CODESYS® Security

CODESYS Security

Latest security news

Here you will find all relevant information on the CODESYS security processes and the latest CODESYS security updates

CODESYS Security Whitepaper

Which CODESYS features are relevant for security? You can find all the important information here.

Report vulnerabilities!

You can use our web form or write to the following e-mail address: security(at)codesys.com.

 

Overview of potential points of attack in an industrial control network

Potential points of attack in an industrial control network

CODESYS is widely used in the world of automation. Attack scenarios are therefore also increasingly relevant for CODESYS users. Cyber attacks can lead to sensitive know-how being used or disseminated without authorization, either consciously or unconsciously, but also to existing production machines or systems being damaged or even destroyed. The consequences can be serious.

Such threats cannot be completely eliminated with individual measures. However, numerous product features in CODESYS help to reduce or completely avoid the dangers of typical attack scenarios. Together with security procedures defined in accordance with the international IEC 62443 standard, they offer the greatest possible protection for machines, systems and production processes.

Security functions in CODESYS

You can get a complete insight into the security features available in CODESYS in the security white paper. To prevent digital attacks on machines, systems and production facilities in the best possible way, CODESYS has a wide range of effective security functions. For example, the application code can be protected against manipulation using the latest encryption and signing technologies.

CODESYS also offers comprehensive user administration in project planning and for access to the controller. Numerous encrypted communication channels are supported, both to the controller and between controllers. Furthermore, backup and redundancy systems protect against unwanted failures.

 

Operation in a protected environment

Manufacturers and operators should protect their automation systems by using comparable standards to those deployed to protect strictly mechanical or electrical systems:

  • Not everybody is allowed to access a factory site.
  • Not every employee of a factory is allowed to access every area.
  • Not every employee in a production area is allowed to access the control cabinet.

In order to avoid errors and problems caused by unauthorized or unintentional access, data access should be divided into manageable and controllable units.

Awareness for IT Security

Negligence and a lack of awareness are the most frequent reasons for security problems. Therefore we recommend that manufacturers and operators of automation systems explain the existing dangers to their employees, familiarize them with appropriate security measures, and urge them to apply these measures.

Users should be familiar with the Security functions in CODESYS and they should know how to deploy these functions effectively.

Security procedures

The CODESYS product development and all security procedures are based on the specifications of the Security standard IEC 62443. Procedures defining how to handle vulnerabilities are established and are being put into practice.

More information on the CODESYS Security procedures and on the current CODESYS Security Advisories.