JERUSALEM, Aug. 8 (Xinhua) -- Israeli researchers, in collaboration with Israel National Cyber Directorate (INCD), gained control of one of the world's most secure industrial controllers, the Israel Technology Institute (Technion) reported on Thursday.

The researchers, from the Technion and Tel Aviv University, along with the INCD, took over the Simatic S7 controller of the Germany-based giant Siemens.

Simatic S7 is a series of programmable logic controllers (PLCs), currently used in a wide spectrum of operations, such as power stations, water pumps, building controls, production lines, lighting systems, vehicles, aircraft, automatic irrigation, and smart homes.

Their main goal is installing an automatic process control that optimally responds to environmental conditions and changes. The controllers receive instructions from a computer and operate the relevant terminal equipment for the operator: sensors, motors, traffic lights, and more.

The researchers first recreated the controller's operation protocol through reverse-engineering, which is detailed disassembling and examining to find the concepts involved in the manufacturing.

Next, they mapped the security and encryption systems of the controller and detected their weaknesses.

Indeed, they were able to determine common keys with the controller and through them impersonate a legitimate engineering station from the point of view of the controller.

All this allowed the team to load the fake engineering station malware despite the cryptographic security inherent in the systems.

The fake station was able to command the controller according to the will of the attackers.

Thus, the researchers were able to turn the controller on and off, download rogue command logic according to their wishes, and change the operation and source codes.

They also succeeded in creating a situation in which the engineer operating the controller did not recognize their "hostile intervention."

At the end of the study, the researchers sent the findings to Siemens, so that it could fix the vulnerabilities found.

According to the researchers, the attack underscores the need for investment by manufacturers and customers in securing industrial control systems. Enditem

Related

Go to Forum >>0 Comment(s)