Logo des Repositoriums
 
Konferenzbeitrag

No Attacks Are Available: Securing the OpenPLC and Related Systems

Lade...
Vorschaubild

Volltext URI

Dokumententyp

Text/Conference Paper

Zusatzinformation

Datum

2023

Zeitschriftentitel

ISSN der Zeitschrift

Bandtitel

Verlag

Gesellschaft für Informatik e.V.

Zusammenfassung

The use of Programmable Logic Controllers (PLCs) expands in industrial domains, which makes ensuring the security of Industrial Control Systems (ICSs) become paramount. The OpenPLC project, the first open-source initiative, provides flexible and cost-effective PLC solutions to build up affordable test-beds, as well as conduct experiments and academic researches. This project has wildly grown in the last few years, thus it is essential to address the most emerging security challenges it encounters. This paper introduces a new OpenPLC architecture, called OpenPLC Aqua, provided with a set of security solutions designed specifically to overcome the vulnerabilities that the current OpenPLC versions are prone to. The new OpenPLC architecture includes four security features: 1) user credentials encryption, securing the Webserver, Whitelisting and secure SSL/TLS communication channel. The OpenPLC Aqua software was tested against several attack scenarios that were feasible against the old OpenPLC versions. Our experimental results showed our enhanced OpenPLC software is secure and resistant against several attack scenarios e.g., authentication, injection, Man-in-the- Middle and replay attacks. The OpenPLC Aqua is publicly available and a proof of concept demo is also published with this paper.

Beschreibung

Alsabbagh, Wael; Kim, Chaerin; Langendörfer, Peter (2023): No Attacks Are Available: Securing the OpenPLC and Related Systems. INFORMATIK 2023 - Designing Futures: Zukünfte gestalten. DOI: 10.18420/inf2023_206. Bonn: Gesellschaft für Informatik e.V.. PISSN: 1617-5468. ISBN: 978-3-88579-731-9. pp. 2085-2096. Wirtschaft, Management Industrie - 8th Industrial Automation and Control Systems Standardization Workshop (IACS 2023). Berlin. 26.-29. September 2023

Zitierform

Tags