Protection against physical access
Protection against physical access is an important requirement for OT devices (component). Attackers may access the hardware and try to manipulate the firmware, configuration, or applications.
IEC 62443 describes major attack vectors, like:
- non-operational
- transferring the component from the manufacturer to the system integrator
- transferring the component installed to the asset owner in a cabinet together with the machine
- storing the component on stock
- commissioning/maintenance
- accessing the component by the service personal
- operational
- recognize physical access to the component during running
Even if PLCnext Control devices provide already several tampering protection mechanisms, the potential physical access needs to be supervised by the system integrator, the service provider, and the asset owner. This is done by using additional organizational measures defined in their Information Security Management System (ISMS). Such measures are for example described in IEC 62443-2-4 and IEC 62443-3-3, as well as in ISO IEC 27001.
Risk of unauthorized access to devices
The safety controller RFC 4072S has a touch screen display and is used with an external SD card. This makes unencrypted information available. To prevent damage, data corruption, loss of data, or misuse of data due to authorized access, make sure that only authorized access is possible.
- Protect the interfaces by installing the devices in a control cabinet.
- Secure the control cabinet with a lock.
- Make sure that only authorized persons have access to the control cabinet key.
- Run cables in such a way that they are protected against unauthorized access.
PLCnext Control devices provide security measures to support organizational measures by:
- Security seals (security void) to protect the housing as well as indicating opening attempts.
- CabinetDoorState library providing the possibility to generate security notifications based on lockable, supervised cabinets.
- Disabled communication on external interfaces, e.g. SD card slot, USB connector
Security seals
In order to prevent manipulation of the device supplied and to detect unauthorized opening of the device, security seals have been applied to the controller. These security seals are damaged in the event of unauthorized opening. In this case, correct operation of the controller can no longer be ensured.
For more information, refer to the corresponding topic of the controller (e. g. AXC F 2152 ).
Cabinet supervision
To protect the PLCnext Control during operation, commissioning, and maintenance an example application and library can be installed via the app "IEC 62443 Cabinet Supervision" in the PLCnext Store. It contains the CDS_SendNotification
function block which can be connected to one or more cabinet supervision contacts. If the status of the cabinet door supervision contacts is changed, the function block is generating security notifications which may indicate an unauthorized access.
To supervise the control cabinet door, add the CDS_SendNotification
function block into your program, connect it with the cabinet supervision contact, setup the notification text according to your organizational measures, and you will be notified about every action at the cabinet's door.
From the app "IEC 62443 Cabinet Supervision" you must install the function block libraries CDS_Security
and RSC_Notifications
.
To use theCDS_SendNotification
function block, proceed as follows:
- Open your project in the PLCnext Engineer. show moreshow more
For further information on PLCnext Engineer, refer to the PLCnext Engineer Quick Start Guide in the main PLCnext Info Center. Starting with release 2022.0 LTS, the PLCnext Engineer embedded help is also online available.
- From the Libraries section of the COMPONENTS area, insert the
RSC_Notifications
function block example into your program.
- Instantiate one function block per cabinet door to be supervised.
- Assign inputs and outputs of the function blocks.
Note: The default setting of the IN ports is NC (normally closed
). If you use an NO contact (normally open
), you must adjust the string accordingly.
- Save and transfer your project to the controller.
Now you will receive messages about the status of your control cabinet via the Web-based Management (WBM) on your PLCnext Control:
In the Notification area at the bottom you will see the following notification:
For more information on how to work with function blocks in PLCnext Engineer, see the Quick Start Guide section of the main PLCnext Info Center, or refer to the respective section in the PLCnext Engineer Help which is online available.
For more information on how to use the function blocks, see the app documentation on the app's details page in the PLCnext Store.
Disabled communication on external interfaces
The housing of PLCnext Control AXC F 1152, AXC F 2152, and AXC F 3152 provides two major external interfaces:
- Mini USB port
The mini USB port is switched off by the firmware and cannot be accessed. - External SD card slot
The communication with the SD card slot is deactivated by the Security Profile.
It might be enabled in the Web-based Management after risk assessment, but only using a special SD card supporting encryption (Phoenix Contact item no. 1151112 or item no. 1151111). That feature will only be supported by upcoming firmware versions.
• Published/reviewed: 2023-11-02 • Revision 011 •