×
Siemens Industry Online Support
Siemens AG
Entry type: FAQ Entry ID: 109799540, Entry date: 11/29/2021
(2)
Rate

Questions and answers about the new security features in TIA Portal V17

  • Entry
  • Associated product(s)
As a pioneer in industrial security world, Siemens has always aimed to provide holistic, state-of-the-art solutions to ensure maximum protections of machines and plants. In this entry you find a collection of questions and answers on the newly introduced security features in TIA Portal V17.

Description

With TIA portal Version 17, several security improvements for the communication between engineering stations, PLCs and HMI panels have been introduced. Mainly:

  • The communication is encrypted by means of Transport Layer Security protocol or TLS. This is achieved by applying individual certificates for each partner. The certificates can be imported or created in TIA portal with the certificate manager.
  • The confidential PLC configuration data can be protected by a user-defined password. This protection is optional.
  • “Security by Default” concept: several options have been preconfigured and are set by default to ensure a higher security level for machines and plants. This includes:
    - The preactivated PLC configuration password requirement, that ensures all confidential PLC configuration data are protected by default.
    - The predefined secure PG/HMI communication, which prevents unsecured communication with other partners.
    - The preactivated “PLC access protection”, that prevents any type of access to the controller unless explicitly configured.

To simplify the security configuration on the devices, the user is guided through a wizard which assists them with the security settings. This includes the protection of confidential PLC configuration data, the secure PG / HMI communication, and the access level of the SIMATIC controller.



Following components support the new secure SIMATIC PG/HMI communication:

Server
  • S7-1500 PLCs V2.9
  • S7-1200 PLCs V4.5
  • S7-PLCSIM Advanced V4.0
  • Drive Controller V2.9 
 

Clients
  • STEP 7 (TIA Portal) V17
  • HMI Basic Panels 2nd Generation, V17
  • HMI Mobile Panels 2nd Generation, V17
  • HMI Comfort Panels, V17
  • HMI WinCC Runtime Advanced V17
  • WinCC Runtime Professional V17
  • WinCC Unified PC V17
  • WinCC Unified Comfort Panels V17
  • SIMATIC NET (OPC UA Server) V17

 


In the document below are the answers to following questions:

  • What are the new security features introduced in TIA Portal V17?
  • When can I update my PLC firmware? How is the update process performed?
  • When and how is my PLC fully using the new security features introduced in TIA Portal V17?
  • What is “Security Wizard” and why do I need it?
  • What can be configured with the “Security Wizard”?
  • Why do I need to define a password for PLC configuration data?
  • Is the communication between PG and PLC secure even if I don’t assign a PLC confidential configuration data password?
  • What should I do if I want to exchange a PLC that is protected with a confidential configuration data password?
  • Can I assign a confidential configuration data password to a PLC without using TIA Portal?
  • How can I assign a confidential configuration data password to a PLC without using TIA Portal?
  • How can I connect previous HMI systems (<TIA Portal V17) with a new PLC firmware (>=V2.9)?
  • What should be taken into consideration when working with certificates?
  • What should I do when the certificates on the PLC/HMI expire?
  • What are the security enhancements regarding project protection and user management in TIA Portal V17?

Document
 Registrierung notwendig  109799540_en_Security-Features_in_TIA_Portal_V17.pdf (1,4 MB)


Security information
In order to protect technical infrastructures, systems, machines and networks against cyber threats, it is necessary to implement – and continuously maintain – a holistic, state-of-the-art IT security concept. Siemens’ products and solutions constitute one element of such a concept. For more information about cyber security, please visit
https://www.siemens.com/cybersecurity#Ouraspiration.
Rate entry
no rating
Requests and feedback
What do you want to do?
Note: The feedback always relates to the current entry / product. Your message will be forwarded to our technical editors working in the Online Support. In a few days, you will receive a response if your feedback requires one. If we have no further questions, you will not hear from us.