Submitted by Eric Byres on Thu, 2011-06-09 14:32
The recent news that Dillon Beresford at NSS Labs had discovered somewhere between four and six serious vulnerabilities in the Siemens S7 PLC product has created quite a storm of news and concern for critical asset owners. Unfortunately, information on the range and severity of the vulnerabilities has been contradictory.
Submitted by Eric Byres on Tue, 2011-05-10 21:00
Recently I was asked “How could a hacker possibly attack an industrial controller like a PLC or SIS, since there is no operating system in these devices?”
Now some manufacturers would like people to believe there is no operating system in a controller, but unfortunately this is not true. Every RTU, PLC, SIS or DCS controller on the market today has a commercial operating system in it. For example, here are just a few I have worked directly with in the past: