Hi, I am Dr. Wael Alsabbagh
a cybersecurity scientist with expertise in IIoT, IoT, ICS, SCADA and PLC based systems.
Services
My expertise in Research and Consulting
Industrial Control Systems Security Assessment
I provide thorough security assessments for ICS, encompassing PLCs and SCADA systems. I meticulously analyze these technologies, identifying vulnerabilities and associated risks. My services offer tailored solutions to mitigate threats, strengthening ICS network resilience.
IoT and IIoT Security Consulting
Leveraging my expertise, I conduct thorough assessments of IoT and IIoT deployments to evaluate their security posture and pinpoint vulnerabilities. With a focus on emerging threats, I develop robust strategies tailored to your specific needs, ensuring proactive defense measures are in place to safeguard your systems against evolving cybersecurity risks.
PORTFOLIO
My Latest Projects.
Click on the desired project to learn more.
As my role in the project, I provide clear and vendor-neutral explanations on how to optimize processes and enhance the competitiveness of businesses through digital solutions. With a special emphasis on the vast potential of Artificial Intelligence (AI) and its associated technologies and applications.
The goal of the Competence Center for IT Security (KITS) is to inform Brandenburg companies about IT security issues and available IT security solutions, as well as to empower companies to help themselves. To achieve this, KITS provides two pillars: "Knowledge Empowers" and "Help for Self-Help". In the "Knowledge Empowers" pillar, I addressed topics related to securing office and production areas, such as network segmentation, deployment of IDS systems, and securing remote desktop environments.
In the project KI Simple & Scalable (KISS_KI), our team, alongside project partners, is developing a self-learning monitoring system tailored for critical infrastructures. Our aim is to identify and analyze threats and their specific impacts on these infrastructures at an early stage. Leveraging artificial intelligence (AI) algorithms, our system monitors the data and network traffic of technical process plants.
My Latest Scientific works.
Journals:
-
Investigating the Security of OpenPLC: Vulnerabilities, Attacks, and Mitigation Solutions
-
Security of Programmable Logic Controllers and Related Systems: Today and Tomorrow
-
A Flashback on Control Logic Injection Attacks against Programmable Logic Controllers
-
A New Injection Threat on S7-1500 PLCs - Disrupting the Physical Process Offline
Conference:
-
Good Night, and Good Luck: A Control Logic Injection Attack on OpenPLC
-
You Are What You Attack: Breaking the Cryptographically Protected S7 Protocol
-
A Stealthy False Command Injection Attack on Modbus based SCADA Systems
-
No Need to be Online to Attack - Exploiting S7-1500 PLCs by Time-Of-Day Block
-
A Control Injection Attack against S7 PLCs -Manipulating the Decompiled Code
-
A Fully-Blind False Data Injection on PROFINET I/O Systems
-
Patch Now and Attack Later - Exploiting S7 PLCs by Time-Of-Day Block
-
A Stealth Program Injection Attack against S7-300 PLCs
Book Chapters:
Experience
March 2024 - present
Senior Scientist
Consulting services focusing on IoT and IIoT security challenges.
Mar. 2018 - Mar. 2024
Scientist
Investigating security issues in IIoT, IoT, ICS, SCADA and PLC based systems
July 2017 - March 2018
Research Assistant
Performing comprehensive penetration tests to PLCs and SCADA systems.
Apr. 2013 - aug. 2015
Research Assistant
Performing comprehensive penetration tests to ICS systems.
CONTACT ME
Please feel free to contact me if you have any questions or would like to discuss a potential collaboration.