Embedding the Real-Time AES-128 Encryption into Programmable Logic Controllers for Secure Modbus TCP/IP Communications in Industrial Control Systems

Abstract

This study presents a practical implementation of AES-128 encryption for Modbus TCP/IP communications in industrial control systems. The proposed method advances beyond theoretical approaches by providing a deployable, hardware-independent structured control programming solution embbed on Siemens S7-1200 and Rockwell CompactLogix PLCs. Experimental evaluation shows an average encryption latency of 41.08 μs, with end-to-end communication delays maintained between 5–35 ms. An optimized key management mechanism reduces expansion overhead by 63% compared with conventional designs. Robustness is demonstrated through more than 12,000 test cycles with consistent timing performance (σ < 3 μs) and full interoperability with unmodified Modbus TCP devices. Wireshark analysis further confirms effective prevention of man-in-the-middle attacks without hardware modifications. The results indicate that the proposed scheme provides a certifiable and efficient security layer, thereby offering a feasible migration pathway for securing legacy infrastructures in Industry 4.0, SCADA, and industrial IoT environments.