Hi, I'm doing research on novel cryptographic approaches for securing OT networks, and Modbus TCP Security (https://www.modbus.org/docs/MB-TCP-Security-v36_2021-07-30.pdf) seems to be a good starting point.
Q1: Is this version of the protocol currently in operation?
Q2: Is there any way to implement it for a M221 PLC?
Q3: If not possible, which Schneider PLCs are compatible with Modbus TCP Security?
I would appreciate any related information, thanks in advance.

 

If you find out, please help out the Modbus community and let us know. Thus far, I've seen zilch (nothing) on implementation of Modbus security.

 

Modbus works with open data. It can communicate even to a hacker with right memory address and communication settings. There is no security for it.

Hence the industry moved away from it and opted for OPC UA.
Modbus is still in use to support legacy devices, where implementing OPC UA is not possible because of the over heads and computational powers required for this. Also many legacy device vendors will not be interested in supporting such new features.
Instead they will try to sell a new device with OPC UA.

 

In 2018, Modbus announced the release of specification for a Modbus Security Protocol. See the announcement here:
https://modbus.org/docs/Modbus-SecurityPR-10-2018.pdf

The announcement provides a link to 20 page security protocol spec, which requires acknowledging something or other to get to the document. The posted protocol document has probably been updated because the date on it is July 2021, whereas the announcment was October 2018.

I have not seen any vendors promoting compliance to the Modbus Security Protocol and was quite curious as to whether any vendor would pop up on this thread with an observation about their compliance.