PLC

William Knowles
29 Jun 2017

Offensive ICS Exploitation: A Description of an ICS CTF

A cybersecurity team demonstrated multiple attack vectors against industrial control systems (ICS) water treatment testbeds during a Capture the Flag competition. The attacks included establishing external command and control channels, overwriting historian database values, manipulating human-machine interfaces, and modifying programmable logic controller logic. Multiple techniques were used to compromise network systems and tamper with sensor data, exposing critical infrastructure vulnerabilities.

21 Oct 2016

A Hybrid Approach to ICS Intrusion Detection

SENAMI introduces a hybrid intrusion detection approach for Industrial Control Systems that combines passive network monitoring with selective active monitoring of critical Siemens S7 PLC variables. The method focuses on detecting value tampering attacks by monitoring three key memory locations with minimal performance impact. The approach achieves a 93% detection rate of active threats while avoiding overloading legacy PLC systems.