A little knowledge.....
I don't need a data security expert to tell me that MODBUS is not secure. Its not designed to be. Its security is based on physical -- plant -- security in that getting to the connections to intercept or mimic the protocol is likely to be difficult and potentially dangerous. Fortunately the majority of systems are designed with the assumption that components can fail, you don't just rely on a safety critical command executing because things go wrong in the real world -- sensors fail, actuators get stuck, stuff happens. PLCs can be compromised but not in the same way that you'd take over a PC running Windows -- they're often running a program that looks a bit like a very primitive version of TinyBASIC with not a whole lot of wriggle room for creative destruction.
(Stuxnet is quoted as a successful attack but this relied on two things -- one was physical access to the network, the other a failure to bake in safeguards into the individual units. As a rule you don't allow machines to accept commands that will allow them to damage themselves. Its easy to overlook but I don't think the Iranians will get caught by this a second time.)
MODBUS tends to be for slow speed plant control. There are other industrial networking protocols that are a lot higher performance. EtherCAT, for example, is widely used. It is, though, rather difficult to interfere with without the system recognizing a problem and going to a 'safe' state (raising the alarm in the process). In addition there are protocol enhancements specifically designed to improve machine safety. As a rule we only need to be concerned with interference with the controller, the application running the system, not the system itself. The security researchers may find the way things are done a bit alien but its worth looking at closely because it might explain why IoT protocols aren't exactly taking the world by storm.
Biting the hand that feeds IT
