QEMU as a platform for PLC virtualization. An analysis from a cyber security perspective
Publish date: 2018-05-07
Report number: FOI-R--4576--SE
Written in: Swedish
- Cyber security
Cyber security audits are generally difficult to perform on operational industrial information and control systems (ICS) due to the risk of outages in the often society-critical services realized by these systems. For this reason, many researchers are exploring virtualization as a means to realize high-fidelity simulations of ICS systems, where cyber security tests can be safely performed. The Programmable Logic Controller (PLC) is an important ICS component that is used to monitor and control physical processes such as circuit breakers and railroad switches. Previous research has identified PLCs as a particularly difficult component to virtualize. This report explores the possibility to virtualize PLCs using the Quick Emulator (QEMU). The results indicate that it indeed is possible to virtualize PLCs using QEMU. They however also suggest that an implementation of a PLC in QEMU could be very expensive to produce, and that exploits against the simulated PLC might have different outcome than against the real PLC.