#6 PLC Best Practices – Validate Timers and Counters

If timers and counters values are written to the PLC program, they should be validated by the programmable logic controller.

Editorial Staff
PLC Tutorials
No Comments
3 Min Read

If timers and counters values are written to the PLC program, they should be validated by the PLC for reasonableness and verify backward counts below zero.

Contents
Security ObjectiveTarget Group
  The integrity of PLC variablesIntegration / Maintenance Service Provider Asset Owner

Validate Timers and Counters

Timers and counters can technically be preset to any value. Therefore, the valid range to preset a timer or counter needs should be restricted to meet the operational requirements.

If remote devices such as an HMI write timer or counter values to a program:

  • do not let the HMI write to the timer or counter directly but go through a validation logic
  • validate presets and timeout values in the PLC

Validation of timer and counter inputs is easy to directly do in the PLC (without the need for any network device capable of Deep Packet Inspection) since the PLC “knows” what the process state or context is. It can validate “what’ it gets and “when” it gets the commands or setpoints.

PLC ON DELAY TIMER FUNCTION

Example

During PLC startup, timers and counters are usually preset to certain values.

If there is a timer that triggers alarms at 1.3 seconds, but that timer is preset maliciously to 5 minutes, it might not trigger the alarm.

If there is a counter that causes a process to stop when it reaches 10,000 but that is set it to 11,000 from the beginning, the process might not stop.

Why?

Beneficial for…?Why?
  SecurityIf I/O, timers, or presets are written directly to I/O, not being validated by the PLC, the PLC validation layer is evaded and the HMI (or other network devices) are assigned an unwarranted level of trust.
  ReliabilityThe PLC can also validate when an operator accidentally presets bad timer or counter values.
  MaintenanceHaving valid ranges for timers and counters documented and automatically validated may help when updating logic.

References

Standard/frameworkMapping
  MITRE ATT&CK for ICSTactic: TA010 – Impair Process Control
Technique:  T0836 – Modify Parameter
ISA 62443-3-3SR 3.5: Input Validation
ISA 62443-4-2CR 3.5: Input Validation
  ISA 62443-4-1SI-2: Secure coding standards
SVV-1: Security requirements testing

Source: PLC Security

Don't Miss Our Updates
Be the first to get exclusive content straight to your email.
We promise not to spam you. You can unsubscribe at any time.
Invalid email address

Continue Reading

PLC Programming Example with Pushbutton and Motor
1 to 8 Demultiplexer PLC ladder diagram
High-end Programmable Logic Controller – Schneider PLC
What is Distributed IO? – Decentralized Peripherals in PLC
PLC Programming Best Practices and Tips
PLC Programming Example on LED Control
Share This Article
Leave a Comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Stay Connected

Categories

Explore More

Car Wash Program using Functional Block Diagram (PLC)
Timers using Statement List (STL) PLC Programming
PLC Structured Text Program for Output Generation via Equations
PLC Automatic Irrigation System
Contacts and Coils in PLC Ladder Logic
DP Master System Configuration in PLC
How to Detect Speed of Conveyor in PLC?
Tanks Draining Control in PLC using Functional Block Diagram
Tools Required for PLC Programmer to Carry at Site
Automatic Packing of Bottles Programming

Keep Learning

Discover More