Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Rogue7 - Rogue Engineering-Station Attacks on S7 Simatic PLCs

Black Hat via YouTube

Overview

Explore a comprehensive analysis of security vulnerabilities in Siemens industrial control systems, focusing on Simatic S7 PLCs and their communication with engineering stations and SCADA HMIs. Delve into the architecture's claimed security measures against sophisticated attacks, and uncover how even the latest versions remain susceptible to exploitation. Examine the S7 protocol, program cycle objects, and cryptographic primitives used in these systems. Learn about reverse engineering techniques, runtime type information, and witness a demonstration of potential attack vectors. Gain insights into the implications of these vulnerabilities for industrial cybersecurity and the ongoing challenges in securing critical infrastructure against evolving threats.

Syllabus

Intro
Overview
The PLC
Stuxnet
Engineering Workstation
S7 1500
S7 1200
S7 Protocol
S7 Ring
Program Cycle Object
Two Simple Programs
Malicious Program
Legal Flow
Description
Setup Phase
Raw Engineering Station
Conclusion
Cryptographic Primitive
PLC Public Key
PLC Ring
Reverse Engineering Tips
Runtime Type Information
Demonstration

Taught by

Black Hat

Reviews

Start your review of Rogue7 - Rogue Engineering-Station Attacks on S7 Simatic PLCs

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.