The Risk from Power Lines: How to Sniff the G3 and Prime Data and Detect the Interfere Attack

Presented at Black Hat USA 2016, Aug. 3, 2016, 5:30 p.m. (30 minutes)

Power line communication (PLC) is a kind of communication technology which uses the power line as the communication media. The PLC technology is divided with 2 sub-field: narrow-band PLC and wide-band PLC. For the narrow-band PLC, there are 2 very import standards: Prime and G3. Both the standards are widely used in AMR and electric monitor system and it lead to the rise of threat in AMR system security and electric safety. This topic will talk about how to get the PLC data stream in a PLC communication system which would use G3 or Prime standard, and will also talk about how to detect attacking in the net. We will focus on how to identify which kind of standard the system using and how to sniff the PLC data in physical level.

Presenters:

• Yunding Jian - Qihoo360
  Yunding Jian is a senior hardware architect at UnicornTeam, Qihoo360. He has rich experiences in hardware security and wireless security. He is the creator of the badges for the Syscan360 security conference and he is also the designer of the sensors for the Tianxun wireless intrusion detection system manufactured by Qihoo360.
• Lei Ji - No
  From April 2016 to today, Lei Ji has served as the wireless product regional marketing manager in North China for Cypress Semiconductor. From April 2015 to the present,he has been an honorary advisor of Unicorn Team of Qihoo360. From May 2011 to April 2015, he was MCU and wireless connective (WCS) FAE at Texas Instruments Semiconductor Technologies(Shanghai) Co.,Ltd. Beijing Branch. His main duties and responsibilities included: supporting wireless customers in Northern & Western China from 2012 to 2015 and supporting MCU customers in Beijing and Northeastern China from 2011 to 2013. From June 2007 to May 2011, Lei was Chief Engineer at Beijing Shi Dai Jin Pu Technology development co., Ltd. His main duties and responsibilities included: leading WSN and automobile-electronic business as technical director, designing the firefighter monitor system project which is required by the Beijing Science and Technology Committee, and applying one patent about wireless sensor net.

Links:

• https://www.blackhat.com/us-16/briefings.html#the-risk-from-power-lines-how-to-sniff-the-g3-and-prime-data-and-detect-the-interfere-attack
• https://infocon.org/cons/Black Hat/Black Hat USA/Black Hat USA 2016/The Risk From Power Lines - How to Sniff the G3 and Prime Data and Detect the Interfere Attack.mp4
• https://www.youtube.com/watch?v=eLluZ_ipv5c
• https://www.blackhat.com/docs/us-16/materials/us-16-Lei-The-Risk-From-Power-Lines-How-To-Sniff-The-G3-And-Prime-Data-And-Detect-The-Interfere-Attack.pdf
• https://www.blackhat.com/docs/us-16/materials/us-16-Lei-The-Risk-From-Power-Lines-How-To-Sniff-The-G3-And-Prime-Data-And-Detect-The-Interfere-Attack-wp.pdf

Similar Presentations:

• DEF CON 30 (2022) / Securing Industrial Control Systems from the core: PLC secure coding practices Workshop
• DEF CON 30 (2022) / The Evil PLC Attack: Weaponizing PLCs
• Black Hat USA 2019 / Rogue7: Rogue Engineering-Station Attacks on S7 Simatic PLCs