PLC Code Security: An Attacker's Perspective - Arnaud Soullie | SANS ICS Security Summit 2022

For many years, Programmable Logic Controllers (PLCs) have been insecure by design. Several years into customizing and applying best practices from IT gave rise to secure protocols, encrypted communications, network segmentation etc. However, to date, there has not been a focus on using the characteristic features in PLCs (or SCADA/DCS) for security, or how to program PLCs with security in mind.

The top 20 secure PLC coding project – inspired by the existing Secure Coding Practices for IT – fills that gap. The idea sparkled during the S4 conference thanks to Jake Brodsky’s presentation. The project was then led by Sarah Fluchs & Vivek Ponada with the support of Dale Peterson & ISA. An online collaborative platform was set up and gathered more than 900 participants in total to identify the top 20 security measures for PLC security.

Rule #13: Disable unneeded / unused communication ports and protocols

Rules #6 (Validate timers and counters) & rule #8 (Validate HMI input variables at the PLC level, not only at HMI)

Rule #5: Use cryptographic and / or checksum integrity checks for PLC code

Demonstrations will be performed to show how these rules can prevent or make attacks more difficult.