Methodology for Conducting a Study of the Vulnerability of PLC Control Algorithms to Cyber Attacks

Sebastian Plamowski; Robert Nebeluk; Andrzej Wojtulewicz; Krzysztof Cabaj; Patryk Chaber; Maciej Lawrynczuk; Piotr Marusak; Krzysztof Zarzycki

doi:10.1109/ACCESS.2024.3461549

IEEE Access (Jan 2024)

Methodology for Conducting a Study of the Vulnerability of PLC Control Algorithms to Cyber Attacks

Sebastian Plamowski,
Robert Nebeluk,
Andrzej Wojtulewicz,
Krzysztof Cabaj,
Patryk Chaber,
Maciej Lawrynczuk,
Piotr Marusak,
Krzysztof Zarzycki

Affiliations

Sebastian Plamowski: ORCiD; Faculty of Electronics and Information Technology, Institute of Control and Computation Engineering, Warsaw University of Technology, Warsaw, Poland
Robert Nebeluk: ORCiD; Faculty of Electronics and Information Technology, Institute of Control and Computation Engineering, Warsaw University of Technology, Warsaw, Poland
Andrzej Wojtulewicz: ORCiD; Faculty of Electronics and Information Technology, Institute of Control and Computation Engineering, Warsaw University of Technology, Warsaw, Poland
Krzysztof Cabaj: ORCiD; Faculty of Electronics and Information Technology, Institute of Computer Science, Warsaw University of Technology, Warsaw, Poland
Patryk Chaber: Faculty of Electronics and Information Technology, Institute of Control and Computation Engineering, Warsaw University of Technology, Warsaw, Poland
Maciej Lawrynczuk: ORCiD; Faculty of Electronics and Information Technology, Institute of Control and Computation Engineering, Warsaw University of Technology, Warsaw, Poland
Piotr Marusak: ORCiD; Faculty of Electronics and Information Technology, Institute of Control and Computation Engineering, Warsaw University of Technology, Warsaw, Poland
Krzysztof Zarzycki: ORCiD; Faculty of Electronics and Information Technology, Institute of Control and Computation Engineering, Warsaw University of Technology, Warsaw, Poland

DOI: https://doi.org/10.1109/ACCESS.2024.3461549
Journal volume & issue: Vol. 12
pp. 135551 – 135563

Abstract

Read online

This paper describes a methodology used to test the vulnerability of control algorithms implemented in an industrial Programmable Logic Controller (PLC) environment to cyber attacks. Three stages of testing are discussed. First, we start with a simulation study conducted in MATLAB. Secondly, the calculations are implemented using a PLC simulator. These initial stages enable quick and efficient identification of the types of attacks to which the algorithms implemented in the PLC are susceptible. Finally, a set of practical tests on a physical laboratory process controlled by PLC is done. Various attack scenarios are considered, and the vulnerability of control algorithms is carefully evaluated. Based on the obtained results, we formulate practical suggestions for reducing the vulnerability of PLC-based industrial control systems.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords