vol. 33(4), pages 508-516, December.
    6. Safari, Mohammad & Parvinnia, Elham & Haddad, Alireza Keshavarz, 2021. "Industrial intrusion detection based on the behavior of rotating machine," International Journal of Critical Infrastructure Protection, Elsevier, vol. 34(C).
    7. Zhu, Ruijin & Zhang, Baofeng & Mao, Junjie & Zhang, Quanxin & Tan, Yu-an, 2017. "A methodology for determining the image base of ARM-based industrial control system firmware," International Journal of Critical Infrastructure Protection, Elsevier, vol. 16(C), pages 26-35.
    8. Gopal Vishwakarma & Wonjun Lee, 2018. "Exploiting JTAG and Its Mitigation in IOT: A Survey," Future Internet, MDPI, vol. 10(12), pages 1-18, December.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:ijocip:v:7:y:2014:i:1:p:61-68. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: https://www.journals.elsevier.com/international-journal-of-critical-infrastructure-protection .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.