PLC Vulnerabilities and Mitigations
- Los Alamos National Laboratory (LANL), Los Alamos, NM (United States)
Programmable Logic Controllers (PLCs) are used extensively in many high-importance industrial and nonindustrial settings including controlling elevators, manufacturing machines, and utility facilities such as power and natural gas, however cybersecurity protection for them has been neglected. Within recent years, PLCs have been put under more security scrutiny and experts have advocated for changes from the addition of protocol encryption and network segmentation to intrusion detection systems on the PLCs themselves. While PLC security is critical, a large portion of the PLCs available today will never receive these changes due to being legacy or the difficulty of overhauling the security on existing systems. Due to the infeasibility of applying many recommended security measures towards currently available machines, we aim to provide realistic and affordable best practices for hardening PLCs. We will first conduct security analysis and consider attack vectors within our target PLC. Once we’ve analyzed the device’s security, we will evaluate a variety of mitigation methods and create guidelines to effectively reduce the threat posed by PLC attacks with minimal disruption to operations.
- Research Organization:
- Los Alamos National Laboratory (LANL), Los Alamos, NM (United States)
- Sponsoring Organization:
- USDOE National Nuclear Security Administration (NNSA)
- DOE Contract Number:
- 89233218CNA000001
- OSTI ID:
- 2433994
- Report Number(s):
- LA-UR--24-28941
- Country of Publication:
- United States
- Language:
- English
Similar Records
Strengthening Cybersecurity for Industrial Control Systems: Innovations in Protecting PLC-Based Infrastructure
The state of the PLC
Conference
·
Sun Oct 29 00:00:00 EDT 2023
· 2023 IEEE Energy Conversion Congress and Exposition (ECCE)
·
OSTI ID:2427414
The state of the PLC
Journal Article
·
Sun Mar 31 23:00:00 EST 1996
· InTech
·
OSTI ID:508562