Direct local access, Overview, Devices – BECKHOFF IPC-Security User Manual

3. Direct Local Access

3.1. Overview

This chapter deals with the scenario that a cyber criminalhas direct, local access to the industrial controller.
The term “direct local access” means that the attacker can physically “grasp” the computer and interact
with it via attached input devices, e.g. mouse and/or keyboard. A regrettably common scenario would be
a machine hall in which the industrial controller is simply located on a desk instead of a locked cabinet and
therefore in an exposed location. A potential cyber criminal can then interact with the device via its keyboard
and/or mouse, attach USB sticks or even damage the device.

3.1.1. Devices

The following table provides an overview about common devices that play an important part in this scenario.

Device

Category

Description

IPC/EPC

Industrial Controller

Beckhoff Industrial-/Embedded-
PC

Keyboard

Input devices

Device used to input data

Mouse

Input devices

Device used to interact with on-
screen data

Touchscreen

Input devices

Device used to interact with on-
screen data

USB storage

Mass storage devices

USB devices used to store data

3.1.2. Software components

The following table provides an overview about software packages that play an important part in this sce-
nario.

Software

Category

Description

BIOS

Firmware

Firmware interface of a com-
puter

Microsoft Windows XP

System software

Operating System

Microsoft Windows 7

System software

Operating System

Microsoft Windows Embedded

System software

Operating System

Microsoft Windows CE

System software

Operating system

10