1. Home
  2. Assets
  3. Programmable Logic Controller (PLC)

Programmable Logic Controller (PLC)

A Programmable Logic Controller (PLC) is an embedded programmable control device. PLCs typically utilize a modular architecture with separate modules used to support its processing capabilities, communication mediums, and I/O interfaces. PLCs allow for the deployment of customized programs/logic to control or monitor an operational process. This logic is defined using industry specific programming languages, such as IEC 61131 [1], which define the set of tasks and program organizational units (POUs) included in the device’s programs. PLCs also typically have distinct operating modes (e.g., Remote, Run, Program, Stop) which are used to determine when the device can be programmed or whether it should execute the custom logic.

ID: A0003
Platforms: Embedded
Sectors: General
Version: 1.1
Created: 28 September 2023
Last Modified: 12 May 2026

Related Assets

Name Sectors Description
Process Automation Controller (PAC) General

Process Automation Controllers (PAC) share much of the same functionality as a PLC. PACs may include advanced features for process control, motion control, drive control, and vision applications. PACs may include additional features such as options to program in traditional programming languages such as C and C++ in addition to 61131 programming languages in order to support these more advanced controls.

Field Device / Controller General

Programmable Logic Controller (PLC) may be referred to as Field Controllers or Field Devices as a general function name.

ICS Layer
download view

Techniques

Domain ID Name
ICS T0800 Activate Firmware Update Mode
ICS T0830 Adversary-in-the-Middle
ICS T0878 Alarm Suppression
ICS T0802 Automated Collection
ICS T1695 Block Communications
.001 Serial COM
.002 Ethernet
.003 Wi-Fi
ICS T1691 Block Operational Technology Message
.001 Command Message
.002 Reporting Message
ICS T0806 Brute Force I/O
ICS T0892 Change Credential
ICS T0858 Change Operating Mode
ICS T0885 Commonly Used Port
ICS T0884 Connection Proxy
ICS T0809 Data Destruction
ICS T0814 Denial of Service
ICS T0868 Detect Operating Mode
ICS T0816 Device Restart/Shutdown
ICS T0871 Execution through API
ICS T0820 Exploitation for Evasion
ICS T0890 Exploitation for Privilege Escalation
ICS T0866 Exploitation of Remote Services
ICS T0874 Hooking
ICS T0877 I/O Image
ICS T0872 Indicator Removal on Host
ICS T1694 Insecure Credentials
.001 Default Credentials
ICS T0835 Manipulate I/O Image
ICS T0838 Modify Alarm Settings
ICS T0821 Modify Controller Tasking
ICS T1693 Modify Firmware
.001 System Firmware
.002 Module Firmware
ICS T0836 Modify Parameter
ICS T0889 Modify Program
ICS T0801 Monitor Process State
ICS T0834 Native API
ICS T0840 Network Connection Enumeration
ICS T0842 Network Sniffing
ICS T0861 Point & Tag Identification
ICS T0843 Program Download
.001 Download All
.002 Online Edit
.003 Program Append
ICS T0845 Program Upload
ICS T0846 Remote System Discovery
.001 Port Scan
.002 Broadcast Discovery
.003 Multicast Discovery
ICS T0888 Remote System Information Discovery
ICS T0847 Replication Through Removable Media
ICS T0848 Rogue Master
ICS T0851 Rootkit
ICS T0869 Standard Application Layer Protocol
ICS T0862 Supply Chain Compromise
ICS T1692 Unauthorized Message
.001 Command Message
.002 Reporting Message
ICS T0859 Valid Accounts

References

  1. IEC 2013, February 20 IEC 61131-3:2013 Programmable controllers - Part 3: Programming languages Retrieved. 2019/10/22