Singapore ICS Cyber Security Conference | 2020

ICS communication protocols play an important role in communicating with HMIs and PLCs or PLCs and engineering workstations. Due to the flourishing development of the industrial control industry, more and more ICS protocols are being proposed by different PLC vendors. Some ICS protocols are public, and some are private. But most ICS protocols have potential risks.

In our research, we analyze more than 7 ICS protocols which widely used in power, water, transportation, petroleum, manufacturing or kinds of critical infrastructure sectors. In those public and private ICS protocols, we found some common flaws which allow attacker can easy sniff ICS protocols traffic without communication encryption and perform ICS protocol attacks which like command injection or response injection on PLC without authentication and authorization. Also, we provide two command injection attack demo in one public and one private protocol, prove those common flaws will cause huge impacts to ICS.

Sometime, even we know the common flaws on ICS protocols, most ICS can’t patch or modify communication protocols settings because they need to keep operation running. Therefore, we suggest the defense strategy for ICS protocols without patch or modify any communication protocols setting which more effectively defend our ICS environment.