YoVDO

Rogue7 - Rogue Engineering-Station Attacks on S7 Simatic PLCs

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses Cryptography Courses Reverse Engineering Courses Industrial Control Systems Security Courses

Course Description

Overview

Explore a comprehensive analysis of security vulnerabilities in Siemens industrial control systems, focusing on Simatic S7 PLCs and their communication with engineering stations and SCADA HMIs. Delve into the architecture's claimed security measures against sophisticated attacks, and uncover how even the latest versions remain susceptible to exploitation. Examine the S7 protocol, program cycle objects, and cryptographic primitives used in these systems. Learn about reverse engineering techniques, runtime type information, and witness a demonstration of potential attack vectors. Gain insights into the implications of these vulnerabilities for industrial cybersecurity and the ongoing challenges in securing critical infrastructure against evolving threats.

Syllabus

Intro
Overview
The PLC
Stuxnet
Engineering Workstation
S7 1500
S7 1200
S7 Protocol
S7 Ring
Program Cycle Object
Two Simple Programs
Malicious Program
Legal Flow
Description
Setup Phase
Raw Engineering Station
Conclusion
Cryptographic Primitive
PLC Public Key
PLC Ring
Reverse Engineering Tips
Runtime Type Information
Demonstration


Taught by

Black Hat

Related Courses

Computer Security
Stanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network