#6 PLC Best Practices – Validate Timers and Counters

If timers and counters values are written to the PLC program, they should be validated by the programmable logic controller.

Editorial Staff
PLC Tutorials
No Comments
3 Min Read

If timers and counters values are written to the PLC program, they should be validated by the PLC for reasonableness and verify backward counts below zero.

Contents
Security ObjectiveTarget Group
  The integrity of PLC variablesIntegration / Maintenance Service Provider Asset Owner

Validate Timers and Counters

Timers and counters can technically be preset to any value. Therefore, the valid range to preset a timer or counter needs should be restricted to meet the operational requirements.

If remote devices such as an HMI write timer or counter values to a program:

  • do not let the HMI write to the timer or counter directly but go through a validation logic
  • validate presets and timeout values in the PLC

Validation of timer and counter inputs is easy to directly do in the PLC (without the need for any network device capable of Deep Packet Inspection) since the PLC “knows” what the process state or context is. It can validate “what’ it gets and “when” it gets the commands or setpoints.

PLC ON DELAY TIMER FUNCTION

Example

During PLC startup, timers and counters are usually preset to certain values.

If there is a timer that triggers alarms at 1.3 seconds, but that timer is preset maliciously to 5 minutes, it might not trigger the alarm.

If there is a counter that causes a process to stop when it reaches 10,000 but that is set it to 11,000 from the beginning, the process might not stop.

Why?

Beneficial for…?Why?
  SecurityIf I/O, timers, or presets are written directly to I/O, not being validated by the PLC, the PLC validation layer is evaded and the HMI (or other network devices) are assigned an unwarranted level of trust.
  ReliabilityThe PLC can also validate when an operator accidentally presets bad timer or counter values.
  MaintenanceHaving valid ranges for timers and counters documented and automatically validated may help when updating logic.

References

Standard/frameworkMapping
  MITRE ATT&CK for ICSTactic: TA010 – Impair Process Control
Technique:  T0836 – Modify Parameter
ISA 62443-3-3SR 3.5: Input Validation
ISA 62443-4-2CR 3.5: Input Validation
  ISA 62443-4-1SI-2: Secure coding standards
SVV-1: Security requirements testing

Source: PLC Security

Don't Miss Our Updates
Be the first to get exclusive content straight to your email.
We promise not to spam you. You can unsubscribe at any time.
Invalid email address

Continue Reading

Example of Flip-Flop PLC Program for Lamps Application
Troubleshoot the Status of a PLC Via CPU Indicators
Schneider PLC Programming Example for Beginners
Timer during Motor Direction Change PLC Program
PLC Counters Program
Toggle Switch & Sensor: Conveyor and Puncher PLC Program
Share This Article
Leave a Comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Stay Connected

Categories

Explore More

Normally-Closed Contacts for Stop Buttons
Procedure for Siemens S7-300 Download from PC to PLC
Mail Box Automation: Programming with Schneider PLC
What is a Dry Contact? – Basics of PLC Wiring
How to Download EcoStruxure Machine Expert? Schneider PLC Software
SCADA and HMI Systems – Differences, Similarities, Purpose
Top 5 Advantages of Human-Machine Interface (HMI)
PLC to PLC Communication using S7 Connection PUT & GET Instructions

Keep Learning

Learn More