thingstodo
Member
Hi all,
Searching the site, this is the newest/closest to my question thread I found on safety PLCs, editing the safety task, etc:
http://www.plctalk.net/qanda/showthread.php?t=112897
It does not quite answer the question that our IT/Cyber security auditor would like answered. I have expanded on the questions just a bit given the info from the above thread:
Given that someone:
- gets through our firewall
- takes over one of our Programming VMs that is running the right rockwell software, at the correct versions, to edit our Safety PLC (L81ES)
- manages to get validated from the Rockwell license server
- logs into the safety PLC
- maliciously edits the safety portion of the controller code ....
* does the PLC have to go to program mode to get the logic changes to execute
* if changes are made to the safety program(s) but no new safety signature is created, what happens when the PLC is power cycled the next time. Does it keep running the 'old' code, or run the 'new' code, or just sit there because there is no safety signature?
I have read through portions of several manuals, but this appears to be a bit too detailed for the manuals to cover.
Perhaps it is a bit too esoteric for youtube videos to cover, since they cover creating your first safety program well, but not much about editing.
I'd just try it myself, but there is only 1 safety controller on site and our spare is at a contractor site being used for off-site development.
Searching the site, this is the newest/closest to my question thread I found on safety PLCs, editing the safety task, etc:
http://www.plctalk.net/qanda/showthread.php?t=112897
It does not quite answer the question that our IT/Cyber security auditor would like answered. I have expanded on the questions just a bit given the info from the above thread:
Given that someone:
- gets through our firewall
- takes over one of our Programming VMs that is running the right rockwell software, at the correct versions, to edit our Safety PLC (L81ES)
- manages to get validated from the Rockwell license server
- logs into the safety PLC
- maliciously edits the safety portion of the controller code ....
* does the PLC have to go to program mode to get the logic changes to execute
* if changes are made to the safety program(s) but no new safety signature is created, what happens when the PLC is power cycled the next time. Does it keep running the 'old' code, or run the 'new' code, or just sit there because there is no safety signature?
I have read through portions of several manuals, but this appears to be a bit too detailed for the manuals to cover.
Perhaps it is a bit too esoteric for youtube videos to cover, since they cover creating your first safety program well, but not much about editing.
I'd just try it myself, but there is only 1 safety controller on site and our spare is at a contractor site being used for off-site development.