{"title":"软件安全和可编程逻辑控制器的安全性","authors":"C. Farkas, Sidney Valentine","doi":"10.1109/ITNG.2013.98","DOIUrl":null,"url":null,"abstract":"Supervisory Control and Data Acquisition (SCADA) systems are widely used in automated manufacturing and in all areas of our nation's infrastructure. Current research on SCADA security focuses on the primary SCADA components and targets network centric attacks. Security risks via attacks against the peripheral devices such as the Programmable Logic Controllers (PLCs) have not been sufficiently addressed. Since PLCs dictate the functionality of the processes it is crucial that they function correctly and securely. In this paper we study the problem of providing safety and security for ladder logic code. We argue that general purpose safety and security methods are insufficient for PLCs due to the specific context and the unique processing logic of ladder logic applications. We present a PLC Security Framework (PLC-SF) that is compatible with the current PLC compilers, detects and classifies incorrect and unsafe ladder logic code. After the classification of the vulnerabilities, PLC-SF recommends appropriate design-patterns to eliminate the problems.","PeriodicalId":320262,"journal":{"name":"2013 10th International Conference on Information Technology: New Generations","volume":"44 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-04-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Software Safety and Security for Programmable Logic Controllers\",\"authors\":\"C. Farkas, Sidney Valentine\",\"doi\":\"10.1109/ITNG.2013.98\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Supervisory Control and Data Acquisition (SCADA) systems are widely used in automated manufacturing and in all areas of our nation's infrastructure. Current research on SCADA security focuses on the primary SCADA components and targets network centric attacks. Security risks via attacks against the peripheral devices such as the Programmable Logic Controllers (PLCs) have not been sufficiently addressed. Since PLCs dictate the functionality of the processes it is crucial that they function correctly and securely. In this paper we study the problem of providing safety and security for ladder logic code. We argue that general purpose safety and security methods are insufficient for PLCs due to the specific context and the unique processing logic of ladder logic applications. We present a PLC Security Framework (PLC-SF) that is compatible with the current PLC compilers, detects and classifies incorrect and unsafe ladder logic code. After the classification of the vulnerabilities, PLC-SF recommends appropriate design-patterns to eliminate the problems.\",\"PeriodicalId\":320262,\"journal\":{\"name\":\"2013 10th International Conference on Information Technology: New Generations\",\"volume\":\"44 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-04-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 10th International Conference on Information Technology: New Generations\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ITNG.2013.98\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 10th International Conference on Information Technology: New Generations","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ITNG.2013.98","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Software Safety and Security for Programmable Logic Controllers
Supervisory Control and Data Acquisition (SCADA) systems are widely used in automated manufacturing and in all areas of our nation's infrastructure. Current research on SCADA security focuses on the primary SCADA components and targets network centric attacks. Security risks via attacks against the peripheral devices such as the Programmable Logic Controllers (PLCs) have not been sufficiently addressed. Since PLCs dictate the functionality of the processes it is crucial that they function correctly and securely. In this paper we study the problem of providing safety and security for ladder logic code. We argue that general purpose safety and security methods are insufficient for PLCs due to the specific context and the unique processing logic of ladder logic applications. We present a PLC Security Framework (PLC-SF) that is compatible with the current PLC compilers, detects and classifies incorrect and unsafe ladder logic code. After the classification of the vulnerabilities, PLC-SF recommends appropriate design-patterns to eliminate the problems.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
