Indirect local access, Overview, Devices – BECKHOFF IPC-Security User Manual

4. Indirect Local Access

4.1. Overview

This chapter is based on the scenario that a cyber criminal has only indirect access to the industrial controller.
The term “indirect local access” means that the attacker cannot directly interact with the device but has
instead infiltrated the system, e.g. via some kind of malwarethat could jam specific functionalities or even
cause the system to crash, or by exploiting faulty software components.

4.1.1. Devices

The following table provides an overview about devices that play an important part in this scenario.

Device

Category

Description

IPC/EPC

Industrial Controller

Beckhoff Industrial-/Embedded-
PC

4.1.2. Software components

The following table provides an overview about software packages that play an important part in this sce-
nario.

Software

Category

Description

Microsoft Windows XP

System software

Operating System

Microsoft Windows 7

System software

Operating System

Microsoft Windows Embedded

System software

Operating System

Microsoft Windows CE

System software

Operating system

Windows Update Client

Update Software

Used to receive Windows Up-
dates from a central Windows
Update Server

Windows Update Server

Update Software

Used to distribute Windows Up-
dates from a central location to
network clients

4.1.3. Potential threat scenarios

The following chapter gives a short overview about possible threat scenarios, which may or may not be
representative in your environment. We assume that an attacker is able to gain local access to the device

20