Critical vulnerabilities in the Siemens S7 Simatic programmable logic controller (PLC) have been discovered by cybersecurity researchers at Tel Aviv University and the Technion Institute of Technology.
Prof. Avishai Wool and M.Sc student Uriel Malin of TAU’s School of Electrical Engineering worked together with Prof. Eli Biham and Dr. Sara Bitan of the Technion to disrupt the PLC’s functions and gain control of its operations.
The scientists’ rogue engineering workstation posed as a so-called TIA (Totally Integrated Automation Portal) engineering station that interfaced with the Simatic S7-1500 PLC controlling the industrial system.