📝 SummarXiv

Abstract

As Programmable Logic Controller (PLC) became a useful device and rose as an interesting research topic but remained expensive, multiple PLC simulators/emulators were introduced for various purposes. Open-source Programmable Logic Controller (OpenPLC) software, one of the most popular PLC simulators, is designed to be vendor-neutral and run on almost any computer or low-cost embedded devices, e.g., Raspberry Pi, Arduino, and other controllers. The project succeeded in introducing itself as an affordable and practical solution for the high cost of real hardware PLCs. However, it still lacks appropriate securing methods, resulting in several vulnerabilities. Through a combination of threat modeling, vulnerability analysis, and practical experiments, this thesis provides valuable insights for developers, researchers, and engineers aiming to deploy OpenPLC securely in industrial environments. To this end, this work first conducts an in-depth analysis aimed to shed light on va! rious security challenges and vulnerabilities within the OpenPLC project. After that, an advanced control logic injection attack was performed. This attack modifies the user program maliciously, exploiting presented vulnerabilities. Finally, the work introduces a security-enhanced OpenPLC software called OpenPLC Aqua. The new software is equipped with a set of security solutions designed specifically to address the vulnerabilities to which current OpenPLC versions are prone.