Keeping “Dancing Monkeys” out of your PLC
Wednesday, August 10, 2011Viewed 3722 times
Last week a security researcher, Dillon Beresford of NSS Labs, presented at the Blackhat conference on the security vulnerabilities he found in Siemens PLC firmware. One of many stories on Dillon’s findings can be found here. Among other things, Dillon found “dancing monkeys” in the code! Actually, what he found was this graphic of four dancing monkeys inserted in the firmware as an “Easter Egg” - meaning it was intentionally put there by a developer as a joke. Easter Eggs are cute in websites and video games but not in software that is operating critical infrastructure. This finding raises concerns about Siemens software quality assurance practices. While this prank is most likely harmless, imagine, for…
Control System Security • (0) Comments • Permalink