
Industrial-IOT: Introduction to MODBUS protocol - shiv4nsh
https://shiv4nsh.wordpress.com/2017/01/22/industrial-iot-introduction-to-modbus-protocol/
======
kevinherron
Oooph. Modbus is grossly inappropriate for use in IIoT architectures. It's 20
years old and has not even the slightest hint of security.

One thing we're seeing in practice is lower-powered industrial PCs running at
remote sites exporting data from Modbus and other field protocols via
something like MQTT on SSL.

That being said, there are thousands of Modbus-speaking (and other protocols,
too) devices sitting out there on the public internet behind a cellular modem
waiting to be polled or actively being polled by SCADA systems built before
anybody bothered to think about security.

~~~
CptMauli
If you are not using a VPN tunnel to access your modbus devices, then you are
criminally negligent.

But I also discovered that an entire line of heat controllers is accessible
via Modbus on the open internet. So if I want to shut down the heating for a
few hundred appartment blocks, I could do that easily. And these are not
actually old devices. There is even an app which you can download and control
these.

------
kristoffer
Hmm the article plagiarises one of it references pretty verbatim
([https://www.lammertbies.nl/comm/info/modbus.html](https://www.lammertbies.nl/comm/info/modbus.html)).
Tacky!

~~~
shiv4nsh
The points that were taken frim there are required for a full overview,
because they have described it perfectly. Hence provided it as a reference.

~~~
kristoffer
You can't copy & paste paragraphs of text from your references, especially
without quotation marks ...

------
fest
MODBUS over TCP is nice and good, but I'm worried that many people will soon
start using it to communicate data with web-based monitoring platforms and
will do it in plaintext.

The current generation of PLCs are severely limited in the security aspect
(example: Siemens S7-1200 series, designed in 2009 has no libraries for secure
communications. Answer from Siemens: oh, you need security? buy our security
gateway then!)

~~~
lithos
I hope not. Most of the security for modbus are in the form of MasterLocks
(those locks everyone learning to pick lock buy a dozen of). If you have
physical access to the system it's assumed you're supposed to be there.

At least in the limited number of systems I've seen, modbus is used for
communicating status rather than control.

~~~
fest
Yes, MODBUS is usually used between locally connected devices (but not always
for status, often also to control motors and valves).

However, it's the thing everyone in industry knows how to use so it will
likely be misused to send everything in plaintext over the Internet.

~~~
altstar
If you are using MODBUS over the internet you should be fired immediately. Any
SCADA/DCS/PLC communication should not be allowed on the internet at all.

------
jpfr
Why use modbus, a protocol that is nothing more than remote access to a
bitfield, when you can have OPC UA, a semantic object-database with an
(encrypted) meta-object protocol for remote access and real-time
notifications.

If you look at the offerings of GE, Siemens, and the like, all signs point
towards OPC UA as the TCP based protocol for industry that everybody agrees to
use.

~~~
kevinherron
Funny seeing you here :) I think we've worked out some interop issues between
our OPC UA stacks in the past.

~~~
jpfr
Hey Kevin, It's a small world, apparently. :)

