Siemens PLC Feature Can Be Exploited for Evil – and for Good

An undocumented access feature in some newer models of Siemens programmable logic controllers (PLCs) can be used as both a weapon by attackers as well as a forensic tool for defenders, researchers have discovered. Researchers at Ruhr University Bochum in Germany stumbled across the hardware-based special access feature in Siemens’ S7-1200 PLCs while studying its bootloader, which, among other things, handles software updates and verifies the integrity of the PLC’s firmware when the device starts up.

Read full article on Dark Reading