IT security with Modbus
Different vendors often provide equipment with Modbus for connection to the DCS system, and at the same time provide ethernet/GSM or others for remote access.
Modbus by itself have no build in security. Are there any IT security measures build in using Modbus RTU on the AC800M COM3 port or on the CI853 ports? Any settings for restrictions, authentification, username/passwords, etc?
Voted best answer
No. Modbus RTU is fundamentaly an "unsecured" protocol. However, that doesnt mean its unsafe. The protocol is relatively simple and the modbus drivers should be quite secure. Buffer overrun attacks are very unlikely and most Modbus RTU links are simple point to point connections over an RS232 cable.
The biggest risk you face is that someone creates an attack that CORRECTLY uses the registers you programmed in the PLC but instead makes the PLC do something you didnt intend. This means that the comms messages that the PLC received over modbus were all absolutely valid. Hence there is no way for the PLC itself to "protect" you from that attack.
Your protection MUST be on the devices that are connected to the PLC. That means you have to protect the SCADA, GSM modems and HMI from attack. By the time an attacker gets to the Modbus serial port its too late. The PLC cant protect you.