Industrial Control Systems - Pentesting PLCs 101

Dive into the world of Industrial Control Systems (ICS) security with this comprehensive Black Hat conference talk. Learn the fundamentals of penetration testing Programmable Logic Controllers (PLCs) in SCADA networks. Explore the key components and common security vulnerabilities of industrial control systems. Gain hands-on experience with real-world devices, including Siemens S7-1200 and Schneider m340 PLCs. Discover the methods and tools used to exploit these systems, and understand the impact of events like Stuxnet on ICS security awareness. Cover essential topics such as SCADA system communication, ladder logic, and Modbus TCP. Equip yourself with the knowledge and skills needed to assess and secure critical infrastructure in this increasingly important field of cybersecurity.

Introduction
About me
Agenda
Additional Tools
Overview
Vocabulary
Sensors Actuators
HMI
PLC
Supervision Screen
Data Server
Security Awareness
Before 2011
Stuxnet
ICS Assessments
ICS Security
ICSCERT
What is a PLC
Ladder Logic
Showdown Example
Scan Example
Modbus TCP
Source Code