How ABB PLC products meet security challenges

Cyber security is one of the most important topics for ABB and its customers. With the adoption of Industry 4.0 and IoT, more and more devices are connected with each other.

This is why the security of industrial automation and control systems is increasingly critical. ABB aims to protect the data, integrity and availability of all AC500 PLC products.

ABB takes all necessary steps to continuously improve the security of its products. These measures follow commonly accepted industry standards and practices and include, where technically feasible. 

We highly recommend that all software, firmware, libraries and applications are kept up to date using the most recent firmware and software updates to keep your system and environment secure.

Robustness testing including fuzzing and flooding

The AC500 PLC undergoes intensive robustness tests such as fuzzing and flooding to ensure stability and reliability. These tests verify that the system can handle unexpected or malformed data and continue operating securely under high network load.

Vulnerability scanning for known vulnerabilities and exploits

Regular vulnerability scans are performed to detect and eliminate known weaknesses. This proactive approach helps prevent potential exploits and keeps the system protected against emerging threats.

Security testing including static code analysis or binary code analysis

Comprehensive security testing is carried out through static and binary code analysis to identify hidden flaws or vulnerabilities early in the development process, ensuring a secure and resilient control platform.

TÜV SÜD certification according to IEC 62443

We are pleased to announce that TÜV SÜD has certified:

  • the ABB AG site in Heidelberg in accordance to the IEC 62443-4-1:2018 standard (Secure Product Development Lifecycle). This confirms that ABB develops secure-by-design products in accordance with the IEC 62443-4-1 process.
  • the AC500 product in accordance with the IEC 62443-4-2:2019 standard (Security for industrial automation components). This confirms the fulfillment of the security requirements defined by the IEC 62443-4-2 and the respective security level of the AC500 PLC.

Designing secure automation systems

The design of an automation system should follow the IEC 62443-3-3 standard. This standard describes the requirements to be fulfilled by the automation system in total.

A risk and threat analysis of the planned automation system is the entry point of the secure planning process. The IEC 62443-4-2 certification of the AC500 PLC supports the process, as this component delivers the needed security functions.

Cyber security in ABB drives

ABB drives and PLC products are used in various industries and applications. We provide safe and secure by-design products and solutions to our customers by complying with laws and regulations, as well as targeting compliance towards required security standards and beyond.

Related content

Cyber security alerts and notifications

We are committed to providing our customers with products, systems and services that clearly address cyber security.

ABB Cyber Security approach

ABB provides the defense-in-depth security required for digital solutions in mission-critical applications and industries.

PLC products security advisory

Browse our security advisory documentation in ABB Library