PIRAT - Tool for Automated Cyber-risk Assessment of PLC Components & Systems Deploying NVD CVE & MITRE ATT&CK Databases

Programmable Logic Controllers (PLCs) are the backbone of modern-day Industrial Control Systems (ICSs), and as such play a key role in many critical infrastructure sectors (e.g., water and water-waste management, power distribution, transportation, food and agriculture, critical manufacturing, etc.). Given the important functions that PLCs carry out within many critical infrastructures, a cyber-compromise of even a single PLC device can have far-reaching impact and consequences, ranging from distribution-system outages, environmental pollution, mass water and food poisoning, to outright loss of human life. The objective of this work-in-progress is to develop a free open source tool, named PIRAT, for cyber-risk assessment of individual PLC components, as well as more complex PLC systems. The tool synthesizes the user-provided PLC component/system information with the readily available data from the National Vulnerability Database (NVD) and MITRE Adversarial Tactics, Techniques and Common Knowledge (MITRE ATT&CK) database. The output of the tool is an aggregate risk scores for the given PLC component/system. The risk score is derived not only based on the known PLC vulnerabilities, but also based on the presence and capabilities of advance persistent threat (APT) groups potentially targeting the given PLC component/system and/or targeting the respective critical infrastructure industry.