Drives & Controls Magazine February 2023

NEWS n 5 Unpatchable cyber-flaws found on more than 120 Siemens controllers US CYBER-SECURITY researchers have discovered flaws affecting dedicated crypto-authentication chips at the heart of Siemens’S7-1500 family of industrial controllers and related products, which could allow attackers to execute malicious code on these devices. Siemens has released a list of more than 120 products affected by the vulnerabilities. Because the flaws are associated with the controller hardware, they cannot be fixed by software updates or patches. As well as Simatic S7-1500 PLCs, the products affected include Simatic Drive Controllers (which combine S7-1500 CPUs with Sinamics S120 drive systems) and items in the Simatic ET 200Pro distributed I/O system. Siemens says it has already released new hardware versions of several members of the S7-1500 family in which the vulnerabilities have been fixed. It is working on new versions of the remaining PLCs to address the issue. The company has also issued advice to users of the affected products. It says that because exploiting the vulnerabilities requires physical tampering with the product, it is recommending that users assess the risk of physical access to their devices and implement measures to ensure that only trusted personnel have access. It suggests placing the affected devices in locked control cabinets, for example. Researchers working for Red Balloon Security say they have discovered “multiple”vulnerabilities which could allow attackers to bypass protected boot features on the controllers, to modify operating code and data. Attackers could generate arbitrary encrypted firmware that would be bootable on all of Siemens’S7-1500 CPU modules. Red Balloon warns that by flashing malicious firmware onto a target device, either physically or by exploiting an existing remote code execution vulnerability, attackers could execute arbitrary code and potentially circumvent any official security and firmware updates, without users’ knowledge. “It’s important for all industrial operators using the Siemens S7-1500 Series PLC to take several steps to prevent possible exploitation of these critical vulnerabilities,” says Red Balloon’s founder and CEO, Dr Ang Cui.“While these vulnerabilities technically require physical access to exploit, it is possible for sophisticated attackers to‘chain,’or combine, these vulnerabilities with other remote access vulnerabilities on the same network to install malicious firmware without the need for in-person contact.” The Red Balloon researchers have been working on the issue for more than a year and reported the vulnerabilities to Siemens, which confirmed them. Red Balloon has recommended several mitigations to Siemens, including: n implementing runtime integrity attestation; n adding asymmetric signature checks for firmware at bootup; and n encrypting the firmware with device-specific keys that are generated on individual devices. The cyber-researchers have also developed a threat detection tool for owners and users of Siemens S7-1500 series PLCs to verify whether vulnerable devices have been tampered with or compromised. https://redballoonsecurity.com/siemens-discovery www.drivesncontrols.com February 2023 THE AUSTRIAN automation supplier B&R has announced that is expanding production and taking on several hundred extra staff to cope with increasing demand for its products. In the past year, it says order volumes have hit a record high, with a percentage growth in double digits. Last summer, the ABB subsidiary opened an innovation and education campus, expanding its headquarters to more than 100,000m 2 . By relocating offices to the new campus, 7,000m 2 (an area the size of a football field) has become available to boost production to more than two billion components a year – up to 60% more than before. “The supply chain bottlenecks have eased significantly in recent months,” reports B&R’s managing director, Jörg Theis. “Increased automation is now high on the agenda in many industries. We have reacted to this, extended production and operating hours and are now temporarily looking for several hundred new employees in production and logistics for a temporary extra weekend shift. As a result, we can quickly process our record-breaking order volume and are prepared for sustained high demand for our automation solutions.” The company has developed a new model for weekend working, which is initially limited to one year. Employees will be offered a salary for working 20 hours on Saturdays and Sundays that is comparable to a conventional 38.5-hour week from Monday to Friday. Cybersecurity researchers have found vulnerabilities in Siemens’S7-1500 PLCs As supply chain problems ease, B&R expands and raises output by up to 60 %