This security application brief provides an example security analysis for programmable logic controllers. The intent is to highlight various potential threat scenarios and corresponding steps to help combat them. This process includes the identification and ranking of potential threats and exploring relevant TI security enablers.
This brief leverages the first.org CVSS 3.1 calculator. All scoring in this brief is based on TI's assessment. Readers should adjust each parameter according to their targeted applications and system designs.
Sitara is a registered trademark of Texas Instruments.
All other trademarks are the property of their respective owners.
A programmable logic controller (PLC), also known as a programmable controller, serves as a computer for industrial manufacturing. PLCs bring flexibility (ability to reprogram quickly) with reliability (minimal power down and maintenance) and ease of use in a standalone factory environment. Originally conceived for the auto manufacturing industry in the 1960s to replace hard-wired options such as relays and enable programmable, real-time control of equipment, PLCs are now ubiquitous in the manufacturing industry. They are a necessary component of factories of today and of future, and instrumental to safety, reliability and continuous operation.
Over the past five decades, PLCs have evolved to meet the ever-growing needs of more automation and more data handling. This includes miniaturization, deterministic communication, moving to distributed control systems and cloud connectivity.
Industry 4.0, also known as the Fourth Industrial Revolution, typically refers to the digitization of the manufacturing industry and the collection and use of information in real time to create smart factories. The goal is to sense, share and control health data, status and operation of factory equipment and product in real time while enabling intelligent and self-aware machines such as robots to drive increased efficiency and flexibility.
The digitization of the factory requires communications, information technology (including cloud storage and interaction), and data and physical elements like PLCs in factories, where machines interact with humans, other machines and the products being manufactured. Integrated sensing delivers decision-critical data, and real-time information processing, control and communication are driving profound changes in the entire industrial ecosystem [1].
Industry 4.0 is depending on PLC technology to be a key factor in this transformative evolution.
Before looking at the security threats and possible solutions, quickly review how PLCs fit into the factory/Industry 4.0 world. In Figure 2, PLCs are in each element.
As factories have evolved, a few trends are worth considering for PLCs in the context of security [2]:
Given the critical role that PLCs play in digital factories, Table 1 shows the potential attacks that can leave factories vulnerable. The threat scores listed in the third column leverage the first.org Common Vulnerability Scoring System Version 3.0 Calculator [2]. The higher the score, the greater the security risk, indicating the need to take proactive steps to enable countermeasures.
Threat | Threat Description | Threat Score | CVSS |
---|---|---|---|
Denial-of-service attacks | Bringing the system or PLC network down through malicious attacks; overloading the data stream to overload the memory, for example | 8.6 | CVSS Calculation – 8.6 |
Spoofing | Intercepting communication to the host from the PLC and modifying it maliciously | 8.5 | CVSS Calculation – 8.5 |
Man-in-the-middle attacks | A rogue PLC or remote input/output (I/O) intercepts and modifies/changes messages from a valid source, and forwards attack messages to a targeted PLC in an attempt to take down the PLC or have it respond in unintended way, like shutting down a section of a factory | 8.5 | CVSS Calculation – 8.5 |
Rogue PLC joining network | A rogue PLC impersonating a legitimate PLC joins a factory network to create attack scenarios | 8.5 | CVSS Calculation – 8.5 |
PLC takeover | Changing the PLC program or boot image to alter intended operations and create attack scenarios or denial-of-service attacks | 7.4 | CVSS Calculation – 7.4 |
Remote device management serves exploits | Using remote device management services such as web managers, Telnet or Secure Shell running over a PLC for debugging or status reporting to gain control of a PLC or change its configuration | 7.4 | CVSS Calculation – 7.4 |