FAIL (the browser should render some flash content, not this).
About UsSolutionsClientsServicesResearchContacts
C4 is committed to SCADA security research in order to preserve the high level of its' experts skills, while contributing to the safety of critical systems.
Our research is focused on common control software and hardware (RTU/PLC) which is the heart of any critical national infrastructure. We aim to identify and exploit new vulnerabilities in the control software, communication protocols and peripheral connections.

Research articles:
Rockwell Automation (Allen Bradley) Multiple Vulnerabilities

Multiple vulnerabilities allowan attacker to gain full control over any Micrologix 1100 and 1400 RTU. For additional details, click here.


OSISoft PI Server Vulnerability

A vulnerability in the authentication process of PI Server allows an attacker to compromise the login credentials for the server. For additional details, click here.


AREVA e-terrahabitat  Multiple Vulnerabilities

Multiple vulnerabilities which may lead to denial of service of the SCADA system or unauthorized access were found in AREVA e-terrahabitat. For additional details, click here.


ABB PCU400 Vulnerability

A buffer overflow which allows an attacker to compromise the ABB PCU400 FEP (Communication server) was identified, and an exploit was successfully implemented. For additional details, click here.


GE Fanuc Cimplicity Vulnerability

A heap overflow which allows an attacker to compromise the control center server and operator workstations was identified, and an exploit was successfully implemented. For additional details, click here.


Proficy Information Portal Vulnerability
An application level vulnerability allows an attacker to upload and execute his code on GE-Fanuc's reporting server, which commonly connects the control and corporate networks. For additional details, click here.


Conferences and Brochures:
Smart Grid Security Whitepaper
The Dark Side of the Smart Grid - Smart Meters (in)Security
SCADA Security Scientific Symposium (S4) Whitepaper
Control System Attack Vectors and Examples: Field Site and Corporate Network
SyScan08 Presentation
SCADA Security - Generic Electric Grid Malware Design
Homeland Security
Services for the SCADA/Military market