Schneider to sign PLC firmware

~ hucktech

https://twitter.com/ReverseICS/status/720605400249139200

http://www.digitalbond.com/blog/2016/04/14/basecamp-redux-integrity-in-modicon-m580/

I normally only see news on Schneider in the US-CERT advisories and in DEF CON/other presentations about exploits, so it is nice to hear that they are securing their firmware. I wish we’d see news like this from all device vendors.

http://www.schneider-electric.com/ww/en/

http://www.schneider-electric.com/en/search/firmware?category=all

Published by hucktech

One thought on “Schneider to sign PLC firmware

  1. Sadly, this certainly means that there is no way to run a free firmware on those devices. What would really be good for both security and respecting the user’s freedom would be a way to allow replacing the firmware, with a compatible boot verification process. This is for instance the case on ChromeOS/ChromiumOS (CrOS) devices, where the keys used to sign and the root of trust (first stage software) is stored in a read-only memory that can be set to read-write by physical access from the users (e.g. by removing a screw and putting it back on after changing the keys and the firmware).

    Like

    Reply

Leave a comment