Explore a deep dive investigation into the bootloader and ADONIS Operating System of Siemens S7 PLCs in this conference talk from the 36th Chaos Communication Congress. Uncover the undocumented "special access feature" in the Siemens S7-1200 PLC bootloader, which can be exploited for arbitrary code execution and memory dumping. Learn about the security implications of this feature and its potential for both malicious attacks and forensic analysis. Gain insights into the hardware architecture, firmware update process, and security measures of Siemens PLCs. Examine the ADONIS RTOS components, CoreSight debugging technology, and the intricacies of the firmware boot process. Witness a demonstration of the findings and discuss potential methods for injecting custom code into the firmware. Delve into the world of industrial automation security and explore the complexities of protecting critical infrastructure components.