Since invented, Programmable Logic Controller(PLC) is widely used in Industrial Control Systems(ICS).With the gradual fusion of industrialization and informationization,more technology like smart hardware & the Internet of Things IoT was used in ICS, and more PLCs exposed on the Internet.For originally only for automation control without considering security, PLC was attacked by hacker have occurred sometimes,and caused substantial damage to real physical device. The paper simulated the reduction process of a new type attack on PLC. Hackers use tools to invade PLC. PLCs Which can be uploaded and downloaded code turn into the gateway. Then they use PLC as tools to access other ICS and information systems. Malicious code is long latent period and hard to moniter.It is hard to stop when the attack occurred. The paper provides the attack process for the analysis and research, and provide reference for the research of the PLC and ICS safety.%可编程逻辑控制器(PLC)出现以来,在工业自动控制方面得到广泛应用。随着工业化和信息化的进一步深入融合,物联网、智能硬件的出现,越来越多的PLC暴露在互联网中。由于PLC最初是为自动化控制而开发,在安全性方面几乎没有考虑,造成在网PLC极易遭受到攻击,并造成对真实物理设备的实质性损坏。文章模拟还原了一种新型针对PLC攻击的过程——攻击者可以通过网络入侵工具入侵PLC,拥有PLC访问权限后,可上传下载代码,将PLC变成网关,通过工业控制系统作为跳板来攻击企业工业控制系统和企业业务网络。这种攻击的潜伏过程时间长,在攻击达到实际破坏前很难被发现和中止。文章通过对该攻击过程的分析,为PLC的安全评估和防护提供了借鉴和技术支撑。
展开▼
