Software vulnerabilities diagnosed as communication weakness

Siemens' most recent firmware update for its S7-1200 programmable logic controller is said to eliminate vulnerabilities and to improve security.

06/23/2011


Siemens SIMATIC S7-1200According to Siemens, the company's latest software vulnerabilities have been caused by a weakness in communication functions of its programmable logic controller (PLC) product, called S7-1200. The vulnerability was reportedly discovered by an NSS Labs researcher and resulted in an ICS-CERT security advisory.

A recently released firmware update of Siemens' S7-1200 PLC is said to eliminate vulnerabilities and improve the security and robustness of its S7-1200 product family. To download the firmware and to obtain more detailed information, please visit: www.siemens.com/networkbehavior-S7-1200.

At this point, Siemens is reportedly not aware of any customers affected by the identified weak points found in its S7-1200 PLCs. The company has emphasized a commitment to maintaining the highest quality products with the most stringent security standards. Siemens experts have been working closely with ICS-CERT and various user communities to continuously improve the Siemens industrial controller products, according to the company.

As a further precaution, Siemens controllers, including the S7-300/400 families, are allegedly being tested against the discovered vulnerability scenarios.

usa.siemens.com

Siemens

- Edited by Amanda McLeman, Control Engineering, www.controleng.com



No comments
The Engineers' Choice Awards highlight some of the best new control, instrumentation and automation products as chosen by...
The System Integrator Giants program lists the top 100 system integrators among companies listed in CFE Media's Global System Integrator Database.
The Engineering Leaders Under 40 program identifies and gives recognition to young engineers who...
This eGuide illustrates solutions, applications and benefits of machine vision systems.
Learn how to increase device reliability in harsh environments and decrease unplanned system downtime.
This eGuide contains a series of articles and videos that considers theoretical and practical; immediate needs and a look into the future.
Intelligent, efficient PLC programming: Cost-saving programming languages are available now; Automation system upgrades; Help from the cloud; Improving flow control; System integration tips
Smarter machines require smarter systems; Fixing PID, part 3; Process safety; Hardware and software integration; Legalities: Integrated lean project delivery
Choosing controllers: PLCs, PACs, IPCs, DCS? What's best for your application?; Wireless trends; Design, integration; Manufacturing Day; Product Exclusive
PLCs, robots, and the quest for a single controller; how OEE is key to automation solutions.
This article collection contains several articles on improving the use of PID.
Learn how Industry 4.0 adds supply chain efficiency, optimizes pricing, improves quality, and more.

Find and connect with the most suitable service provider for your unique application. Start searching the Global System Integrator Database Now!

Special report: U.S. natural gas; LNG transport technologies evolve to meet market demand; Understanding new methane regulations; Predictive maintenance for gas pipeline compressors
Cyber security cost-efficient for industrial control systems; Extracting full value from operational data; Managing cyber security risks
Drilling for Big Data: Managing the flow of information; Big data drilldown series: Challenge and opportunity; OT to IT: Creating a circle of improvement; Industry loses best workers, again