Modbus protocol safety

It is known that it’s easy to get into the open Modbus protocol and manage any devices. This is similar to the truth, if you have a register map and understand what command words values should be sent to the slave device.


The solution to this problem can be some software complication of data exchange, when in the exchange between devices we “mix” the authorization variable into a cyclic poll. This will allow each network device that has control functions to understand what kind of master telegrams come from.

If you have a set of signatures (authorization variables) that change cyclically and are checked against the same set at the other end,
There is a question of the dissynchronization of the master and slave (for example, one package was lost or beaten somewhere along the way). Since the sequence should not change, a mechanism for restoring the lost authorization is started in the slave, that is, it makes a bias in the loop and checks again, with two unsuccessful attempts, an alarm.

It is also necessary to agree with the fact that the set of signatures is not infinite and with a great desire and time of monitoring, analysis, you can make up your own dictionary and bypass protection.

On this I say so, there are no locks that can not be opened. The castle has two tasks:

1. Change the article from the incoming from penetration by negligence – to break

2. Increase the time for unauthorized login

#Closing, #Modbus

Russian version

Be the first to comment

You comment add

Back to the list