fortiphyd / grficsv2 Goto Github PK
View Code? Open in Web Editor NEWVersion 2 of the Graphical Realism Framework for Industrial Control Simulation (GRFICS)
License: GNU General Public License v3.0
Version 2 of the Graphical Realism Framework for Industrial Control Simulation (GRFICS)
License: GNU General Public License v3.0
Good afternoon,
I've set up everything according to your 2nd video and the system works up to a point.
What works:
-the Unity UI plant page
-the HMI page
-the VMs.
The part that doesn't work is the PLC. I'm getting a EADDRINUSE for port 8080 when running the sudo nodejs server.js command.
I suppose it has something to do with port 8080, but there's nothing else running in VirtualBox.
Hi,
first of all, thanks for the great work ! I've managed to run GRFICSv2 with docker containers and I've used OpenPLCv3 instead of OpenPLCv2 as the web interface is nicer. The chemical plan seems to work : I can see the values on ScadaBR which match what I see on the Simulation. I can also change directly OpenPLC holding registers with modbus command to change the pressure_sp.
I have a question : what's the purpose of the variables hmi_* registers at %MWxx as ScadaBR seems to read %IWxx variables ?
https://github.com/Fortiphyd/GRFICSv2/blob/master/workstation_vm/simplified_te.st#L377
hmi_pressure AT %MW20 : INT;
hmi_level AT %MW21 : INT;
hmi_f1_valve_pos AT %MW22 : INT;
hmi_f1_flow AT %MW23 : INT;
hmi_f2_valve_pos AT %MW24 : INT;
hmi_f2_flow AT %MW25 : INT;
hmi_purge_valve_pos AT %MW26 : INT;
hmi_purge_flow AT %MW27 : INT;
hmi_product_valve_pos AT %MW28 : INT;
hmi_product_flow AT %MW29 : INT;
scan_count AT %MW30 : UINT := 0;
I've imported VM with NAT interface selected as noticed in description. But I have only loopback interface with no Internet connetction to download all needful updates as mentioned in instruction. I tried to change /etc/network/interface but with no success
Hi,
first of all thanks for all your work and effort you're putting in such project, it is really a good resource for learning and practicing on ICS. i have only a few questions that i hope you can answer:
Thanks,
When trying to build the PLC container using the Dockerfile, there are permission problems. This is due to the .sh scripts that are not executable.
The ScadaBR image can be reached, the others seem to be missing..
According to the Usenix paper, a libmodbus version had been used for OpenPLC that is vulnerable to a buffer overflow. The buffer overflow can be verified by issuing an according "Read Registers" command that results in a service crash (or SIGSEGV
under gdb
). As the paper further mentions, the lesser-known "Read Write Register" function (code 0x17) has to be used to gain actual Remote Code Execution.
Unfortuantely, the Modbus service on the PLC returns an "Illegal Function" error, when using that function code, as can be seen from the pymodbus.console output:
Looking at the libmodbus code inside this repo (and also on the pre-built PLC VM), one can see that this function code is defined:
https://github.com/Fortiphyd/GRFICSv2/blob/master/plc_vm/OpenPLC_v2-master/libmodbus-3.0.4/src/modbus-private.h#L65
and that it should also be properly handled:
https://github.com/Fortiphyd/GRFICSv2/blob/master/plc_vm/OpenPLC_v2-master/libmodbus-3.0.4/src/modbus.c#L870
So, the code path for responding with an "Illegal Function" error should not be taken.
EDIT:
Taking another look at the PLC code base, I realized that the openplc gets linked against libmodbus, but actually uses its own Modbus implementation. The modbus.cpp
does not contain a definition for function code 0x17 and also does not have the code implemented for handling it. Thus the message handling function defaults to the "Illegal Function" response.
The overflow still triggers for read requests, due to the modbus.cpp
having been modified, accordingly: https://github.com/Fortiphyd/GRFICSv2/blob/master/plc_vm/OpenPLC_v2-master/core/modbus.cpp#L292
So, apparently, it would be required to also re-implement the "Read and Write Registers" function inside the modbus.cpp
to gain code executioin.
So I did not find the DHCP server address, upper and lower bound of the two ethernet adapter. What should be the IP addresses of those?
After uploading the attack.st file, what file needs to be uploaded to revert the PLC to normal operation?
Hello,
inside at process simulation, what are these values ?
Inside at Unity 3D
A: 47%
B: 1%
C: 52%
Simulation in C++
A_in_purge
B_in_purge
C_in_purge
ScadaBR
AComp
BComp
CComp
Where can I find all the logs
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.