Programmable Logic Controller (PLC)

A Programmable Logic Controller (PLC) is an embedded programmable control device. PLCs typically utilize a modular architecture with separate modules used to support its processing capabilities, communication mediums, and I/O interfaces. PLCs allow for the deployment of customized programs/logic to control or monitor an operational process. This logic is defined using industry specific programming languages, such as IEC 61131 [1], which define the set of tasks and program organizational units (POUs) included in the device’s programs. PLCs also typically have distinct operating modes (e.g., Remote, Run, Program, Stop) which are used to determine when the device can be programmed or whether it should execute the custom logic.

ID: A0003
Platforms: Embedded
Sectors: General
Version: 1.0
Created: 28 September 2023
Last Modified: 04 October 2023

Related Assets

Name Sectors Description
Process Automation Controller (PAC) General

Process Automation Controllers (PAC) share much of the same functionality as a PLC. PACs may include advanced features for process control, motion control, drive control, and vision applications. PACs may include additional features such as options to program in traditional programming languages such as C and C++ in addition to 61131 programming languages in order to support these more advanced controls.

Field Device / Controller

Programmable Logic Controller (PLC) may be referred to as Field Controllers or Field Devices as a general function name.


Domain ID Name
ICS T0800 Activate Firmware Update Mode
ICS T0830 Adversary-in-the-Middle
ICS T0878 Alarm Suppression
ICS T0802 Automated Collection
ICS T0803 Block Command Message
ICS T0804 Block Reporting Message
ICS T0805 Block Serial COM
ICS T0806 Brute Force I/O
ICS T0892 Change Credential
ICS T0858 Change Operating Mode
ICS T0885 Commonly Used Port
ICS T0884 Connection Proxy
ICS T0809 Data Destruction
ICS T0812 Default Credentials
ICS T0814 Denial of Service
ICS T0868 Detect Operating Mode
ICS T0816 Device Restart/Shutdown
ICS T0871 Execution through API
ICS T0820 Exploitation for Evasion
ICS T0890 Exploitation for Privilege Escalation
ICS T0866 Exploitation of Remote Services
ICS T0874 Hooking
ICS T0877 I/O Image
ICS T0872 Indicator Removal on Host
ICS T0835 Manipulate I/O Image
ICS T0838 Modify Alarm Settings
ICS T0821 Modify Controller Tasking
ICS T0836 Modify Parameter
ICS T0889 Modify Program
ICS T0839 Module Firmware
ICS T0801 Monitor Process State
ICS T0834 Native API
ICS T0840 Network Connection Enumeration
ICS T0842 Network Sniffing
ICS T0861 Point & Tag Identification
ICS T0843 Program Download
ICS T0845 Program Upload
ICS T0846 Remote System Discovery
ICS T0888 Remote System Information Discovery
ICS T0847 Replication Through Removable Media
ICS T0848 Rogue Master
ICS T0851 Rootkit
ICS T0856 Spoof Reporting Message
ICS T0869 Standard Application Layer Protocol
ICS T0862 Supply Chain Compromise
ICS T0857 System Firmware
ICS T0855 Unauthorized Command Message
ICS T0859 Valid Accounts