Doors of Durin: The Veiled Gate to Siemens S7 Silicon

Conference:  BlackHat EU 2019



The presentation discusses the reverse engineering of Siemens PLC firmware and the discovery of legacy functionality that poses security risks. It also highlights the importance of removing such features and opening up systems to researchers.
  • Siemens PLC firmware was reverse engineered to discover legacy functionality that poses security risks
  • The discovered functionality includes a lot of diagnostics features that could be used by malicious actors
  • Removing such features would make it harder for intruders to access the system
  • Opening up systems to researchers would allow for introspection and better understanding of the system's vulnerabilities
  • Siemens is aware of the discovered vulnerabilities and is working on a fix
The presenter spent time reverse engineering the firmware and found that there were many pieces of functionality related to automation processes. They also discovered that the firmware allowed for direct communication with hardware through memory mapped I/O. Additionally, they found that the firmware had memory protections in place, such as the execute never bit and read-only protections. The presenter also noted that some former Siemens employees had mentioned working on a proprietary file system format that was power-down consistent.


Siemens is a leading provider of industrial automation components for critical infrastructures, and their S7 PLC series is one of the most widely used PLCs in the industry. In recent years, Siemens integrated various security measures into their PLCs. This includes, among others, firmware integrity verification at boot time using a separate bootloader code. This code is baked in a separated SPI flash, and its firmware is not accessible via Siemens' website. In this talk, we present our investigation of the code running in the Siemens S7-1200 PLC bootloader and its security implications. Specifically, we will demonstrate that this bootloader, which to the best of our knowledge was running at least on Siemens S7-1200 PLCs since 2013, contains an undocumented "special access feature". This special access feature can be activated when the user sends a specific command via UART within the first half-second of the PLC booting. The special access feature provides functionalities such as limited read and writes to memory at boot time via the UART interface. We discovered that a combination of those protocol features could be exploited to execute arbitrary code in the PLC and dump the entire PLC memory using a cold-boot style attack. With that, this feature can be used to violate the existing security ecosystem established by Siemens. On a positive note, once discovered by the asset owner, this feature can also be used for good, e.g., as a forensic interface for Siemens PLCs. The talk will be accompanied by the demo of our findings.