TY - GEN
T1 - Towards PLC-Specific Binary Analysis Tools
T2 - 5th Workshop on CPS and IoT Security and Privacy, CPSIoTSec 2023
AU - Benkraouda, Hadjer
AU - Agrawal, Anand
AU - Tychalas, Dimitrios
AU - Sazos, Marios
AU - Maniatakos, Michail
N1 - Publisher Copyright:
© 2023 ACM.
PY - 2023/11/26
Y1 - 2023/11/26
N2 - Critical infrastructures are controlled by industrial control systems. Such systems are primarily operated by Programmable Logic Controllers (PLC). In recent years, PLC vendors have been moving towards commercial-off-The-shelf components and operating systems, a trend that has decreased development and maintenance costs. It also had the side-effect of exposing these devices to a wider range of attacks. Previous research has focused on securing the network and monitoring its traffic. PLC software applications though, the programs that run on PLCs, have not been subject to diligent security analysis. This can be attributed to the proprietary nature of PLC compilers and the unique format of the PLC software binaries. Therefore, in this work we aim to closely study a PLC compiler (Codesys) that is used by more that 250 devices, including Siemens, Mitsubishi, and Schneider Electric devices. To this end, we created a varied dataset of 600 in-house programs comprised of basic operations developed in different PLC languages and spanning different architectures, Codesys compiler versions, and PLC hardware vendors. Our dataset also contains binaries for real-world systems. To the best of our knowledge, this is the first comprehensive dataset of PLC programs aimed at exploring the compiler behavior.
AB - Critical infrastructures are controlled by industrial control systems. Such systems are primarily operated by Programmable Logic Controllers (PLC). In recent years, PLC vendors have been moving towards commercial-off-The-shelf components and operating systems, a trend that has decreased development and maintenance costs. It also had the side-effect of exposing these devices to a wider range of attacks. Previous research has focused on securing the network and monitoring its traffic. PLC software applications though, the programs that run on PLCs, have not been subject to diligent security analysis. This can be attributed to the proprietary nature of PLC compilers and the unique format of the PLC software binaries. Therefore, in this work we aim to closely study a PLC compiler (Codesys) that is used by more that 250 devices, including Siemens, Mitsubishi, and Schneider Electric devices. To this end, we created a varied dataset of 600 in-house programs comprised of basic operations developed in different PLC languages and spanning different architectures, Codesys compiler versions, and PLC hardware vendors. Our dataset also contains binaries for real-world systems. To the best of our knowledge, this is the first comprehensive dataset of PLC programs aimed at exploring the compiler behavior.
UR - http://www.scopus.com/inward/record.url?scp=85179556611&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85179556611&partnerID=8YFLogxK
U2 - 10.1145/3605758.3623499
DO - 10.1145/3605758.3623499
M3 - Conference contribution
AN - SCOPUS:85179556611
T3 - CPSIoTSec 2023 - Proceedings of the 5th Workshop on CPS and IoT Security and Privacy
SP - 83
EP - 89
BT - CPSIoTSec 2023 - Proceedings of the 5th Workshop on CPS and IoT Security and Privacy
PB - Association for Computing Machinery, Inc
Y2 - 26 November 2023
ER -