#1 PLC Best Practices – Split PLC Code into Modules

#1 PLC Best Practices - Split PLC code into modules, using different function blocks (sub-routines). Test program modules independently.

Editorial Staff
PLC Tutorials
No Comments
3 Min Read

PLC best practices – Split PLC code into modules, using different function blocks (sub-routines). Test modules independently.

Contents
Security ObjectiveTarget Group
The integrity of PLC logicProduct Supplier

Split PLC Code into Modules

Do not program the complete PLC logic in one place e.g., in the main Organization Block or main routine. Instead, split it into different function blocks (sub-routines) and monitor their execution time and their size in Kb.

Create separate segments for logic that functions independently. This helps in input validation, access control management, integrity verification, etc.

Modularized code also facilitates testing and keeping track of the integrity of code modules. If the code inside the module has been meticulously tested, any modifications to these modules can be verified against the hash of the original code, e.g., by saving a hash of each of these modules (when that’s an option in the PLC).

This way, modules can be validated during the FAT/SAT or if the integrity of the code is in question after an incident.

PLC Best Practices

Example

Gas Turbine logic is segregated into “startup”, “Inlet Guide Vanes Control”, “Bleed Valve Control” etc. so that you can apply standard logic systematically. This also helps in troubleshooting quickly if there were to be a security incident.

Custom function blocks that are tested rigorously can be re-used without alteration (and alerted if change attempts are made) and locked against abuse/misuse with a password/digital signature.

Why?

Beneficial for…?Why?
  SecurityFacilitates the detection of newly added portions of code that could be malicious.  Helps in logic standardization, consistency, and locking against unauthorized modifications.
  ReliabilityHelps control the program flow sequence and avoid loops, which could cause the logic to not react properly or crash.
      MaintenanceModular code is not only easier to debug (modules can be tested independently) but also easier to maintain and update.

Also, the modules may be used for additional PLCs, thus allowing for common code to be used and identified in separate PLCs.

This can aid maintenance personnel with quickly recognizing common modules during troubleshooting.

References

Standard/framework
Standard/frameworkMapping
  MITRE ATT&CK for ICSTactic: TA002 – Execution Technique:  T0844 – Program Organization Units
ISA 62443-3-3SR 3.4: Software and information integrity
ISA 62443-4-2CR 3.4: Software and information integrity
ISA 62443-4-1SI-2: Secure coding standards
  MITRE CWECWE-1120: Excessive Code Complexity
CWE-653: Insufficient Compartmentalization

Source: PLC Security

Don't Miss Our Updates
Be the first to get exclusive content straight to your email.
We promise not to spam you. You can unsubscribe at any time.
Invalid email address

Continue Reading

What are Functions in PLC Programming? (FCs)
Case Statement in SCL Language
Structured Text PLC Code for Sequential Process Data Storage
VFD Pros and Cons – Variable Frequency Drives
Rockwell PLCs for Large Scale Applications
Siemens S7 300 and STEP 7 PLC program using SIMATIC Software
Share This Article
Leave a Comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Stay Connected

Categories

Explore More

PLC FBD Programming for Burglar Alarm Security System
How to use JUMP Instruction in PLC Ladder Logic?
Introduction to Functional Block Diagram in Studio 5000
Top Non-PLC Certification Courses for Automation Professionals
Procedure for Reading or Searching the Tag number in Siemens PLC
Laws of Boolean Algebra using Ladder Logic
Top 100+ SCADA Questions
Using Clock Memory Bits in TIA Portal – Siemens PLC

Keep Learning

Learn More