Obfuscation of function block diagrams

Antti Pakonen

doi:10.1109/ETFA54631.2023.10275363

Obfuscation of function block diagrams

Research output: Chapter in Book/Report/Conference proceeding › Conference article in proceedings › Scientific › peer-review

1 Citation (Scopus)

96 Downloads (Pure)

Abstract

Obfuscation is a process of transforming a program into an equivalent version which is harder to understand and reverse-engineer. Little attention has been paid to obfuscation techniques for programs written for programmable logic controllers (PLC). However, there is no reason to assume that an attacker would not be interested in hiding malicious payload into a PLC program before it is compiled to machine code.
In this paper, I present five techniques for obfuscating IEC 61131-3 Function Block Diagram (FBD) programs. Four of the techniques are specific to the graphical representation of FBD. I then evaluate the applicability of each technique by experimenting with different PLC programming tools. I prove that at least four of the techniques are practically applicable, and demonstrate features that some tools successfully use to prevent abuse. Stricter rules, if implemented in IEC 61131-3, would prevent some of the techniques listed.

Original language	English
Title of host publication	2023 IEEE 28th International Conference on Emerging Technologies and Factory Automation (ETFA)
Publisher	IEEE Institute of Electrical and Electronic Engineers
Pages	1-7
Number of pages	7
ISBN (Electronic)	979-8-3503-3991-8, 979-8-3503-3990-1
ISBN (Print)	979-8-3503-3992-5
DOIs	https://doi.org/10.1109/ETFA54631.2023.10275363
Publication status	Published - 15 Sept 2023
MoE publication type	A4 Article in a conference publication
Event	2023 IEEE 28th International Conference on Emerging Technologies and Factory Automation (ETFA) - Sinaia, Romania Duration: 12 Sept 2023 → 15 Sept 2023

Conference

Conference	2023 IEEE 28th International Conference on Emerging Technologies and Factory Automation (ETFA)
Period	12/09/23 → 15/09/23

Keywords

Cyberattack
Embedded software
Intellectual property
Programmable logic devices

Access to Document

10.1109/ETFA54631.2023.10275363

Pakonen ETFA 2023Accepted author manuscript, 775 KB

Cite this

@inproceedings{5635cc71252043a98f1dd626fbe46edc,

title = "Obfuscation of function block diagrams",

abstract = "Obfuscation is a process of transforming a program into an equivalent version which is harder to understand and reverse-engineer. Little attention has been paid to obfuscation techniques for programs written for programmable logic controllers (PLC). However, there is no reason to assume that an attacker would not be interested in hiding malicious payload into a PLC program before it is compiled to machine code.In this paper, I present five techniques for obfuscating IEC 61131-3 Function Block Diagram (FBD) programs. Four of the techniques are specific to the graphical representation of FBD. I then evaluate the applicability of each technique by experimenting with different PLC programming tools. I prove that at least four of the techniques are practically applicable, and demonstrate features that some tools successfully use to prevent abuse. Stricter rules, if implemented in IEC 61131-3, would prevent some of the techniques listed.",

keywords = "Cyberattack, Embedded software, Intellectual property, Programmable logic devices",

author = "Antti Pakonen",

year = "2023",

month = sep,

day = "15",

doi = "10.1109/ETFA54631.2023.10275363",

language = "English",

isbn = "979-8-3503-3992-5",

pages = "1--7",

booktitle = "2023 IEEE 28th International Conference on Emerging Technologies and Factory Automation (ETFA)",

publisher = "IEEE Institute of Electrical and Electronic Engineers",

address = "United States",

note = "2023 IEEE 28th International Conference on Emerging Technologies and Factory Automation (ETFA) ; Conference date: 12-09-2023 Through 15-09-2023",

}

Pakonen, A 2023, Obfuscation of function block diagrams. in 2023 IEEE 28th International Conference on Emerging Technologies and Factory Automation (ETFA)., 10275363, IEEE Institute of Electrical and Electronic Engineers, pp. 1-7, 2023 IEEE 28th International Conference on Emerging Technologies and Factory Automation (ETFA), 12/09/23. https://doi.org/10.1109/ETFA54631.2023.10275363

TY - GEN

T1 - Obfuscation of function block diagrams

AU - Pakonen, Antti

PY - 2023/9/15

Y1 - 2023/9/15

N2 - Obfuscation is a process of transforming a program into an equivalent version which is harder to understand and reverse-engineer. Little attention has been paid to obfuscation techniques for programs written for programmable logic controllers (PLC). However, there is no reason to assume that an attacker would not be interested in hiding malicious payload into a PLC program before it is compiled to machine code.In this paper, I present five techniques for obfuscating IEC 61131-3 Function Block Diagram (FBD) programs. Four of the techniques are specific to the graphical representation of FBD. I then evaluate the applicability of each technique by experimenting with different PLC programming tools. I prove that at least four of the techniques are practically applicable, and demonstrate features that some tools successfully use to prevent abuse. Stricter rules, if implemented in IEC 61131-3, would prevent some of the techniques listed.

AB - Obfuscation is a process of transforming a program into an equivalent version which is harder to understand and reverse-engineer. Little attention has been paid to obfuscation techniques for programs written for programmable logic controllers (PLC). However, there is no reason to assume that an attacker would not be interested in hiding malicious payload into a PLC program before it is compiled to machine code.In this paper, I present five techniques for obfuscating IEC 61131-3 Function Block Diagram (FBD) programs. Four of the techniques are specific to the graphical representation of FBD. I then evaluate the applicability of each technique by experimenting with different PLC programming tools. I prove that at least four of the techniques are practically applicable, and demonstrate features that some tools successfully use to prevent abuse. Stricter rules, if implemented in IEC 61131-3, would prevent some of the techniques listed.

KW - Cyberattack

KW - Embedded software

KW - Intellectual property

KW - Programmable logic devices

UR - http://www.scopus.com/inward/record.url?scp=85175434513&partnerID=8YFLogxK

U2 - 10.1109/ETFA54631.2023.10275363

DO - 10.1109/ETFA54631.2023.10275363

M3 - Conference article in proceedings

SN - 979-8-3503-3992-5

SP - 1

EP - 7

BT - 2023 IEEE 28th International Conference on Emerging Technologies and Factory Automation (ETFA)

PB - IEEE Institute of Electrical and Electronic Engineers

T2 - 2023 IEEE 28th International Conference on Emerging Technologies and Factory Automation (ETFA)

Y2 - 12 September 2023 through 15 September 2023

ER -

Obfuscation of function block diagrams

Abstract

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this