Account management Operating a PLCnext Control in a security context includes the following steps regarding account management: Creating users Password complexity rules Checking the validity of passwords Configuring authentication errors and sessions Configuring Active Directory Connection • Published/reviewed: 2024-12-09 • Revision 015 • … Read More
Checking the validity of passwords Changing the default password After the admin has created a user account with password, you must change the default password. If you do not change the default password, you will receive appropriate warnings. Password expiration If a password is about… Read More
Checking project data integrity Libraries and projects in PLCnext Engineer are hashed. The hashes assigned with PLCnext Engineer are checked by PLCnext Control. This way you can verify that data is not modified, tampered with, or corrupted. When creating the project in PLCnext Engineer, a manifest file with hashes is generated. Before the project is loaded… Read More
Configuring PLCnext Engineer For information on how to use PLCnext Engineer or how to create a project, refer to the Getting started with PLCnext Engineer topic in the main PLCnext Technology ‑ Info Center. Open PLCnext Engineer. Open the project that you want to transfer to the PLCnext Control. Note: You may need to assign the correct IP… Read More
Configuring extended firewall settings See also the Configuring basic firewall settings topic. For basic firewall configuration information, refer to the Firewall WBM topic in the main PLCnext Technology ‑ Info Center . In the exemplary security context, access from the Engineering Station is only allowed via the extension module from the superordinate network. To… Read More
Activating software updates Central software updates will be possible via the Device and Update Management Service. You must first activate the service on the System Services page in the WBM. Log in to the WBM. Return to topicHow do I get to the WBM again? Click… Read More
Use cases and security context PLCnext Technology is supporting different security use cases: Openness is the leading approach, security is not a leading requirement: Industrial Security application note (AH EN INDUSTRIAL SECURITY) must be considered Security is an overall system design requirement, and is ensued by the system… Read More
PLCnext Technology security hardening To use PLCnext Technology as an IEC 62443-4-1/4-2 certified component, the activation of the Security Profile is mandatory. In addition, the automation system design must fit the security context and the generic use cases described in this PLCnext Technology ‑ Security Info Center. With activated Security Profile PLCnext Technology supports the following… Read More
Periodic security maintenance activities You must check regularly: user roles and permissions password complexity rules and password changes firewall settings all security-related settings the product download area for firmware updates the PSIRT webpage for known security vulnerabilities Security functionality verification… Read More
Example: Secured OPC UA Communication On the ‘Security’ page of the ‘OPC UA’ PLANT tree node, you can specify settings regarding certificates and authentication which must be performed successfully in order to establish a secure connection between OPC UA clients and the OPC UA server. Furthermore, you can… Read More
