A Firmware Verification Tool for Programmable Logic Controllers

Authors

Lucille R. McMinn
Jonathan W. Butts, Air Force Institute of Technology

Document Type

Conference Proceeding

Publication Date

2012

Abstract

Current supervisory control and data acquisition (SCADA) systems do not have adequately tailored security solutions. Programmable logic controllers (PLCs) in SCADA systems are particularly vulnerable due to a lack of firmware auditing capabilities. Since a PLC is a field device that directly connects to a physical system for monitoring and control, a compromise of its firmware could have devastating consequences. This paper describes a tool developed specifically for verifying PLC firmware in SCADA systems. The tool captures serial data during firmware uploads and verifies it against a known good firmware executable. It can also replay captured data and analyze firmware without the presence of a PLC. The tool does not require any modifications to a SCADA system and can be implemented on a variety of platforms. These features, along with the ability to isolate the tool from production systems and adapt it to various architectures, make the tool attractive for use in diverse SCADA environments. Abstract © Springer

Comments

The "Link to Full Text" on this page loads the PDF of the chapter, furnished through the Springer Nature SharedIt content-sharing initiative. The publisher retains permissions to re-use and distribute this chapter from IFIP vol. 390.

© IFIP International Federation for Information Processing 2012

DOI

10.1007/978-3-642-35764-0_5

Source Publication

IFIP Advances in Information and Communication Technology, v.390

Recommended Citation

McMinn, L., & Butts, J. W. (2012). A firmware verification tool for programmable logic controllers. In J. Butts & S. Shenoi (Eds.), Critical Infrastructure Protection VI. ICCIP 2012 (Vol. IFIPA 390, pp. 59–69). Berlin: Springer. https://doi.org/10.1007/978-3-642-35764-0_5