Sign in to follow this  
Followers 0
BobLfoot

Micrologix 1000 Modes

8 posts in this topic

As part of a recent "PLC Safety" initiative our Engineering Group has decreed that all Allen Bradley PLC will have their keyswitch in the RUN rather than REMOTE mode. Anyone needing to effect a change to the program will have to physically access the unit and move the switch while working and return it to RUn at the end of their day. Of course true to Factory Life it is the Maintenance Electrrical Team which gets to go around and change all these switches for Engineering Group. This brings me to my question. We have a couple of Micrologix 1000 units and I can't find a keyswitch anywhere on them or reference to one in the User manual PDF. Are we stuck with REMOTE mode as the only option on these? We only have a couple and I've not much experience with the M1000 so I have to ask those who have worked with them more than I.

Share this post


Link to post
Share on other sites
None of the ML's have keys, I have never even thought about it, but I guess the default is remote. Maybe Ken Roach will chime in.

Share this post


Link to post
Share on other sites
The 1500 has a switch (but no key) for mode, The 1100 and 1400 modes can be changed from the LCD keypad. (but right, no key)

Share this post


Link to post
Share on other sites
They're going to have to make exceptions to the keyswitch rule for controllers that don't have keys. As a practical matter a keyswitch is not a whole lot more secure than a toggle switch, since the keys are universal. I keep a SLC/ControlLogix key, a PLC2/3/5 A126 key, and a Pollak key for Hyster forklifts on my keychain. MicroLogix 1000 doesn't have a physical switch, and doesn't have hard RUN or PROG modes; only REMOTE RUN and REMOTE PROG exist in that controller. The reason for the policy change is likely to avoid unauthorized or untracked edits to systems that are routinely monitored and edited, which means the larger modular controllers. Hopefully this will be an opportunity to get the policymakers also thinking about disaster recovery and network security !

Share this post


Link to post
Share on other sites
Hi Bob, I was going to ask you why they want the processor in run mode, but I suppose it is to make sure no changes are made. Or no changes that the Engineering dept don't give the OK to. I don't know how big your plant is, but if I was to do this and then needed to do a change it could take me 10/5 mins to walk out to the PLC, turn the key switch, then walk back. I know that you are fairly clued in from reading this forum and reading your posts, so why not use documentation and source control ( you probably are using some mixture of the two). We use Tortoise SVN for source control. Easy to set-up and work with. Just a thought, Conor

Share this post


Link to post
Share on other sites
Conor in an ideal world source control like RS AssetCentre would be sufficient to track PLC modifications. But I work for a less than ideal world at one plant of many for a Fortune 500 concern. Corporate Security has done a lot lately in terms of isolated subnets, virtual servers, firewalls, VPNs and such but the fear still exists that some rogue variant of stuxnet aimed at Rockwell PLCs will find it's way into a plants local infrastructure and attack key mission critical PLCs. With them in RUN by default this is less of a hassle. And while the Floor Coverage Electricians may not like to have to open cabinets and throw switches when Enginners want to make an edit, "Thats the Price of Security" and it's more like 15-20 minutes of walking at our facility.

Share this post


Link to post
Share on other sites
As far as I understand about the Stuxnet virus incident in Iran the payload did not modify the actual programs running in the PLCs. It attacked the Step 7 DLLs so that it could send normal messages (drive frequency commands) without them being seen by the monitoring operators. It also intercepted normal requests for frequency feedback from the drives, modifying them so that the reading appeared normal. Locking down the PLCs, in that case, would have no effect. It's the PCs that needed the greater security.

Share this post


Link to post
Share on other sites
As mentioned by Bob and Carlton, and in light of the recent duqu worm, it is extremely important to consider security when extablishing a system. A secure industrial router/industrial firewall is a must to protect your Industrial Ethernet network from unwanted and potentially dangerous traffic. MGuard is an ideal solution for higher level remote site security. To find out more about how this could help prevent a Stuxnet variant account check out: http://www.phoenixcontact.com/local_content_pdf/pdf_eng/Post-StuxnetIndustrialSecurity.pdf

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0