Breaking Siemens SIMATIC S7 PLC Protection Mechanism

Explore the vulnerabilities in Siemens SIMATIC PLC protection mechanisms in this comprehensive conference talk from the Hack In The Box Security Conference. Delve into the world of industrial control system security, focusing on widely-used Siemens SIMATIC PLCs that control critical infrastructure in energy, water, power, and oil and gas industries. Discover how to bypass password protection on various PLC models, including S7-200 SMART, S7-300/400, and S7-1200/S7-1500, through both physical and network-accessible methods. Learn techniques for obtaining logic programs and key parameter values from these PLCs, potentially exposing intellectual property and engineering designs. Gain valuable insights into security recommendations at both protocol and user application levels to enhance SIMATIC PLC protection. Presented by Gao Jian, an experienced industrial control system security researcher from GEWU Lab at NSFCOUS, this talk offers expert knowledge on PLC and SCADA vulnerability exploitation and security enhancement.

#HITB2021AMS COMMSEC D2 - Breaking Siemens SIMATIC S7 PLC Protection Mechanism - Gao Jian