We wanted to provide a solution to the authentication problem of sending commands to PLC units. A bonus inspiration was to prevent denial of services.
What it does
Our solution is able to authenticate all users that are sending commands to the PLC units by offering a VPN service that authenticates computers with certificates and then authenticating the user with a password.
How we built it
We built it using a raspberry-pi that hosts an OpenVPN server.
Challenges we ran into
We ran into a plethora of challenges. The first challenge was figuring out what a Hackathon was. The second challenge was figuring out what project we wanted to work on since they all sounded interesting but we wanted to keep the scope reasonable. The third challenge that we faced was trying to solve the issue that was presented to us in a unique and fun way that kept our attention throughout the process while incorporating as much new technology, at least to us, as we could so that we widened our horizons even more. The fourth challenge was setting up a raspberry-pi which we had never attempted before. The last challenge was setting up OpenVPN. We have used OpenVPN before and we know what we are trying to achieve is possible but we ran into routing issues with our existing hardware and were unable to resolve this issue.
Accomplishments that we're proud of
We are proud of the design that we came up with since it allows for the most coverage of the Industrial Control System without having the potential of legitimate commands be blocked by an Intrusion Prevention System.
What we learned
We learned a lot about industrial control systems from the NARI representatives. We also learned how to not setup OpenVPN a lot of different ways.
What's next for Just Add a VPN