PLC Logic-Based Cybersecurity Risks Identification for ICS

In recent years, Informational Technologies (IT) was massively deployed into Industrial Control Systems (ICS) mainly for its eco-nomic benefits. However, this new paradigm, converging IT and Operational Technologies (OT), brings new challenges that com-panies need to face. Historically, ICS had to cope with safety re-quirements which ensure the protection of people, environment, and assets. Now, ICS must deal with additional threats, coming from cyberattacks, in order to maintain safety. For that purpose, it becomes essential to develop new cybersecurity technologies and methodologies that allow to assess the safety of ICS against cyberattacks. In this paper, we propose a new methodology, based on Pro-grammable Logic Controller ( PLC) logic in order to identify cyber-attacks that impacts the ICS safety. Our methodology transforms a PLC logic into a finite-state machine that represents the PLC behavior. Then, using this automaton, we identify which modifica-tions in states of sensors and actuators leads to compromising the safety. Finally, we build attack scenarios from these events and the network vulnerabilities. We apply our methodology on a simple example, yet challenging to analyze by hand, and we show how we manage to scale up on a classical example from the control systems domain: the Tennessee Eastman chemical process.