PLC safety hazard, safety control in the crisis .
Recently, the Georgia institute of technology, network security researchers have developed a programmable logic controller (PLC) is able to command the blackmail software. Simulated attacks, the software for water treatment plant after gain access, close the valve to command PLC, add water, chlorine and other operations, and display an error reading confusion, seriously affect the safety in production of water treatment plant.
It is understood that the simulating attack in order to make everyone aware of the critical infrastructure information security vulnerability. In fact, the 2010 earthquake network viruses invade Iran nuclear power plant is a wake-up call to the people. The seismic network virus is in using PC vulnerability to tamper with Siemens PLC software, make the centrifuge have been destroyed, Iran's uranium enrichment was forced to suspend work, lead to Iran's widespread blackout, the incalculable economic losses caused by the serious social impact. PLC in industrial control system has become a target is the attacker's action.
PLC, SCADA, the system
Figure publicly in 12000-2016 industrial control holes affect product statistics data source: the CNVD, KuangEn networks
It is understood that the PLC threatened by the potential loopholes in engineering is also the most serious. According to KuangEn network of the industrial control network security situation report of 2016, according to the public in 2000-2016 industrial control holes affect product statistics, including PC, SCADA and PLC calendar year accumulative total number of industrial control system vulnerabilities have publicly reached $470, 470 and 214 respectively, became the most "fragile" in the industrial control system product product components. And these three kinds of products in our country electric power, water conservancy, sewage treatment, petrochemical and other critical national infrastructure and metallurgy, automobile, aerospace and other manufacturing industry application is very extensive, belongs to the key role irreplaceable. Therefore, in terms of industrial control system, PC, SCADA and PLC's health also determines the "immune" ability of the industrial control system itself.
PLC industrial control system security problems, such as, not only related to the industrial enterprises of production safety and economic security, and is related to social stability, and even national security. But in the current market situation, China PLC market major vendors are international big companies such as Siemens, mitsubishi, omron, domestic PLC manufacturers occupy market share. Along with the rapid development of modern industrial 4.0, industrial automation degree is higher and higher, but the more industrial control equipment exposed to the public is also obvious.
According to KuangEn industrial control network threat intelligence center statistics, by the end of 2016, exposed to the industrial control equipment of the Internet in China is as high as 1143. From the perspective of industrial control device type, the online monitoring data collected, PLC for the largest number of devices in access to the Internet, the source of these devices for foreign manufacturers, its security becomes more uncontrollable.
At present, government departments, industry associations, industrial enterprises and various forces, such as security vendor have realized the importance of industrial control system security. Country in law will come on stage "law of network safety", and clearly put forward to build the safety critical information infrastructure level protection system. Industry in industrial iot security leader KuangEn network as representative's enterprises set up critical infrastructure protection committee, is committed to strengthening infrastructure construction of key industries and protection work.
Industrial control system security protection work is a systematic project, which needs government, industry associations, industrial enterprises and security vendor unit work closely and cooperatively, actively contributing to safety control in our own strength, to win the battle and the protracted war.