PLC Cyber-Security Challenges in Industrial Networks

Abstract

Conveyor belts are vital components in production lines driven by Programming Logic Controllers (PLC). Sensors and actuators control with PLCs represents a critical point in the industrial process. Attacks targeting the exploitation of PLC vulnerabilities have been on the rise recently. This study aims to analyze the vulnerabilities of a typical PLC setup and constructs a PLC testbed environment to represent the cyber attack target. The PLC testbed represents an automatic conveyor belt for sorting materials. Two Mitsubishi FX5U-32M PLCs control the conveyor motor and the sorting mechanism, respectively. The network communication adapted Modbus protocol emulated with ModbusPal and components connected via RS-485, Ethernet, and WiFi. In this study, Ethernet is the main network connection. The main components of the network, attacker, and target, host different Operating Systems. On the attacker side, the selected OS is Kali 2022.3. In contrast, the target side host Ubuntu 22.04. The attacker runs Nmap and Metasploit to exploit the target Modbus registers. The selected attack method for this study is Packet Reply. Packet replies can halt operations sending custom data packets to the PLC. This study provides a basic step-by-step offensive strategy targeting register modification.