ISA/IEC 62443 frequently references common industrial protocols when discussing network security, segmentation, and secure communications. MODBUS TCP/IP is one of the most widely deployed industrial protocols and is explicitly recognized as operating over TCP port 502.
Step 1: Protocol context
MODBUS TCP/IP is the Ethernet-based adaptation of the MODBUS protocol, enabling communication between PLCs, HMIs, and SCADA systems over IP networks. Unlike HTTP or HTTPS, MODBUS does not include native authentication or encryption.
Step 2: Port assignment
The standard TCP port assigned to MODBUS TCP/IP is 502, which is well known and commonly targeted by attackers. ISA/IEC 62443 highlights that well-known ports increase exposure and therefore require compensating controls such as firewalls, segmentation, and deep packet inspection.
Step 3: Security implications
Because port 502 traffic can carry control commands directly affecting physical processes, the standard emphasizes controlling and monitoring communications using this port within defined zones and conduits.
Step 4: Why other options are incorrect
Port 21 is used for FTP
Port 80 for HTTP
Port 443 for HTTPS
Thus, the correct and standards-aligned answer is 502.
Submit