PROD_CONS vs Messaging Security

remullis

Member
Join Date
Oct 2012
Location
Georgia
Posts
179
Any thoughts on the differences in Security between prod_cons data and messaging?

I am being asked to message between two PLC's for 2 different companies and was told I could not use messaging, that I would need to prod_cons.

Is there any real added security with prod_cons?

I have used both in the past so it's no problem, just can't wrap my head around the difference in security.
 
The P/C data, being an agreed upon structure and destination that is not easily changed, Could be considered more secure because each separate company knows what should be there and populates the structure with their own data.

Whereas a MSG from one side can be modified at will to grab other tags without the other side even noticing (without traffic monitoring software at least) .
 
Second on what Waterboy said. In addition, I don't believe messaging or produce/consume have CIP Security built in. 5380s have the hardware as far as I know, but I don't think it's used here.
 
This is going back to 2006 ish off memory. So dont crucify my if im a little fuzzy. Just talking bandwidth and data captures.
Message reads takes 5 data packets
Message write takes 4 data packets
Pro/Con writes or reads at the RPI.
The following is a very crude explanation.
If you did a data capture and broke down the packets you would see. That messages state the target address to either read or write. Then the length of the message. Then data folled by an end of transmission with a did you get the data packet. Example N7:0 5 long 1234 321 456 789 -200
As you can see you only get the starting point and then the data.

Pro/Con data is at a RPI with almost the same setup.
Produced data is just written and broadcast on the network.
Consumed is listening to that data that is broadcast. If you capthat data you will see a start word (tag name) then a bunch of numbers. Example Produced_tag 1234 321 456 789 -200.

Unless you know what those N7 or Produced_tag are then its just a bunch of numbers. If you worried about someone getting those data points then its way to late because they are on your network already.

Ive done some data captured and reverse engineered what was being send or read. It was a PLC5 to Automax. The PLC5 send data as a PLC3 data write over a short haul modem at 1200 baud. I had to read the data to find out what was being sent to the Automax. It was an awesome job with a great learning experience. Ken Roach helped me with the data decoding.once he showed me behind the curtains the magic was gone and I went on a data networking kick. I did a bunch of serial to Ethernet conversion. 485 ASCII to DF1 or Ethernet.
 
The one issue preventing doing pro/con is the need to download vs doing the change online. In a lot of 24/7 operation, doing a download isn't a small thing.
 

Similar Topics

Hi All, I am looking to consume some data in my 1756-L72S (connection through EN2T) that is being produced by my 1769-L43A (connection through...
Replies
5
Views
1,510
Had a problem recently that we've resolved, but we are trying to decide on alarming and prevention of the massive downtime because of the problem...
Replies
2
Views
1,470
I am tring to bring the temperature control of some electric heaters into a AD Prod 2000 PLC and need some help. The current temperature...
Replies
4
Views
2,484
Hello, I am new to control expert and I am looking a quick start guide for basic ladder and function block programming. I have searched the web...
Replies
4
Views
1,530
I am needing to transfer some prod_cons tags where the data type is a string[10]. Can you move a String data type? Thanks in advance RM
Replies
18
Views
3,401
Back
Top Bottom