After twenty years of assumed invulnerability, a security researcher has presented two papers on vulnerabilities in the venerable HART Communication Protocol.
First, in a presentation entitled “HART (in)security: how one transmitter can compromise whole plant,” presented in November of 2013, and now at S4x14 in one titled “HART as an Attack Vector: from current loop to application layer,” Alexander Bolshev, security analyst at ERPScan , which is a security research firm devoted to SAP systems, has indicated that HART may not be invulnerable after all. Questions remain about whether the same or similar hacks can be applied to Foundation fieldbus devices as well. Many FF devices are HART devices with add-on circuit boards.
You can see his presentations on slideshare but the real stuff is in the speakers’ notes, so you’ll have to download the presentations.
Here are the links:
http://www.slideshare.net/dark_k3y/hart-insecurity-how-one-transmitter-can-compromise-whole-plant
http://www.slideshare.net/dark_k3y/hart-as-an-attack-vector-from-current-loop-to-application-layer