{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,14]],"date-time":"2026-05-14T20:09:32Z","timestamp":1778789372205,"version":"3.51.4"},"publisher-location":"New York, NY, USA","reference-count":62,"publisher":"ACM","license":[{"start":{"date-parts":[[2022,11,6]],"date-time":"2022-11-06T00:00:00Z","timestamp":1667692800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61833015, U1911401"],"award-info":[{"award-number":["61833015, U1911401"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"name":"Fundamental Research Funds for the Central Universities (Zhejiang University NGICS Platform)"},{"DOI":"10.13039\/100010346","name":"University of Colorado Denver","doi-asserted-by":"publisher","id":[{"id":"10.13039\/100010346","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2022,11,6]]},"DOI":"10.1145\/3560905.3568521","type":"proceedings-article","created":{"date-parts":[[2023,1,24]],"date-time":"2023-01-24T23:37:10Z","timestamp":1674603430000},"page":"548-562","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":9,"title":["Reverse Engineering Physical Semantics of PLC Program Variables Using Control Invariants"],"prefix":"10.1145","author":[{"given":"Zeyu","family":"Yang","sequence":"first","affiliation":[{"name":"Zhejiang University"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Liang","family":"He","sequence":"additional","affiliation":[{"name":"University of Colorado Denver"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Hua","family":"Yu","sequence":"additional","affiliation":[{"name":"Zhejiang University"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Chengcheng","family":"Zhao","sequence":"additional","affiliation":[{"name":"Zhejiang University"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Peng","family":"Cheng","sequence":"additional","affiliation":[{"name":"Zhejiang University"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jiming","family":"Chen","sequence":"additional","affiliation":[{"name":"Zhejiang University"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2023,1,24]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Ali Abbasi and Majid Hashemi. 2016. Ghost in the PLC Designing an Undetectable Programmable Logic Controller Rootkit via Pin Control Attack. In Black Hat Europe. 1--35."},{"key":"e_1_3_2_1_2_1","volume-title":"https:\/\/www.cisa.gov\/uscert\/ics\/advisories\/icsa-20-238-02. (2020). [Online","author":"Advisory ICS","year":"2022","unstructured":"ICS Advisory. 2020. Emerson OpenEnterprise. https:\/\/www.cisa.gov\/uscert\/ics\/advisories\/icsa-20-238-02. (2020). [Online; Accessed October 2022]."},{"key":"e_1_3_2_1_3_1","volume-title":"Siemens SIMATIC HMI Products. https:\/\/us-cert.cisa.gov\/ics\/advisories\/icsa-20-252-06. (2020). [Online","author":"Advisory ICS","year":"2022","unstructured":"ICS Advisory. 2020. Siemens SIMATIC HMI Products. https:\/\/us-cert.cisa.gov\/ics\/advisories\/icsa-20-252-06. (2020). [Online; Accessed October 2022]."},{"key":"e_1_3_2_1_4_1","volume-title":"SIMATIC WinCC Graphics Designer. https:\/\/us-cert.cisa.gov\/ics\/advisories\/icsa-21-040-09. (2021). [Online","author":"Advisory ICS","year":"2022","unstructured":"ICS Advisory. 2021. SIMATIC WinCC Graphics Designer. https:\/\/us-cert.cisa.gov\/ics\/advisories\/icsa-21-040-09. (2021). [Online; Accessed October 2022]."},{"key":"e_1_3_2_1_5_1","volume-title":"Programming with STEP 7. https:\/\/cache.industry.siemens.com\/dl\/files\/825\/109751825\/att_933142\/v1\/STEP_7_-_Programming_with_STEP_7.pdf. (2017). [Online","author":"Siemens AG.","year":"2022","unstructured":"Siemens AG. 2017. Programming with STEP 7. https:\/\/cache.industry.siemens.com\/dl\/files\/825\/109751825\/att_933142\/v1\/STEP_7_-_Programming_with_STEP_7.pdf. (2017). [Online; Accessed October 2022]."},{"key":"e_1_3_2_1_6_1","volume-title":"Working with WinCC. https:\/\/support.industry.siemens.com\/cs\/document\/109773058\/wincc-v7-5-sp1-working-with-wincc?dti=0&lc=en-CZ. (2019). [Online","author":"Siemens AG.","year":"2022","unstructured":"Siemens AG. 2019. WinCC V7.5 SP1: Working with WinCC. https:\/\/support.industry.siemens.com\/cs\/document\/109773058\/wincc-v7-5-sp1-working-with-wincc?dti=0&lc=en-CZ. (2019). [Online; Accessed October 2022]."},{"key":"e_1_3_2_1_7_1","volume-title":"OpenPLC Runtime version 3. https:\/\/github.com\/thiagoralves\/OpenPLC_v3. (2021). [Online","author":"Alves Thiago","year":"2022","unstructured":"Thiago Alves. 2021. OpenPLC Runtime version 3. https:\/\/github.com\/thiagoralves\/OpenPLC_v3. (2021). [Online; Accessed October 2022]."},{"key":"e_1_3_2_1_8_1","unstructured":"Karl Johan \u00c5str\u00f6m Tore H\u00e4gglund and Karl J Astrom. 2006. Advanced PID control."},{"key":"e_1_3_2_1_9_1","volume-title":"MicroLogix 1400 Programmable Controllers User Manual. https:\/\/literature.rockwellautomation.com\/idc\/groups\/literature\/documents\/um\/1766-um001_-en-p.pdf. (2021). [Online","author":"Automation Rockwell","year":"2022","unstructured":"Rockwell Automation. 2021. MicroLogix 1400 Programmable Controllers User Manual. https:\/\/literature.rockwellautomation.com\/idc\/groups\/literature\/documents\/um\/1766-um001_-en-p.pdf. (2021). [Online; Accessed October 2022]."},{"key":"e_1_3_2_1_10_1","volume-title":"Deploying Intrusion-Tolerant SCADA for the Power Grid. In 49th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN). 328--335","author":"Babay Amy","year":"2019","unstructured":"Amy Babay, John Schultz, Thomas Tantillo, Samuel Beckley, Eamon Jordan, Kevin Ruddell, Kevin Jordan, and Yair Amir. 2019. Deploying Intrusion-Tolerant SCADA for the Power Grid. In 49th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN). 328--335."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.ijcip.2013.04.004"},{"key":"e_1_3_2_1_12_1","unstructured":"Hans Berger. 2012. Automating with STEP7 in STL and SCL: programmable controllers Simatic S7-300\/400."},{"key":"e_1_3_2_1_13_1","unstructured":"Eli Biham Sara Bitan Aviad Carmel Alon Dankner Uriel Malin and Avishai Wool. 2019. Rogue7: Rogue Engineering Station Attacks on S7 Simatic PLCs. In BlackHat USA."},{"key":"e_1_3_2_1_14_1","volume-title":"SSA-381684: Improper Password Protection during Authentication in SIMATIC S7-300 and S7-400 CPUs and Derived Products. https:\/\/cert-portal.siemens.com\/productcert\/pdf\/ssa-381684.pdf. (2020). [Online","author":"Siemens Siemens Security","year":"2022","unstructured":"Siemens Security Advisory by Siemens ProductCERT. 2020. SSA-381684: Improper Password Protection during Authentication in SIMATIC S7-300 and S7-400 CPUs and Derived Products. https:\/\/cert-portal.siemens.com\/productcert\/pdf\/ssa-381684.pdf. (2020). [Online; Accessed October 2022]."},{"key":"e_1_3_2_1_15_1","volume-title":"Awlsim: S7 compatible PLC\/SPS. https:\/\/bues.ch\/cms\/automation\/awlsim.","author":"B\u00fcsch Michael","year":"2020","unstructured":"Michael B\u00fcsch. 2020. Awlsim: S7 compatible PLC\/SPS. https:\/\/bues.ch\/cms\/automation\/awlsim. (2020). [Online; Accessed October 2022]."},{"key":"e_1_3_2_1_16_1","volume-title":"Analysis of the Cyber Attack on the Ukrainian Power Grid","author":"Case Defense Use","year":"2016","unstructured":"Defense Use Case. 2016. Analysis of the Cyber Attack on the Ukrainian Power Grid. Electricity Information Sharing and Analysis Center (2016)."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/3471621.3471864"},{"key":"e_1_3_2_1_18_1","volume-title":"Online Discoverability and Vulnerabilities of ICS\/SCADA Devices in the Netherlands. arXiv preprint arXiv:2011.02019","author":"Ceron Joao M","year":"2020","unstructured":"Joao M Ceron, Justyna J Chromik, Jair Santanna, and Aiko Pras. 2020. Online Discoverability and Vulnerabilities of ICS\/SCADA Devices in the Netherlands. arXiv preprint arXiv:2011.02019 (2020)."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/3468264.3468617"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/3395363.3397376"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243752"},{"key":"e_1_3_2_1_22_1","unstructured":"Kevin Collier. 2021. In Florida a near-miss with a cybersecurity worst-case scenario. https:\/\/www.nbcnews.com\/tech\/security\/florida-near-miss-cybersecurity-worst-case-scenario-n1257091. (2021). [Online; Accessed October 2022]."},{"key":"e_1_3_2_1_23_1","volume-title":"Carlo Sansone, and Mario Vento","author":"Conte Donatello","year":"2004","unstructured":"Donatello Conte, Pasquale Foggia, Carlo Sansone, and Mario Vento. 2004. THIRTY YEARS OF GRAPH MATCHING IN PATTERN RECOGNITION. International journal of pattern recognition and artificial intelligence 18, 03 (2004), 265--298."},{"key":"e_1_3_2_1_24_1","volume-title":"Rockwell Automation MicroLogix Controllers and RSLogix 500 Software. https:\/\/us-cert.cisa.gov\/ics\/advisories\/icsa-20-070-06. (2020). [Online","author":"Cybersecurity and Infrastructure Security Agency","year":"2022","unstructured":"Cybersecurity and Infrastructure Security Agency. 2020. Rockwell Automation MicroLogix Controllers and RSLogix 500 Software. https:\/\/us-cert.cisa.gov\/ics\/advisories\/icsa-20-070-06. (2020). [Online; Accessed October 2022]."},{"key":"e_1_3_2_1_25_1","volume-title":"User Manual for PLC Programming with CoDeSys 2.3. https:\/\/www.ee.pw.edu.pl\/~purap\/PLC\/manuals\/m07590333_00000000_1en.pdf. (2010). [Online","author":"Electric Schneider","year":"2022","unstructured":"Schneider Electric. 2010. User Manual for PLC Programming with CoDeSys 2.3. https:\/\/www.ee.pw.edu.pl\/~purap\/PLC\/manuals\/m07590333_00000000_1en.pdf. (2010). [Online; Accessed October 2022]."},{"key":"e_1_3_2_1_26_1","volume-title":"EcoStruxureTM Machine SCADA Expert Technical Reference Manual. https:\/\/damrexelprod.blob.core.windows.net\/medias\/10bdfea1-bba7-490a-94ff-cff4fabf55e2. (2019). [Online","author":"Electric Schneider","year":"2022","unstructured":"Schneider Electric. 2019. EcoStruxureTM Machine SCADA Expert Technical Reference Manual. https:\/\/damrexelprod.blob.core.windows.net\/medias\/10bdfea1-bba7-490a-94ff-cff4fabf55e2. (2019). [Online; Accessed October 2022]."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/3427228.3427660"},{"key":"e_1_3_2_1_28_1","first-page":"29","article-title":"W32. Stuxnet Dossier. White paper, Symantec Corp","volume":"5","author":"Falliere Nicolas","year":"2011","unstructured":"Nicolas Falliere, Liam O Murchu, and Eric Chien. 2011. W32. Stuxnet Dossier. White paper, Symantec Corp., Security Response. 5, 6 (2011), 29.","journal-title":"Security Response."},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2019.23265"},{"key":"e_1_3_2_1_30_1","volume-title":"Matching Structure and Semantics: A Survey on Graph-Based Pattern Matching. In AAAI Fall Symposium: Capturing and Using Patterns for Evidence Detection.","author":"Gallagher Brian","year":"2006","unstructured":"Brian Gallagher. 2006. Matching Structure and Semantics: A Survey on Graph-Based Pattern Matching. In AAAI Fall Symposium: Capturing and Using Patterns for Evidence Detection."},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2017.23313"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/3339252.3340331"},{"key":"e_1_3_2_1_33_1","volume-title":"Triton is the world's most murderous malware, and it's spreading. https:\/\/www.technologyreview.com\/2019\/03\/05\/103328\/cybersecurity-critical-infrastructure-triton-malware\/. (2019). [Online","author":"Giles Martin","year":"2022","unstructured":"Martin Giles. 2019. Triton is the world's most murderous malware, and it's spreading. https:\/\/www.technologyreview.com\/2019\/03\/05\/103328\/cybersecurity-critical-infrastructure-triton-malware\/. (2019). [Online; Accessed October 2022]."},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"crossref","unstructured":"Naman Govil Anand Agrawal and Nils Ole Tippenhauer. 2018. On Ladder Logic Bombs in Industrial Control Systems. In Computer Security. 110--126.","DOI":"10.1007\/978-3-319-72817-9_8"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/3140241.3140254"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"crossref","unstructured":"Dag H Hanssen. 2015. Programmable logic controllers: a practical approach to IEC 61131-3 using CODESYS.","DOI":"10.1002\/9781118949214"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.14722\/bar.2019.23074"},{"key":"e_1_3_2_1_38_1","volume-title":"ICSREF: A Framework for Automated Reverse Engineering of Industrial Control Systems Binaries. In Symposium on Network and Distributed System Security (NDSS).","author":"Keliris Anastasis","year":"2019","unstructured":"Anastasis Keliris and Michail Maniatakos. 2019. ICSREF: A Framework for Automated Reverse Engineering of Industrial Control Systems Binaries. In Symposium on Network and Distributed System Security (NDSS)."},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"crossref","unstructured":"Johannes Klick Stephan Lau Daniel Marzin Jan-Ole Malchow and Volker Roth. 2015. Internet-facing PLCs - A New Back Orifice. In Blackhat USA.","DOI":"10.1109\/CNS.2015.7346865"},{"key":"e_1_3_2_1_40_1","volume-title":"Estimating Mutual Information. Physical review E 69, 6","author":"Kraskov Alexander","year":"2004","unstructured":"Alexander Kraskov, Harald St\u00f6gbauer, and Peter Grassberger. 2004. Estimating Mutual Information. Physical review E 69, 6 (2004), 066138."},{"key":"e_1_3_2_1_41_1","volume-title":"Library to Access Siemens PLCs and Step5\/Step7 Project Files. https:\/\/github.com\/dotnetprojects\/DotNetSiemensPLCToolBoxLibrary. (2014). [Online","author":"K\u00fchner Jochen","year":"2022","unstructured":"Jochen K\u00fchner. 2014. Library to Access Siemens PLCs and Step5\/Step7 Project Files. https:\/\/github.com\/dotnetprojects\/DotNetSiemensPLCToolBoxLibrary. (2014). [Online; Accessed October 2022]."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2018.2826558"},{"key":"e_1_3_2_1_43_1","volume-title":"SWaT: A Water Treatment Testbed for Research and Training on ICS Security. In 2016 international workshop on cyber-physical systems for smart water networks (CySWater). IEEE, 31--36","author":"Aditya","unstructured":"Aditya P. Mathur and Nils Ole Tippenhauer. 2016. SWaT: A Water Treatment Testbed for Research and Training on ICS Security. In 2016 international workshop on cyber-physical systems for smart water networks (CySWater). IEEE, 31--36."},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382244"},{"key":"e_1_3_2_1_45_1","volume-title":"Controller-Aware False Data Injection Against Programmable Logic Controllers. In 2014 IEEE International Conference on Smart Grid Communications (SmartGridComm). IEEE, 848--853","author":"McLaughlin Stephen","year":"2014","unstructured":"Stephen McLaughlin and Saman Zonouz. 2014. Controller-Aware False Data Injection Against Programmable Logic Controllers. In 2014 IEEE International Conference on Smart Grid Communications (SmartGridComm). IEEE, 848--853."},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23043"},{"key":"e_1_3_2_1_47_1","volume-title":"12th USENIX Workshop on Offensive Technologies (WOOT 18)","author":"Niedermaier Matthias","year":"2018","unstructured":"Matthias Niedermaier, Jan-Ole Malchow, Florian Fischer, Daniel Marzin, Dominik Merli, Volker Roth, and Alexander Von Bodisco. 2018. You Snooze, You Lose: Measuring PLC Cycle Times under Attacks. In 12th USENIX Workshop on Offensive Technologies (WOOT 18)."},{"key":"e_1_3_2_1_48_1","volume-title":"Security Notification - Modicon M100\/M200\/M221 Programmable Logic Controller (V3.0). https:\/\/www.se.com\/ww\/en\/download\/document\/SEVD-2020-315-05\/. (2021). [Online","author":"Security Notification Schneider Electric","year":"2022","unstructured":"Schneider Electric Security Notification. 2021. Security Notification - Modicon M100\/M200\/M221 Programmable Logic Controller (V3.0). https:\/\/www.se.com\/ww\/en\/download\/document\/SEVD-2020-315-05\/. (2021). [Online; Accessed October 2022]."},{"key":"e_1_3_2_1_49_1","volume-title":"JEB Decompiler for S7 PLC. https:\/\/www.pnfsoftware.com\/jeb\/plc. (2015). [Online","author":"Software Inc PNF","year":"2022","unstructured":"Inc PNF Software. 2015. JEB Decompiler for S7 PLC. https:\/\/www.pnfsoftware.com\/jeb\/plc. (2015). [Online; Accessed October 2022]."},{"key":"e_1_3_2_1_50_1","volume-title":"SAVIOR: Securing Autonomous Vehicles with Robust Physical Invariants. In 29th USENIX Security Symposium (USENIX Security 20)","author":"Quinonez Raul","year":"2020","unstructured":"Raul Quinonez, Jairo Giraldo, Luis Salazar, Erick Bauman, Alvaro Cardenas, and Zhiqiang Lin. 2020. SAVIOR: Securing Autonomous Vehicles with Robust Physical Invariants. In 29th USENIX Security Symposium (USENIX Security 20). 895--912."},{"key":"e_1_3_2_1_51_1","volume-title":"International Conference on Technology Trends. 91--103","author":"Robles-Durazno Andres","year":"2018","unstructured":"Andres Robles-Durazno, Naghmeh Moradpoor, James McWhinnie, Gordon Russell, and Inaki Maneru-Marin. 2018. Implementation and Detection of Novel Attacks to the PLC Memory on a Clean Water Supply System. In International Conference on Technology Trends. 91--103."},{"key":"e_1_3_2_1_52_1","volume-title":"Physical Attestation of Cyber Processes in the Smart Grid. In International Workshop on Critical Information Infrastructures Security. 96--107","author":"Roth Thomas","year":"2013","unstructured":"Thomas Roth and Bruce McMillin. 2013. Physical Attestation of Cyber Processes in the Smart Grid. In International Workshop on Critical Information Infrastructures Security. 96--107."},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1145\/3320269.3384730"},{"key":"e_1_3_2_1_54_1","first-page":"1","article-title":"PLC-Blaster: A Worm Living Solely in the PLC","volume":"16","author":"Spenneberg Ralf","year":"2016","unstructured":"Ralf Spenneberg, Maik Br\u00fcggemann, and Hendrik Schwartke. 2016. PLC-Blaster: A Worm Living Solely in the PLC. Black Hat Asia 16 (2016), 1--16.","journal-title":"Black Hat Asia"},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2019.00045"},{"key":"e_1_3_2_1_56_1","volume-title":"Exporting Archived Data from WinCC with the OLE DB Provider. https:\/\/cache.industry.siemens.com\/dl\/files\/261\/38132261\/att_946466\/v3\/38132261__Application_Reverse_Osmosis_DOC_en.pdf. (2019). [Online","author":"Online Support Siemens Industry","year":"2022","unstructured":"Siemens Industry Online Support. 2019. Exporting Archived Data from WinCC with the OLE DB Provider. https:\/\/cache.industry.siemens.com\/dl\/files\/261\/38132261\/att_946466\/v3\/38132261__Application_Reverse_Osmosis_DOC_en.pdf. (2019). [Online; Accessed October 2022]."},{"key":"e_1_3_2_1_57_1","volume-title":"Seedworm: Group Compromises Government Agencies, Oil & Gas, NGOs, Telecoms, and IT Firms. https:\/\/symantec-enterprise-blogs.security.com\/blogs\/threat-intelligence\/seedworm-espionage-group.","author":"DeepSight Adversary Intelligence Symantec","year":"2018","unstructured":"Symantec DeepSight Adversary Intelligence Team. 2018. Seedworm: Group Compromises Government Agencies, Oil & Gas, NGOs, Telecoms, and IT Firms. https:\/\/symantec-enterprise-blogs.security.com\/blogs\/threat-intelligence\/seedworm-espionage-group. (2018). [Online; Accessed October 2022]."},{"key":"e_1_3_2_1_58_1","volume-title":"Dragonfly: Western energy sector targeted by sophisticated attack group. https:\/\/www.symantec.com\/blogs\/threat-intelligence\/dragonfly-energy-sector-cyber-attacks.","author":"Hunter Team Symantec Threat","year":"2017","unstructured":"Symantec Threat Hunter Team. 2017. Dragonfly: Western energy sector targeted by sophisticated attack group. https:\/\/www.symantec.com\/blogs\/threat-intelligence\/dragonfly-energy-sector-cyber-attacks. (2017). [Online; Accessed October 2022]."},{"key":"e_1_3_2_1_59_1","volume-title":"Shamoon: Destructive Threat Re-Emerges with New Sting in its Tail. https:\/\/symantec-enterprise-blogs.security.com\/blogs\/threat-intelligence\/shamoon-destructive-threat-re-emerges-new-sting-its-tail.","author":"Hunter Team Symantec Threat","year":"2018","unstructured":"Symantec Threat Hunter Team. 2018. Shamoon: Destructive Threat Re-Emerges with New Sting in its Tail. https:\/\/symantec-enterprise-blogs.security.com\/blogs\/threat-intelligence\/shamoon-destructive-threat-re-emerges-new-sting-its-tail. (2018). [Online; Accessed October 2022]."},{"key":"e_1_3_2_1_60_1","unstructured":"A Semantic Attack Against the Elevator Control System. 2022. https:\/\/youtu.be\/1mksLMRYFtE. (2022)."},{"key":"e_1_3_2_1_61_1","volume-title":"30th USENIX Security Symposium (USENIX Security 21)","author":"Tychalas Dimitrios","year":"2021","unstructured":"Dimitrios Tychalas, Hadjer Benkraouda, and Michail Maniatakos. 2021. ICSFuzz: Manipulating I\/Os and Repurposing Binary Code to Enable Instrumented Fuzzing in ICS Control Applications. In 30th USENIX Security Symposium (USENIX Security 21)."},{"key":"e_1_3_2_1_62_1","volume-title":"Towards Automated Safety Vetting of PLC Code in Real-World Plants. In 2019 IEEE Symposium on Security and Privacy (S&P). 522--538","author":"Zhang Mu","year":"2019","unstructured":"Mu Zhang, James Moyne, Z Morley Mao, Chien-Ying Chen, Bin-Chou Kao, Yassine Qamsane, Yuru Shao, Yikai Lin, Elaine Shi, Sibin Mohan, et al. 2019. Towards Automated Safety Vetting of PLC Code in Real-World Plants. In 2019 IEEE Symposium on Security and Privacy (S&P). 522--538."}],"event":{"name":"SenSys '22: The 20th ACM Conference on Embedded Networked Sensor Systems","location":"Boston Massachusetts","acronym":"SenSys '22","sponsor":["SIGMETRICS ACM Special Interest Group on Measurement and Evaluation","SIGCOMM ACM Special Interest Group on Data Communication","SIGMOBILE ACM Special Interest Group on Mobility of Systems, Users, Data and Computing","SIGOPS ACM Special Interest Group on Operating Systems","SIGBED ACM Special Interest Group on Embedded Systems","SIGARCH ACM Special Interest Group on Computer Architecture"]},"container-title":["Proceedings of the 20th ACM Conference on Embedded Networked Sensor Systems"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3560905.3568521","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3560905.3568521","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T17:49:15Z","timestamp":1750182555000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3560905.3568521"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,11,6]]},"references-count":62,"alternative-id":["10.1145\/3560905.3568521","10.1145\/3560905"],"URL":"https:\/\/doi.org\/10.1145\/3560905.3568521","relation":{},"subject":[],"published":{"date-parts":[[2022,11,6]]},"assertion":[{"value":"2023-01-24","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}