Ghost in the PLC: stealth on-the-fly manipulation of programmable logic controllers’ I/O

Ali Abbasi

    Research output: Book/ReportReportProfessional

    238 Downloads (Pure)


    Programmable Logic Controllers (PLCs) are a family of embedded devices used for physical process control. Similar to other embedded devices, PLCs are vulnerable to cyber attacks. Because they are used to control the physical processes of critical infrastructures, compromised PLCs constitute a significant security and safety risk. In this paper, we investigate attacks against PLCs by introducing a specific type of attack against a PLC that allows the adversary to stealthily manipulate the physical process it controls by tampering with the device I/O at a low level. We implemented two variant of the attack in the form of a rootkit and a user-space malicious code over a candidate PLC. However in this technical edition we do not include the design information of the rootkit or the user-space malicious software. Our study is meant to be used as a basis for the design of more robust detection techniques specifically tailored for PLCs.
    Original languageUndefined
    Place of PublicationEnschede
    PublisherCentre for Telematics and Information Technology (CTIT)
    Number of pages13
    Publication statusPublished - 8 Feb 2016

    Publication series

    NameCTIT Technical Report Series
    PublisherUniversity of Twente, Centre for Telematics and Information Technology (CTIT)
    ISSN (Print)1381-3625


    • IR-99596
    • Rootkit
    • EC Grant Agreement nr.: FP7/607093
    • EWI-26859
    • PLC
    • METIS-316057
    • SCS-Cybersecurity

    Cite this