Overview
Delve into a comprehensive analysis of TRISIS/TRITON, the fifth known Industrial Control Systems (ICS) specific malware and the first to target safety instrumented systems, in this 1-hour 3-minute conference talk from Recon Conference. Explore the technical intricacies of this landmark malware, discovered in December 2017, through a blend of hardware and software reverse engineering. Follow along as the speakers explain their approach to analyzing the sample, providing a detailed walkthrough of TRISIS with a focus on the PowerPC payloads and relevant portions of the Triconex firmware. Gain insights into the complex nature of TRISIS and its implications for ICS security, while learning about the speakers' methodology for dissecting this sophisticated threat. Understand the impact of TRISIS on industrial systems and the broader cybersecurity landscape.
Syllabus
Analyzing TRISIS - the first Safety Instrumented System malware by K. Reid Wightman & Jimmy Wylie
Taught by
Recon Conference