Logic bombs and control systems

Category:

Logic Bombs Ics Security Book

Submitted by jweiss on Fri, 02/19/2010 - 16:58.

There is a thread on the SCADAsec listerver (scadasec@news.infracritical.com) about logic bombs in control system devices. There has been at least one case where logic bombs were maliciously inserted into electric control system devices by vendor personnel. There is another "logic bomb" case that wasn't malicious that caused a wide area outage. I have addressed this case in my book.
Joe

Login or register to post comments
385 reads
Permalink
1 Comment

...and it's in the S4 2008 proceedings book...

Submitted by Ralph Langner on Sat, 02/20/2010 - 20:30.

Actually this had already been discussed two years ago at S4 in a paper and presentation titled "SCADA threat modeling using attack scenarios" by myself and Bryan Singer. Logical (time) bombs will most likely be used by any serious attacker to maximize damage and to maintain strike capability after online access is lost. Online access can/must be expected to be lost after the threat has been made credible, so this would likely be anticipated in the attack strategy.

About This Blog:

Control Systems Cybersecurity Expert, Joseph M. Weiss, is an international authority on cybersecurity, control systems and system security. Weiss weighs in on cybersecurity, science and technology, security emerging threats and more.

	reads
The first annual Manufacturing IT Forum brings great content, no attendance	54272
If you can't read a P&ID diagram, you need this self-study course	23099
Directory of Lost Companies	22804
Water System Hack - The System Is Broken	18992
Loop checking and field instrument testing procedure	14655
Paulett Eberhart leaves Invensys	11426
Involving Operators in HMI Design	11277
List of Companies	10927
2009 Control System Cyber Security Conference - Mark Your Calendar	10496

Search Posts

more tags

Recent Post


New Fieldbus Supplier CobaltProcess
Thursday Morning Scary Read
Read the February 2012 Digital Edition of Our Magazine
Out of Control--Ten Ways You Know Your Internet Connection Is a Little Slow
Is antivirus adequate to protect industrial control system networks?
Fieldbus On-Line Diagnostics
ECM article on control system cyber security
It feels like just yesterday! @Ashcroft is 160! #pauto #automation #mfg #manufacturing
Let's do the acquisition polka! @Siemens buys RuggedCom; @ABB buys Thomas and Betts #pauto #mfg #manufacturing
Off Line Fieldbus Network Analysis Tools