[?]: Reverse Engineering SIMATIC

SIMATIC S7-200/300/400, Step7, PCS7, CFC, SFC, PDM, PLCSIM,
SCL, Graph, SPS-VISU S5/S7, IBHsoftec, LOGO ...
Post Reply
sanruku
Posts: 66
Joined: Tue May 12, 2009 9:50 am

[?]: Reverse Engineering SIMATIC

Post by sanruku » Wed Oct 13, 2010 10:08 am

Hi

I started playing with libnodave in order to reverse engineer simatic.
I have managed to get microcode of a 313C CPU (almost all instructions - except jumps).

Anyone else has experience on disassembling/reversing & would like to give a hint as to how to proceed? (methodology etc.?)
Has anyone else tried anything similar?
I am not able to get my hands on other CPUs, so I'm a bit limited on that, but my focus is on S7-300(maybe 400 too).
Maybe get a shot on S7-1200 as well, depending on how S7-300 is progressing.

Here are some screenshots of a _very_basic_ program I did in C# in order to assist me in the task. It is using libnodave library.

Image
Image

If anyone has any ideas, proposals, let me know what do you think.

CoMod
Site Admin
Posts: 3969
Joined: Thu Feb 16, 2006 3:25 pm
Location: Russia
Contact:

Re: [?]: Reverse Engineering SIMATIC

Post by CoMod » Wed Oct 13, 2010 10:42 am



Post Reply