Jun, 2014
Distinguishing Internet-Facing ICS Devices Using PLC Programming Information
Air Force Institute of Technology (U.S.). Graduate School of Engineering and Management
Williams, Paul M.
From the Abstract: "The Shodan search engine reveals Industrial Control System (ICS) devices around the globe are directly connected to the Internet. After Shodan's inception in 2009, multiple news reports have focused on the increased threat to infrastructure posed by Shodan. While no attacks to date have been directly attributed to Shodan searches, its existence provides an anonymous reconnaissance platform that facilitates ICS targeting for those actors with both a desire and capability to carry out attacks. Recent research has demonstrated that simple search queries return thousands of ICS devices indexed by Shodan, and the number of newly indexed ICS devices is growing. This research discusses the method used to distinguish the Internet-facing ICS devices indexed by the Shodan search engine. PLC [Programmable Logic Controllers] code is obtained by sending specifically crafted CIP [Common Industry Protocol] request messages to the devices, capitalizing on the fact that authentication is not built in to the CIP application layer protocol. This data allows categorization of Internet-facing devices by comparing PLC code attributes. The results of this research show PLC code can be collected from Internet-facing ICS devices with no significant impact to task execution times. Also, this research demonstrates a method to distinguish Internet-facing ICS devices by function and by Critical Infrastructure sector. This capability develops an understanding of the function and purpose of ICS devices that are being connected to the Internet."
    Details
  • URL
  • Author
    Williams, Paul M.
  • Publisher
    Air Force Institute of Technology (U.S.). Graduate School of Engineering and Management
  • Report Number
    AFIT-ENG-T-14-J-41; Air Force Institute of Technology-Engineering-Technology-14-J-41
  • Date
    Jun, 2014
  • Copyright
    Public Domain
  • Retrieved From
    Defense Technical Information Center (DTIC): www.dtic.mil/dtic/
  • Format
    pdf
  • Media Type
    application/pdf
  • Subjects
    Infrastructure protection/Computer networks
    Terrorism and threats/Cyberterrorism
  • Resource Groups
    Data and statistics
    Theses and dissertations (other)

Citing HSDL Resources

Documents from the HSDL collection cannot automatically be added to citation managers (e.g. Refworks, Endnotes, etc). This HSDL abstract page contains some of the pieces you may need when citing a resource, such as the author, publisher and date information. We highly recommend you always refer to the resource itself as the most accurate source of information when citing. Here are some sources that can help with formatting citations (particularly for government documents).

Worldcat: http://www.worldcat.org/

Indiana University Guide: Citing U.S. Government Publications: http://libraries.iub.edu/guide-citing-us-government-publications
Clear examples for citing specific types of government publications in a variety of formats. It does not address citing according to specific style guides.

Naval Postgraduate School: Dudley Knox Library. Citing Styles: http://libguides.nps.edu/citation
Specific examples for citing government publications according to APA and Chicago style guides. Click on the link for your preferred style then navigate to the specific type of government publication.

Scroll to Top