A programmable asset is one that can automatically execute physical behavior based on the code that has been programmed into it. Due to the current zeitgeist of modernization within OT environments, most industries will adopt programmable assets in their manufacturing stage to improve production efficiency and reduce the cost of construction. Based on past cyberattack incidents, we can see that there would be major consequences in OT environments should these assets be compromised. With our threat research team at TXOne, this whitepaper was written to fulfil the following objectives:
-
- Investigate programmable assets commonly used in OT environments
- Analyze the lifecycle of programmable assets
- Analyze and review the findings of previous researchers on programmable assets
- Supplement insufficiencies found in previous threat research on programmable assets
- Propose novel attack vectors made possible by the characteristics of programmable assets
- Propose countermeasures against these attacks
For the purposes of completing the last two objectives, researchers focused three common programmable assets in modern factories:
1. Programmable Logic Controllers (PLC)
2. Computer Numerical Control (CNC) and Additive Manufacturing (AM)
3. Industrial Robots
To take a closer look at programmable assets that will increasingly populate modern factories and gain insight into their inner workings and vulnerabilities, read more.
