Pin control attack

Pin control attack is a class of attack against a <a href="/facts/System_on_a_chip/1RVvVe6N">system on a chip</a> (SoC) in an <a href="/facts/Embedded_system/a4muX1wU">embedded system</a> where an attacker targets the <a href="/facts/Input%2foutput/WQTE8Jas">I/O</a> configuration of the embedded systems and disables software or operating system I/O functions without detection. The attack is possible due to a lack of hardware protection for pin configuration and pin multiplexing configurations. 
The most significant target for a pin control attack is a <a href="/facts/Programmable_logic_controller/bqh0GAdb">programmable logic controller</a> (PLC). The application of pin control attack on PLCs is significant because I/O is the main mechanism through which PLCs interact with and control the outside world. PLC I/O like other embedded devices are controlled by a pin based approach. Pin control attack is an attack in which the attacker can tamper with the integrity and availability of PLC I/O by exploiting certain pin control operations and the lack of hardware <a href="/facts/Interrupt/Mm6C4rpc">interrupts</a> associated with them. 
The first example of such an attack was first unveiled at Black Hat Europe 2016. The pin control attack uses I/O peripheral configuration settings of the PLC SoC to physically terminate the I/O module communication interface from the PLC. By targeting the PLC I/O configuration instead of the PLC runtime or changing the <a href="/facts/Ladder_logic/67UVVQwq">logic program</a> the attackers can avoid the typical detection mechanisms that exist in embedded systems.

Pin control attack open-in-new

Pin control attack