Stuxnet is a computer worm that targets industrial control systems used in infrastructure like power plants and water treatment facilities. It is designed to programmatically alter Programmable Logic Controllers (PLCs) that automate industrial tasks. To reach these PLCs, which are often not Internet-connected, Stuxnet spreads through Windows computers and infects STEP 7 project files used to program the PLCs. Once a specific PLC model is identified, Stuxnet can intercept and tamper with data flowing into and out of the PLC.
Stuxnet is a computer worm that targets industrial control systems used in infrastructure like power plants and water treatment facilities. It is designed to programmatically alter Programmable Logic Controllers (PLCs) that automate industrial tasks. To reach these PLCs, which are often not Internet-connected, Stuxnet spreads through Windows computers and infects STEP 7 project files used to program the PLCs. Once a specific PLC model is identified, Stuxnet can intercept and tamper with data flowing into and out of the PLC.
Copyright:
Attribution Non-Commercial (BY-NC)
Available Formats
Download as PPTX, PDF, TXT or read online from Scribd
Stuxnet is a computer worm that targets industrial control systems used in infrastructure like power plants and water treatment facilities. It is designed to programmatically alter Programmable Logic Controllers (PLCs) that automate industrial tasks. To reach these PLCs, which are often not Internet-connected, Stuxnet spreads through Windows computers and infects STEP 7 project files used to program the PLCs. Once a specific PLC model is identified, Stuxnet can intercept and tamper with data flowing into and out of the PLC.
Copyright:
Attribution Non-Commercial (BY-NC)
Available Formats
Download as PPTX, PDF, TXT or read online from Scribd
types of industrial control systems (ICS) that are commonly used in infrastructure supporting facilities (i.e. power plants, water treatment facilities, gas lines, etc). What does Stuxnet do? • Stuxnet is designed to programmatically alter Programmable Logic Controllers (PLCs) used in those facilities. In an ICS environment, the PLCs automate industrial type tasks such as regulating flow rate to maintain pressure and temperature controls. How does Stuxnet reach these PLCs? • For security reasons, many of the hardware devices used in industrial control systems (ICS) are not Internet-connected (and often not network connected). To counter this, the Stuxnet worm incorporates several sophisticated means of propagation with the goal of eventually reaching and infecting STEP 7 project files used to program the PLC devices. • For initial propagation purposes, the worm targets computers running the Windows operating systems. However, the PLC itself is not a Windows-based system but rather a proprietary machine-language device. Hence Stuxnet simply traverses Windows computers in order to get to the systems that manage the PLCs, upon which it renders its payload. • To reprogram the PLC, the Stuxnet worm seeks out and infects STEP 7 project files. STEP 7 project files are used by Siemens SIMATIC WinCC, A supervisory control and data acquisition (SCADA) and human-machine interface (HMI) system used to program the PLCs. • Stuxnet contains various routines to identify the specific PLC model. This model check is necessary as machine level instructions will vary on different PLC devices. Once the target device has been identified and infected, Stuxnet gains the control to intercept all data flowing into or out of the PLC, including the ability to tamper with that data. • The serious nature of the Stuxnet worm has led to no end of speculation and conjecture. To dispel some of those myths, see: The Unglamorous Truths About the Stuxnet W orm .
Echo on a Chip - Secure Embedded Systems in Cryptography: A New Perception for the Next Generation of Micro-Controllers handling Encryption for Mobile Messaging