Checking the validity of passwords Changing the default password After the admin has created a user account with password, you must change the default password. If you do not change the default password, you will receive appropriate warnings. Password expiration If a password is about… Read More
Checking the integrity state If the Security Profile is activated, an integrity state check is performed after each boot and log-in to the WBM. The integrity state is displayed in the WBM in the page header line right to the Security Profile state field. Note: Every event… Read More
Configuring Active Directory Connection With PLCnext you are able to connect Active Directory servers via LDAP. For further information, refer to the topic LDAP configuration in the main PLCnext Technology ‑ Info Center. • Published/reviewed: 2025-02-10 • Revision 017 • … Read More
Integrity check of downloaded software or firmware files IEC 62443 requires mandatory integrity check of software or firmware downloaded via Internet against tampering attacks. After downloading a setup file for any application (Windows®/Linux), a firmware file for a controller from the Internet or a PLCnext Technology App from the PLCnext Store,… Read More
Configuring authentication errors and sessions Session Configuration Log in to the WBM. Return to topicHow do I get to the WBM again? Click here for more information… Establishing a connection to the Web-based Management (WBM): Open a web browser on your computer. In the… Read More
Generic security concept Defense-in-depth design of automation systems is an important IEC 62443 process measure to achieve reliable security. The result is a generic layered architecture that leads step-by-step to a fully segmented network layer structure that describes the PLCnext Technology security architecture and the security use cases in… Read More
Password complexity rules The password complexity rules are predefined and depend on the rights of each user. You may need to adjust the rule set to meet the needs of your application. Pre-defined rule sets With firmware 2022.0 LTS and 2023.0 LTS, the “Admin Ruleset” and the “Default Ruleset” are pre-defined as described… Read More
Security measures – an overview To achieve security in an automation system, a holistic approach is necessary. An adequate security concept must be drawn up that covers technologies used, the defined processes, and the people involved. Both technological and organizational measures must be taken into account. Many… Read More
Creating users The SecurityAdmin can only configure the system. All other activities must be performed by other users with other roles. You need at least a Security Auditor to access the security notifications, an Engineer to program in PLCnext Engineer and an Operator to operate an HMI. Below you… Read More
Secure disposal You must safely decommission the controller so that no sensitive, confidential and/or manufacturer-specific data and software remain on the device. Check the national GDPR (General Data Protection Regulations) to comply with and make sure that attackers can’t access confidential security information’s from the deinstalled or disposed… Read More
