Hello PLC enthusiasts, consider this scenario: Imagine the PLC is connected to the same network as the facility's network. If someone were to access the network and maliciously alter the online parameters and values, it could cause disruptions to the facility's operations. When the Automation engineer goes online with the PLC to investigate, they may not immediately notice any changes in hardware or software. However, restarting the PLC would reset the online values to their original state. Despite this, the engineer would still be unable to determine who made the unauthorized changes and when they occurred. This can lead to confusion and frustration as the engineer tries to identify the source of the problem. Is there a feature in Siemens systems that tracks and logs who accesses the PLC online, including their MAC address, IP address, and the date of access? To my knowledge, such a feature does not exist. Similarly, is there a feature that logs code changes made by users? If not, are there third-party software solutions available for this purpose? Instead of discussing password protection in TIA, I am seeking a solution that safeguards against unauthorized changes even by individuals with the correct password. While this may seem unlikely, it is important to be prepared for any potential security threats as the saying goes, "If it can happen, it will happen!"
By implementing password protection on the Programmable Logic Controller (PLC), access is limited to a select group of individuals. Identifying the culprit becomes easier when only a few people have the knowledge and skills to program a PLC, navigate the Integrated Development Environment (IDE), and understand what changes could disrupt operations.
When utilizing Multiuser Engineering/Project Server, all checked-in changes to the program, along with the user's information (such as their username and computer name), are logged. In multiuser commissioning mode, changes are automatically checked in before each download, preventing unauthorized modifications. However, if the deceptive individual is also an admin on the project server, this security measure may not be as effective. While code changes are monitored, alterations to tag values are not covered. With the introduction of user access controls in PLCs starting from V18 with the V3 FW, specific permissions can be assigned to individual users like Frank, Joe, and Bob instead of using a generic access password. Every login attempt, successful or not, is recorded in the diagnostic buffer, although the username is not included. However, the IP address is logged, which can aid in identifying suspicious activity. Although a tech-savvy individual could modify their IP address to avoid detection, having this information is still beneficial. Surprisingly, the PLC does not have a diagnostic buffer entry for program downloads. At the very least, it should indicate that a download has occurred, even if it doesn't specify who initiated it. The Audit option in the HMI can be used to track user-made changes to tag values and setpoints, but there is no mechanism in place in the PLC to monitor all variations in tag values requested by HMIs or users. Given the increasing focus on security, an in-PLC audit log for tracking changes seems like a feature that many would find valuable. However, implementing this functionality may require a significant amount of memory and could potentially be offloaded to a syslog server to manage the data efficiently.
You've touched on a crucial point! Indeed, it's paramount to track who accesses PLCs and when, particularly in high-security facilities. Unfortunately, Siemens PLCs do not inherently feature per-user login or access tracking. Nonetheless, Siemens does offer SIMATIC Logon, which provides user and password management, although it doesn't track the specifics of each userβs actions. On the bright side, several third-party solutions - such as versiondog, MDT AutoSave, or VersionWorks - go beyond this, offering detailed audit trails that include unique user identification, timestamps, and details of code changes. These tools can prove indispensable for maintaining both security and efficient troubleshooting in your facility. Always remember, protecting the PLC is about both robust user management and being able to review past actions effectively. I hope this helps!
You bring up a critical point about the security of PLCs in networked environments. While Siemens TIA Portal does support user management and change tracking to some extent, it often lacks robust logging features that track specific user actions like unauthorized access history or detailed code changes. Implementing a solution like a network monitoring tool could help, as it can log incoming connections with IP and MAC addresses. Additionally, consider exploring dedicated industrial security software that offers real-time monitoring and auditing capabilities; solutions like these can provide a more comprehensive layer of security and help pinpoint changes or access attempts. It's definitely a proactive step to enhance security in our increasingly connected industrial systems!
β Work Order Management
β Asset Tracking
β Preventive Maintenance
β Inspection Report
We have received your information. We will share Schedule Demo details on your Mail Id.
Answer: Answer: No, there is no built-in feature in Siemens systems that tracks and logs who accesses the PLC online, their MAC address, IP address, or the date of access, or logs code changes made by users.
Answer: Answer: While password protection in TIA Portal V17 is essential, additional security measures are needed to safeguard against unauthorized changes. Consider exploring third-party software solutions that can help track and log changes made to the PLC system.
Answer: Answer: If unauthorized changes are detected, consider restarting the PLC to reset values to their original state. To identify the source of the changes, explore third-party software solutions that can log and track access to the PLC, including MAC addresses, IP addresses, and timestamps.
Join hundreds of satisfied customers who have transformed their maintenance processes.
Sign up today and start optimizing your workflow.