Inst ToolsInst ToolsInst Tools
  • Courses
  • Automation
    • PLC
    • Control System
    • Safety System
    • Communication
    • Fire & Gas System
  • Instrumentation
    • Design
    • Pressure
    • Temperature
    • Flow
    • Level
    • Vibration
    • Analyzer
    • Control Valve
    • Switch
    • Calibration
    • Erection & Commissioning
  • Interview
    • Instrumentation
    • Electrical
    • Electronics
    • Practical
  • Q&A
    • Instrumentation
    • Control System
    • Electrical
    • Electronics
    • Analog Electronics
    • Digital Electronics
    • Power Electronics
    • Microprocessor
  • Request
Search
  • Books
  • Software
  • Projects
  • Process
  • Tools
  • Basics
  • Formula
  • Power Plant
  • Root Cause Analysis
  • Electrical Basics
  • Animation
  • Standards
  • 4-20 mA Course
  • Siemens PLC Course
Reading: #13 PLC Best Practices – Disable Unused Communication Ports
Share
Font ResizerAa
Inst ToolsInst Tools
Font ResizerAa
  • Courses
  • Design
  • PLC
  • Interview
  • Control System
Search
  • Courses
  • Automation
    • PLC
    • Control System
    • Safety System
    • Communication
    • Fire & Gas System
  • Instrumentation
    • Design
    • Pressure
    • Temperature
    • Flow
    • Level
    • Vibration
    • Analyzer
    • Control Valve
    • Switch
    • Calibration
    • Erection & Commissioning
  • Interview
    • Instrumentation
    • Electrical
    • Electronics
    • Practical
  • Q&A
    • Instrumentation
    • Control System
    • Electrical
    • Electronics
    • Analog Electronics
    • Digital Electronics
    • Power Electronics
    • Microprocessor
  • Request
Follow US
All rights reserved. Reproduction in whole or in part without written permission is prohibited.
Inst Tools > Blog > PLC Tutorials > #13 PLC Best Practices – Disable Unused Communication Ports

#13 PLC Best Practices – Disable Unused Communication Ports

Disable unused communication ports and protocols that are not required in PLC controllers and network interface modules.

Last updated: September 22, 2021 7:44 am
Editorial Staff
PLC Tutorials
No Comments
Share
3 Min Read
SHARE

PLC controllers and network interface modules generally support multiple communication protocols that are enabled by default. Disable ports and protocols that are not required for the application.

Contents
Disable Unused Communication Ports in PLCExample
Security ObjectiveTarget Group
HardeningIntegration / Maintenance Service Provider

Disable Unused Communication Ports in PLC

Common protocols usually enabled by default are e.g., HTTP, HTTPS, SNMP, Telnet, FTP, MODBUS, PROFIBUS, EtherNet/IP, ICMP, etc.

The best practice is to develop a data flow diagram that depicts the required communications between the PLC and other components in the system.

The data flow diagram should show both the physical ports on the PLC as well as the logical networks they are connected to. For each physical port, a list of required network protocols should be identified and all others disabled.

memory types in siemens plc

Example

For example, many PLCs include an embedded web server for maintenance and troubleshooting. If this feature will not be used, if possible, it should be disabled as this could be an attack vector.

Why?

Beneficial for…?Why?
  SecurityEvery enabled port and protocol adds to the PLC’s potential attack surface. The easiest way to make sure an attacker can’t use them for unauthorized communication is to disable them altogether.
    ReliabilityIf a PLC cannot communicate via a certain port or protocol, this also reduces the potential amount of (malformed) traffic, be it malicious or not, which decreases the chances of the PLC crashing because of unintended/malformed communication packages.
  MaintenanceDisabling unused ports and protocols also facilitate maintenance, because it reduces the PLC’s overall complexity. What’s not there does not need to be administrated or updated.

References

Standard/frameworkMapping
MITRE ATT&CK for ICSTactic:  TA005 – Discovery
Technique:  T0808 – Control Device Identification,  T0841 – Network Service Scanning,  T0854 – Serial Connection Enumeration
ISA 62443-3-3SR 7.6: Network and security configuration settings
SR 7.7: Least functionality
ISA 62443-4-2EDR 2.13: Use of physical diagnostic and test interfaces
ISA 62443-4-1SD-4: Secure design best practices
SI-1: Security implementation review
SVV-1: Security requirements testing

Source: PLC Security

Don't Miss Our Updates
Be the first to get exclusive content straight to your email.
We promise not to spam you. You can unsubscribe at any time.
Invalid email address
You've successfully subscribed !

Continue Reading

Attendance System PLC Program using CX-Programmer
Basic Pumping System Application Used in Industrial Automation
How to Download EcoStruxure Machine Expert? Schneider PLC Software
PLC FBD Example for Tank Liquid Heating Control by Steam Flow
Node-RED in PLC Industrial Automation
100 PLC Quiz Questions : True or False
Share This Article
Facebook Whatsapp Whatsapp LinkedIn Copy Link
Share
Leave a Comment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Stay Connected

128.3kFollowersLike
69.1kFollowersFollow
210kSubscribersSubscribe
38kFollowersFollow

Categories

Explore More

Relay Operation, Types, Symbols & Characteristics
PLC SCADA Engineers Interview Questions and Answers
#9 PLC Best Practices – Validate indirections
Scheduled Daily Plant Watering PLC Program
Communication between Factory IO and Siemens Tia Portal
How to Configure IP Address in Rockwell PLC?
How to use Simulator in Siemens PLC?
PLC Timers Program

Keep Learning

Encode and Decode Instructions

How to Use Encode and Decode Instructions in PLC ?

PLC Ladder Diagram program

Contacts and Coils in PLC Ladder Logic

Use of Regions in SCL Language

Use of Regions in SCL Language

PLC Programming Examples using Timer

Basic PLC Ladder Programming Example

factorytalk view studio hmi

How to Create Templates in FactoryTalk View Studio?

4 TO 20 MA ANALOG CURRENT SIGNALS

Basics of 4 to 20 mA analog Signals

Start Stop of one Motor from same Push button PLC program

Start Stop of one Motor from the same Push button PLC program

PLC Interview Questions and Answers

PLC Interview Questions and Answers

Learn More

Quartzoid Bulb Detector Working Principle

Fire Water Sprinklers Working Principle

Smart Transmitter Calibration Tutorial

Smart Transmitter Calibration Tutorial Part 1

RTD lead resistances Wiring

Resistance Temperature Detectors Working Principle

PLC Programming Example on Multi-Motor Control for Beginners

PLC Programming Example on Multi-Motor Control for Beginners

Interview Questions and Answers

Temperature Sensors Questions & Answers

Silicon Carbide Lightning Arresters Working Principle

Components of CCTV System

Free Download CCTV Book

Safety Requirement Specifications (SRS) - Safety Instrumented System

Safety Requirement Specifications (SRS) – Safety Instrumented System

Menu

  • About
  • Privacy Policy
  • Copyright

Quick Links

  • Learn PLC
  • Helping Hand
  • Part Time Job

YouTube Subscribe

Follow US
All rights reserved. Reproduction in whole or in part without written permission is prohibited.
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?