Open Access iconOpen Access

ARTICLE

crossmark

Programmable Logic Controller Block Monitoring System for Memory Attack Defense in Industrial Control Systems

Mingyu Lee1, Jiho Shin2, Jung Taek Seo3,*

1 Department of Information Security, Gachon University, Seongnam, 13120, Korea
2 Police Science Institute, Korean National Police University, Asan, 31539, Korea
3 Department of Computer Engineering, Gachon University, Seongnam, 13120, Korea

* Corresponding Author: Jung Taek Seo. Email: email

(This article belongs to the Special Issue: Cybersecurity for Cyber-attacks in Critical Applications in Industry)

Computers, Materials & Continua 2023, 77(2), 2427-2442. https://doi.org/10.32604/cmc.2023.041774

Abstract

Cyberattacks targeting industrial control systems (ICS) are becoming more sophisticated and advanced than in the past. A programmable logic controller (PLC), a core component of ICS, controls and monitors sensors and actuators in the field. However, PLC has memory attack threats such as program injection and manipulation, which has long been a major target for attackers, and it is important to detect these attacks for ICS security. To detect PLC memory attacks, a security system is required to acquire and monitor PLC memory directly. In addition, the performance impact of the security system on the PLC makes it difficult to apply to the ICS. To address these challenges, this paper proposes a system to detect PLC memory attacks by continuously acquiring and monitoring PLC memory. The proposed system detects PLC memory attacks by acquiring the program blocks and block information directly from the same layer as the PLC and then comparing them in bytes with previous data. Experiments with Siemens S7-300 and S7-400 PLC were conducted to evaluate the PLC memory detection performance and performance impact on PLC. The experimental results demonstrate that the proposed system detects all malicious organization block (OB) injection and data block (DB) manipulation, and the increment of PLC cycle time, the impact on PLC performance, was less than 1 ms. The proposed system detects PLC memory attacks with a simpler detection method than earlier studies. Furthermore, the proposed system can be applied to ICS with a small performance impact on PLC.

Keywords


Cite This Article

APA Style
Lee, M., Shin, J., Seo, J.T. (2023). Programmable logic controller block monitoring system for memory attack defense in industrial control systems. Computers, Materials & Continua, 77(2), 2427-2442. https://doi.org/10.32604/cmc.2023.041774
Vancouver Style
Lee M, Shin J, Seo JT. Programmable logic controller block monitoring system for memory attack defense in industrial control systems. Comput Mater Contin. 2023;77(2):2427-2442 https://doi.org/10.32604/cmc.2023.041774
IEEE Style
M. Lee, J. Shin, and J.T. Seo, “Programmable Logic Controller Block Monitoring System for Memory Attack Defense in Industrial Control Systems,” Comput. Mater. Contin., vol. 77, no. 2, pp. 2427-2442, 2023. https://doi.org/10.32604/cmc.2023.041774



cc Copyright © 2023 The Author(s). Published by Tech Science Press.
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 816

    View

  • 499

    Download

  • 0

    Like

Share Link