Beckhoff IPC-Security Bedienungsanleitung PDF herunterladen (Seite 20)

4. Indirect Local Access

4.1. Overview

This chapter is based on the scenario that a cyber criminal has only indirect access to the industrial controller.

The term “indirect local access” means that the attacker cannot directly interact with the device but has

instead infiltrated the system, e.g. via some kind of malwarethat could jam specific functionalities or even

cause the system to crash, or by exploiting faulty software components.

4.1.1. Devices

The following table provides an overview about devices that play an important part in this scenario.

Device Category Description

IPC/EPC Industrial Controller Beckhoff Industrial-/Embedded-

4.1.2. Software components

The following table provides an overview about software packages that play an important part in this sce-

nario.

Software Category Description

Microsoft Windows XP System software Operating System

Microsoft Windows 7 System software Operating System

Microsoft Windows Embedded System software Operating System

Microsoft Windows CE System software Operating system

Windows Update Client Update Software Used to receive Windows Up-

dates from a central Windows

Update Server

Windows Update Server Update Software Used to distribute Windows Up-

dates from a central location to

network clients

4.1.3. Potential threat scenarios

The following chapter gives a short overview about possible threat scenarios, which may or may not be

representative in your environment. We assume that an attacker is able to gain local access to the device

1 2 ... 15 16 17 18 19 20 21 22 23 24 25 ... 72 73

Keine Kommentare

Beckhoff IPC-Security Bedienungsanleitung Seite 20