Cyberattacks on automated control systems (ACS) have become very common. Nearly all ACS elements are subject to attacks, and the programmable logic controllers (PLCs) are no exception. The PLCs contain a number of vulnerabilities which can be utilized for an attack on the ACS. One such vulnerability is the use of execution systems of the PLC (such as CodeSYS RTE), which are composed of a monolithic or multicomponent program which is executed in a virtual address space on the operating system under whose control the PLC is working. Thus, if even one functional component supported by the PLC execution system is compromised, such as the one realizing the interaction with the input devices, the entire PLC execution system will be compromised.
The technical problem consists in the difficulty of providing a secure operation of the ACS containing the PLC execution system whose functional components contain vulnerabilities.
Currently, there are two different approaches to ensuring security of ACS: in the first case, the PLC design is developed to execute a strictly deterministic problem, which in theory rules out any flexibility (e.g., the ability to switch from one kind of production to another with minimal time and labor expense) and there is no need to make use of execution systems in their classical understanding. In the second case, PLCs are used together with execution systems, which lends maximum flexibility to the PLC, yet totally ignores the question of information security, even though very close attention is paid to the requirements for functional safety in view of their normative regulation.