Skip to main content
U.S. Department of Energy
Office of Scientific and Technical Information

PLC Vulnerabilities and Mitigations

Technical Report ·
DOI:https://doi.org/10.2172/2433994· OSTI ID:2433994
Programmable Logic Controllers (PLCs) are used extensively in many high-importance industrial and nonindustrial settings including controlling elevators, manufacturing machines, and utility facilities such as power and natural gas, however cybersecurity protection for them has been neglected. Within recent years, PLCs have been put under more security scrutiny and experts have advocated for changes from the addition of protocol encryption and network segmentation to intrusion detection systems on the PLCs themselves. While PLC security is critical, a large portion of the PLCs available today will never receive these changes due to being legacy or the difficulty of overhauling the security on existing systems. Due to the infeasibility of applying many recommended security measures towards currently available machines, we aim to provide realistic and affordable best practices for hardening PLCs. We will first conduct security analysis and consider attack vectors within our target PLC. Once we’ve analyzed the device’s security, we will evaluate a variety of mitigation methods and create guidelines to effectively reduce the threat posed by PLC attacks with minimal disruption to operations.
Research Organization:
Los Alamos National Laboratory (LANL), Los Alamos, NM (United States)
Sponsoring Organization:
USDOE National Nuclear Security Administration (NNSA)
DOE Contract Number:
89233218CNA000001
OSTI ID:
2433994
Report Number(s):
LA-UR--24-28941
Country of Publication:
United States
Language:
English

Similar Records

Strengthening Cybersecurity for Industrial Control Systems: Innovations in Protecting PLC-Based Infrastructure
Conference · Sun Oct 29 00:00:00 EDT 2023 · 2023 IEEE Energy Conversion Congress and Exposition (ECCE) · OSTI ID:2427414

The state of the PLC
Journal Article · Sun Mar 31 23:00:00 EST 1996 · InTech · OSTI ID:508562