Modbus
One of the oldest and most widely used communication protocols in industrial automation. It has no built-in security mechanisms.
What is Modbus?
Modbus is a communication protocol developed in 1979 by Modicon (now Schneider Electric) for communication between PLC controllers. Thanks to its simplicity of implementation and open specification, it became one of the most widely used protocols in industrial automation worldwide.
The Modbus protocol exists in several variants: Modbus RTU (serial communication via RS-232/RS-485), Modbus ASCII (text-based version) and Modbus TCP (communication over Ethernet/TCP-IP). Regardless of the variant, the operating principle is the same - a master device sends a request and a slave device responds with data or confirmation of command execution.
Modbus enables reading and writing device registers - analogue values, discrete states and configuration parameters. Its simplicity is both an advantage (ease of integration) and a weakness (lack of security mechanisms).
Why does it matter?
The Modbus protocol has no built-in authentication, authorisation or encryption mechanisms. Any device on the network can send a command to any controller - there is no way to verify whether the command comes from an authorised sender. An attacker who gains access to the OT network can read process data and issue control commands.
Organisations using Modbus should implement network-level protections: segmentation, industrial firewalls with deep packet inspection (DPI) for OT protocols, traffic monitoring for anomalies and access control to network segments containing Modbus devices.
Related topics
Related SEQRED services
Need help in this area?
Our experts will help you assess the risk and plan next steps.