Virtual Event Today: Supply Chain Security Summit - Register Now

Security Experts:

Connect with us

Hi, what are you looking for?



Open Source Tool Helps Secure Siemens PCS 7 Control Systems

Siemens PCS7 security tool

Industrial cybersecurity company OTORIO has released an open source tool designed to help organizations harden Siemens’ SIMATIC PCS 7 distributed control systems (DCS).

Siemens PCS7 security tool

Industrial cybersecurity company OTORIO has released an open source tool designed to help organizations harden Siemens’ SIMATIC PCS 7 distributed control systems (DCS).

The tool has been made available on GitHub as a PowerShell script, and OTORIO says it has been tested on Windows 7, Windows 10, Windows Server 2012 R2 and Windows Server 2016. Users only need to run the script as an administrator.

According to the cybersecurity firm, the script is designed to assess the security configuration of the SIMATIC PCS 7 OS client, OS server and engineering station.

It collects data from various sources, including the Windows registry, Windows Management Instrumentation (WMI), running services, PCS 7 Web Navigator and Information Server configuration files, RsoP (Resultant Set of Policy), and security policies related to passwords. The data is then analyzed based on OTORIO’s research into PCS 7 DCS and security recommendations from Siemens documentation.

Matan Dobrushin, OTORIO’s head of research, told SecurityWeek that based on his team’s experience, it’s more cost-effective to start with server configurations when securing an environment. Additionally, it can be far more efficient compared to patching software vulnerabilities, considering that the process reduces risk to the entire operational project, unlike plugging a single security hole on a single asset.

“The control servers are the ones responsible for the complete operational process, making them the ‘crown jewels’ of the network,” Dobrushin explained. “Based on the knowledge gathered from studying previous attacks, we see that the number of vulnerabilities exploited is not high (in comparison to other security issues exploitation). From our experience, this is the case in a lot of modern attacks. So, if you have limited resources, and you always have limited resources, you should probably start mitigating the easy, and most cost-effective issues.”

Learn more about ICS security tools at SecurityWeek’s ICS Cyber Security Conference and SecurityWeek’s Security Summits virtual event series

The researcher believes it’s important that industrial organizations secure PCS 7 environments as this is one of the most commonly used DCS solutions in a number of verticals, particularly manufacturing.

“Once an attacker has a network with PCS 7 in his sights, he really does not have a better way to impact the network, other than to exploit the PCS 7 itself” he said.

Dobrushin told SecurityWeek that internally they have a tool that not only flags potential security issues but also fixes them.

“However, from the OT personnel perspective, fixing gaps automatically is something that may sound alarming to some, so we decided to only publish the tool for detecting those issues and allowing everyone to use their own mitigation tools,” he explained.

OTORIO plans on releasing other DCS and SCADA security tools in the near future, for products from Siemens and other prominent vendors.

“Some tools that are already in the pipeline are even more complex and check more configurations than just the Windows configurations,” Dobrushin said.

Related: Flaws in ABB DCS Allow Hackers to Cause Disruption in Industrial Environments

Related: Siemens Patches Serious DoS Vulnerabilities in Several Products

Related: Siemens Warns of Security Risks Associated With Use of ActiveX

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.


Apple has released updates for macOS, iOS and Safari and they all include a WebKit patch for a zero-day vulnerability tracked as CVE-2023-23529.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.