PLC Security


Programmable logic controllers, also known as PLCs. While connectivity within a facility brings significant benefits in terms of efficiency, reliability and even safety, it increases vulnerabilities. Scroll down to find more about PLC Securities with Baseel.


Get Started

PLC Security

As security concerns remain in many professional spaces including the factory automation space, becoming up-to-speed with the different types of PLC Security is imperative. By creating and implementing an effective strategy to remain secure, you will likely avoid issues, downtime, and setbacks. Baseel offers PLC Security in these specified areas as follows :

  • PLC Cybersecurity
  • PLC Physical Security

  • Overview

    Programmable logic controllers, also known as PLCs, initially came about in the late 1960s. PLCs were designed to replace relay-based machine control systems in the major U.S. vehicle manufacturing space. The relay-based control systems were considered hard to use and were disliked amongst those in the automation and manufacturing in.
    PLCs are user-friendly microprocessor-based specialty computers that carry out control functions, many of which are of high levels of complexity. They are engineered to endure harsh and strenuous situations such as in heated, cooled and even moist environments. Used for automation usually in the industrial electromechanical space, PLCs are computers that deal with the controlling of machinery, often on the following:

  • Factory assembly lines
  • Power stations
  • Distribution systems
  • Power generation systems
  • Gas turbines

    PLCs are programmed using a computer language. Written on a computer, the program is then downloaded to the PLC via a cable. These programs are stored in the PLCs memory. The hard-wired logic is exchanged for the program fed by its user during the transition between relay controls to PLC. The manufacturing and process control industries have gotten to take advantage of PLC applications-oriented software since Modicon PLCs inception.



  • PLC Functions and Directions

    PLCs use programmable memory in order to store particular functions and directions. Some functions and directions would include:

  • On control
  • Off control
  • Timing
  • Sequencing
  • Counting
  • Arithmetic
  • Data manipulation


    PLC Types

    Understanding the different types of PLCs will be very helpful when looking into PLC security. The numerous types of PLCs can be organized into three principal categories:

  • Advanced PLC : Advanced PLCs offer the greatest processing power out of all of the PLC types. They feature a larger memory capacity, higher input/output (I/O) expandability, and greater networking options.
  • Compact Controller : Logic Controllers are increased intermediate level offerings with an increased set of instructions and a greater input/output (I/O) than a run-of-the-mill logic controller.
  • Logic Controller : A logic controller is often referred to as a ‘smart relay’. They are generally straightforward to use and considered a good place to begin when becoming acquainted with PLCs. They are cost-effective for low input/output (I/O), slower speed applications.



  • Security Factors considered at Baseel :

    • Although it may not actually be connected to the internet, a control system is unsafe. Contrary to popular belief, a modem connection could also experience intrusion and a hack.
    • Wireless networks, laptop computers, and trusted vendor connections could be other sources of connections in which people are likely to overlook.
    • Majority of IT departments are unaware of factory automation equipment, including CNCs, CPUs, PCBs, robotics parts and, last but not least, PLCs.
    • Piggybacking off of the last point, IT departments’ lack of experience with the aforementioned equipment, along with their lack of experience with industrial standards and scalable processes indicate that they should not be in-charge and responsible for a company’s PLC security.
    • Hackers do not necessarily need to understand PLC or SCADA to block PC-to-PLC communication. They absolutely do not need to understand a PLC or SCADA system to cause operational or programming issues.
    • Often times, control systems, including ones that many PLCs integrate with, use Microsoft Windows, which is very popular amongst hackers. Some PLCs crash simply by pinging an IP address.


    Understanding Issues with Security

    In order to create and implement training and procedures for staff, you must understand how issues with security occur. Not all cybersecurity attacks occur from external hackers or scammers. Almost always caused by software issues, device issues, and malware infections, cybersecurity seems straight-forward initially, until you dig into those fine, often overlooked details.

    As many in the automation space may know, PLC cybersecurity wasn’t a thing a decade ago. These days, PLCs are connected to business systems through any run-of-the-mill network and aren’t separated from other networks that other automation equipment may also be on. As time goes on, it’s becoming more and more common to see TCP/IP networking from a business system standpoint by connecting via TCP/IP, data exchange, as well as more rational and scalable business decisions.

    In conclusion, when a security breach occurs, regardless of the specifics, understanding that time is of the essence will help smooth over most incidents. Trusting who has access to a control systems environment and thumb drive is crucial. If someone has access to the control system environment and thumb drive, ensure they’re well-qualified and up-to-speed with their team and/or company.


    Baseel Limited

    Insight >> Integrity >> Impact >>