PLC hacking and other threats: why PLC code backup is critical for Manufacturers

05 May, 2023

Philip Ketterer

Dr. Philip Ketterer

Senior Product Manager

Manufacturing plants rely heavily on Programmable Logic Controllers (PLCs) to control machines and processes on the shop floor. However, many manufacturers struggle with identifying the PLC project versions that actually run on the PLCs in operation, which can cause downtime due to lost PLC code or version mismatches. This not only affects the production line but it also reduces engineering efficiency since engineers have to manually pull the last project version from the PLC without having a trustful PLC project storage or PLC code backup system.

Lack of visibility on PLC code changes

Another challenge for manufacturers is the lack of visibility on code changes across the machine’s long lifecycle. Many manufacturers have large and complex PLC projects stored in vendor-specific file formats. Version management is often done on a file name basis, and sometimes USB pens or engineers’ laptops are used to store PLC project files, making it difficult to track the latest version and manage code changes.

Furthermore, “hacking” of PLCs is a real concern for manufacturers. For example, hackers may re-program PLCs and insert malicious pieces of code without directly impairing their main program. Unfortunately, manufacturers often do not recognize that their PLCs are hacked until hackers attempt a ransom or blackmail attack.

PLC code backup and version management

Software Defined Automation (SDA) provides code integrity checks for all your PLCs by comparing the last version in the deployment history with the PLC code deployed to the PLC on the shop floor. In case of any deviation, the admin gets notified, and a PLC backup is created.

SDA allows you to enable the code backup for your PLCs from any device without accessing vendor-specific IDEs. For example, you can select the days and specific times to perform the code integrity and backup task.

PLC code deployment and backup

This ensures that the PLC in the SDA’s code repository is in sync with the actual control logic that runs on the PLC. It improves the resiliency and recovery speed of your factory in case of a disaster event. SDA’s single source of truth for PLC code (file and function block level) eliminates duplicates and overwriting code by having all systems (local engineering station, PLCs on the shop floor, and engineering in the cloud (IDE-as-a-Services)) synced.

Single source of truth for PLC projects

Additionally, SDA ensures a single source of truth for PLCs not connected to the internet through the Local Client. SDA’s Local Client syncs the user’s local project directory with the single source of truth for PLC projects in SDA’s code repository. Every code change on the local system is automatically detected and checked in with an additional commit message.

PLC project storage with project diff viewer for code management


SDA’s single source of truth for all PLC projects ensures that users always work on the latest code version and do not overwrite each other’s code changes. Engineering teams can work on their local machine with a guarantee to work on the same code base and managed versioning.

In conclusion, having a reliable code backup system for your PLCs is crucial for maintaining the efficiency and reliability of your manufacturing processes. SDA not only ensures code integrity and eliminates duplicates but also provides peace of mind to manufacturers by safeguarding against PLC hacking attempts and other disasters that may occur on the factory floor.

See SDA in action. Start your free 14-day trial today.

Stay up to date. Subscribe for our latest news.

subscribe icon