Securing programmable logic controllers (PLCs) was earlier not considered a priority; these components are built to run in isolation and in an air-gapped environment. This is no longer the case in many circumstances, due to the increase in real-time and remote data collection, as well as the increase in remote monitoring and efficient maintenance.
Some PLCs are even exposed to the Internet. Since the Ukraine power-grid attack, it has become clear that no system is resilient to cyber attack and that PLCs could be targeted. Currently, the following types of PLC attacks are of concern to the industry: remote-access attacks on Internet-facing PLCs; PLC worms; payload sabotage attacks; and PLC rootkits.
Our sister website ControlDesign.com explores how PLCs are hacked and the necessity for built-in security protection.