PLCs allow the automation of electromechanical processes such as those used to control machinery on factory assembly lines, amusement rides, or centrifuges for separating nuclear material. Exploiting four zero-day flaws,Stuxnet functions by targeting machines using the Microsoft Windows operating system and networks, then seeking out Siemens Step7 software. Stuxnet reportedly compromised Iranian PLCs, collecting information on industrial systems and causing the fast-spinning centrifuges to tear themselves apart.Stuxnet’s design and architecture are not domain-specific and it could be tailored as a platform for attacking modern SCADA and PLC systems (e.g. in the automobile or power plants), the majority of which reside in Europe, Japan and the US.[4]
Stuxnet reportedly ruined almost one-fifth of Iran's nuclear centrifuges.
Stuxnet has three modules: a worm that executes all routines related to the main payload of the attack; a link file that automatically executes the propagated copies of the worm; and a rootkit component responsible for hiding all malicious files and processes, preventing detection of the presence of Stuxnet.
Stuxnet is typically introduced to the target environment via an infected USB flash drive. The virus then propagates across the network, scanning for Siemens Step7 software on computers controlling a PLC. In the absence of both criteria, Stuxnet becomes dormant inside the computer. If both the conditions are fulfilled, Stuxnet introduces the infected rootkit onto the PLC and Step7 software, modifying the codes and giving unexpected commands to the PLC while returning a loop of normal operations system values feedback to the users.
Some more complex PLC’s look a little different, but EVERY PLC will have the following components:
1. A set of electrical connections corresponding to INPUTS. Each connection has a unique INPUT number.
2. A set of electrical connections, corresponding to OUTPUTS. Each connection has a unique OUTPUT number.
3. A Controller, which is a simple form of a computer.
What can a PLC do ?
Execute logic to control equipment based on some conditions which are reported by sensors, or switches. This needs some explanation. Consider that there is some equipment in a factory which needs to be controlled by some actuators. For example, when a part is loaded on a machine, we would like two pneumatic cylinders to extend and hold the part into a fixed position. Then we would like to turn on a motor, which operates a drill to make holes in the part. When the drilling is done, we would like to switch off the drill, and then release the cylinders, to remove the part.
Imagine that when a part is put on the machine table, a photo-sensor is activated, giving us an indication that the operation sequence described above must begin.
Then we can use a PLC to operate all this machinery.
First, the photosensor gives the signal of part arrival: it is therefore an input to our logic, indicating that operations must begin. Such sensors are usually connected to the INPUT connections on the PLC (since these sensors are external to the PLC, they are also called EXTERNAL INPUTS).
The logical sequence of operations: Turn Cylinder 1 ON -> Turn Cylinder 2 ON -> Turn Drill Motor ON -> Wait (delay) till Drilling is done -> Turn Drill Motor OFF -> Turn Cylinder 2 OFF -> Turn Cylinder 1 OFF must now be executed. All this is information is very systematic, and therefore we can program it into a computer to perform the operation. This information is then EXECUTED (just like a computer RUNNING a PROGRAM) by the computer inside the PLC. This computer is called a CONTROLLER (since it controls the logic).
Thus, when the EXTERNAL INPUT connected to the Photo Sensor is turned ON, the PLC controller senses that actions must begin, and it first turns a SPECIFIED OUTPUT terminal (for example, Output 1), ON. This means that at the electrical connection corresponding to Output 1, the voltage level, which was 0volts before, is now turned HIGH (example, 24 Volts). Of course, we had connected this Output 1 connection with a wire to a solenoid valve controlling the Cylinder 1. Thus Cylinder 1 will now turn ON.
Again, since the terminal Output 1 is connected to a device (in this case, a solenoid) outside the PLC, we call it an EXTERNAL OUTPUT terminal.
Similarly, we had connected (external) Output 2 to a solenoid controlling Cylinder 2. And Output 3 to the motor driving the Drilling Machine. Thus, CONTROLLER, in sequence specified by the LOGIC PROGRAMMED by you, controls the External Outputs to go ON and OFF. And accordingly, the different actuators connected to the External Outputs are turned ON and OFF.
Can the PLC control many different actuators ? Yes ! It can control as many actuators as it has External Output terminals.
What kind of logical sequences of operations (including repeating actions, or loops) can the PLC control ? Many, and we will now learn these.
Example 1:
Let’s start with the simplest example. In our factory is a robot, which picks up heavy metal parts from one place, and puts them in another place. When the robot is working, it is not safe for humans to go near it, since there could be an accident. Therefore, to warn the human operator that they are too close to the operating robot, we need to install a warning light.
On the floor close to the Robot’s operational area, we put a pressure sensitive mat. This mat has a pressure sensor, so when the load on top of it is increased (for example, when a human steps on the mat) then the pressure switch is activated and turns ON.
THE LOGIC:
When Pressure_Switch is ON, turn the Warning_Light ON.
(of course, when the pressure switch turns off again, that is, when the human goes away from the robot, the warning light must also go off.)
STEP 1:
We write this logic into a PROGRAM (since the computer can only understand programs!).
STEP 2:
We load this program into the PLC.
STEP 3:
We connect the sensor output (in this case, the Output of the Pressure sensitive switch) to the External Input terminal. Of course, we have more than one External Input terminals. Which one do we connect ? The one we specified in our program !
STEP 4:
We connect the PLC External Output Terminal (specified by our program) to the Warning Light.
STEP 5:
Now, we EXECUTE the logic program on the PLC.
No comments:
Post a Comment