Dive into the world of Industrial Control Systems (ICS) security with this comprehensive Black Hat conference talk. Learn the fundamentals of penetration testing Programmable Logic Controllers (PLCs) in SCADA networks. Explore the key components and common security vulnerabilities of industrial control systems. Gain hands-on experience with real-world devices, including Siemens S7-1200 and Schneider m340 PLCs. Discover the methods and tools used to exploit these systems, and understand the impact of events like Stuxnet on ICS security awareness. Cover essential topics such as SCADA system communication, ladder logic, and Modbus TCP. Equip yourself with the knowledge and skills needed to assess and secure critical infrastructure in this increasingly important field of cybersecurity.
Overview
Syllabus
Introduction
About me
Agenda
Additional Tools
Overview
Vocabulary
Sensors Actuators
HMI
PLC
Supervision Screen
Data Server
Security Awareness
Before 2011
Stuxnet
ICS Assessments
ICS Security
ICSCERT
What is a PLC
Ladder Logic
Showdown Example
Scan Example
Modbus TCP
Source Code
Taught by
Black Hat
Related Courses
-
Industrial Control Systems - Pentesting PLCs 101
-
PLC Programming Basics to Advanced Siemens S7-1200
-
Rogue7 - Rogue Engineering-Station Attacks on S7 Simatic PLCs
-
Exfiltrating Reconnaissance Data from Air-Gapped ICS - SCADA Networks
-
Doors of Durin - The Veiled Gate to Siemens S7 Silicon
-
Non-Intrusive Vulnerability Localization and Hotpatching for Industrial Control Systems
