On Ladder Logic Bombs in Industrial Control Systems

In industrial control systems, devices such as Programmable Logic Controllers (PLCs) are commonly used to directly interact with sensors and actuators, and perform local automatic control. PLCs run software on two different layers: a) firmware (i.e. the OS) and b) control logic (processing sensor readings to determine control actions). In this work, we discuss ladder logic bombs, i.e. malware written in ladder logic (or one of the other IEC 61131-3-compatible languages). Such malware would be inserted by an attacker into existing control logic on a PLC, and either persistently change the behavior, or wait for specific trigger signals to activate malicious behaviour. For example, the LLB could replace legitimate sensor readings with manipulated values. We see the concept of LLBs as a generalization of attacks such as the Stuxnet attack. We introduce LLBs on an abstract level, and then demonstrate several designs based on real PLC devices in our lab. In particular, we also focus on stealthy LLBs, i.e. LLBs that are hard to detect by human operators manually validating the program running in PLCs. In addition to introducing vulnerabilities on the logic layer, we also discuss countermeasures and we propose two detection techniques.Comment: 11 pages, 14 figures, 2 tables, 1 algorith

Process Mining of Programmable Logic Controllers: Input/Output Event Logs

This paper presents an approach to model an unknown Ladder Logic based Programmable Logic Controller (PLC) program consisting of Boolean logic and counters using Process Mining techniques. First, we tap the inputs and outputs of a PLC to create a data flow log. Second, we propose a method to translate the obtained data flow log to an event log suitable for Process Mining. In a third step, we propose a hybrid Petri net (PN) and neural network approach to approximate the logic of the actual underlying PLC program. We demonstrate the applicability of our proposed approach on a case study with three simulated scenarios

An improved artificial dendrite cell algorithm for abnormal signal detection

In dendrite cell algorithm (DCA), the abnormality of a data point is determined by comparing the multi-context antigen value (MCAV) with anomaly threshold. The limitation of the existing threshold is that the value needs to be determined before mining based on previous information and the existing MCAV is inefficient when exposed to extreme values. This causes the DCA fails to detect new data points if the pattern has distinct behavior from previous information and affects detection accuracy. This paper proposed an improved anomaly threshold solution for DCA using the statistical cumulative sum (CUSUM) with the aim to improve its detection capability. In the proposed approach, the MCAV were normalized with upper CUSUM and the new anomaly threshold was calculated during run time by considering the acceptance value and min MCAV. From the experiments towards 12 benchmark and two outbreak datasets, the improved DCA is proven to have a better detection result than its previous version in terms of sensitivity, specificity, false detection rate and accuracy

The PLC: a logical development

Programmable Logic Controllers (PLCs) have been used to control industrial processes and equipment for over 40 years, having their first commercially recognised application in 1969. Since then there have been enormous changes in the design and application of PLCs, yet developments were evolutionary rather than radical. The flexibility of the PLC does not confine it to industrial use and it has been used for disparate non-industrial control applications . This article reviews the history, development and industrial applications of the PLC

MECHATRONICS DESIGN FROM ZERO TO ONE (STRUCTURED LOGIC DESIGN TO PROGRAM LOGIC OF LADDER DIAGRAM FOR PLC)

The purpose of this work is to study and analyze the methods use to design logic of ladder diagram for PLC-based controller in automated manufacturing systems. Previous method employed to design the logic of ladder diagram does not show clearly on how it is done step by step, widely based on the programmer's experience and their intuition. The methods proposed namely method A and method G hopefully can help the programmer especially the new programmer to design the ladder logic systematically and efficiently while at the same time reduce the time consume to program it. This systematic logic design can help the programmer to trace back their program for debug purpose. A step by step instruction is provided in this paper for both method A and method G. Few basic sequence are tested Finally, a case study on packaging process is provided to illustrate the design procedure of the proposed methods. In the same time, author will also explore the capability of the Automation Studio software

To study the different industrial applications of PLC through ladder diagrams

PLC has evolved as an important controller in industries these days because of its simplicity and robustness. It is used for controlling many mechanical movements of the heavy machines or to control the voltage and frequency of the power supplies. In this project, study of the PLC has been done in great detail and also several industrial applications have been studied and realized through ladder diagrams. These ladder diagrams are simulated in either PLC trainer or PLC simulator software. Matlab /Simulink is also used for realizing physical situations as in case of dc motor and power inverter. The applications on which we have stressed are the continuous bottle filling system, batch-mixing system, speed control of dc motor,3 stage air conditioning system, control of planar machine and the automatic frequency control of the supply, during induction heating

The programmable logic controller : its prehistory, emergence and application

Programmable Logic Controllers (PLCs) are widely used devices controlling industrial machines and processes and many other diverse applications, requiring primarily, combinatorial logic and sequential control. The PLC is a hidden technology, little known by the general public and overlooked in academic historical studies of technology. The research reported in this thesis aims to address this lack of awareness. The thesis explores the development of sequential and combinatorial logic control technologies, the emergence of the PLC, its subsequent development and its industrial applications. Patents and first- hand accounts and experiences from senior industrial engineers in a number of diverse manufacturing industries have been used as the primary research sources since, as a hidden technology, academic historical accounts are sparse. This approach illustrates, through using the PLC as an example, a potential method of studying other, unrelated hidden technologies. The research has revealed the influence of geography, industrial settings and earlier engineering practices on the design, selection and application of PLC control technologies, and comments on the how these influences define specific communities of practice