PLCs communicate with SCADA systems by transmitting real-time process data over industrial communication protocols such as Modbus, Profibus, Profinet, and OPC-UA. The PLC collects data from field devices like sensors and actuators, then sends that data to the SCADA system, which visualizes it, logs it, and enables operators to respond. This communication forms the backbone of modern industrial automation. The sections below unpack the most common questions about how this connection works, what can go wrong, and how security fits into the picture.
What protocols do PLCs use to send data to SCADA systems?
PLCs use a range of industrial communication protocols to send data to SCADA systems, with the most common being Modbus TCP/IP, Profibus, Profinet, DNP3, EtherNet/IP, and OPC-UA. The choice of protocol depends on the age of the equipment, the network infrastructure, and the level of data detail required. Each protocol defines how data is structured, addressed, and transmitted between devices.
Here is a quick breakdown of the most widely used PLC communication protocols:
- Modbus TCP/IP: One of the oldest and most universal protocols, widely supported across vendors and easy to implement. It is still common in legacy environments.
- Profibus: A fieldbus standard developed by Siemens and widely adopted in process industries. It supports high-speed, deterministic communication between PLCs and field devices.
- Profinet: The Ethernet-based successor to Profibus, offering faster data rates, real-time capability, and easier integration with IT networks.
- EtherNet/IP: Common in discrete manufacturing environments, particularly with Allen-Bradley and Rockwell systems.
- DNP3: Frequently used in utilities and infrastructure sectors where communication over long distances or unreliable links is required.
- OPC-UA: A modern, platform-independent standard that is rapidly becoming the preferred choice for new PLC-SCADA integration projects.
In Siemens environments specifically, Profinet and OPC-UA are the dominant protocols for connecting PLCs to SCADA platforms, offering strong performance and native support within the Siemens ecosystem.
How does a SCADA system read real-time data from a PLC?
A SCADA system reads real-time data from a PLC by polling or subscribing to data registers within the PLC’s memory. In polling mode, the SCADA server sends periodic requests to the PLC, which responds with the current values of the requested tags. In subscription mode, the PLC pushes updates to the SCADA system only when values change, which reduces network traffic and latency.
The SCADA system connects to the PLC through a communication driver, sometimes called an I/O server or data acquisition server. This driver translates the raw protocol data into tag values that the SCADA application can display, log, and act on. Tags map directly to memory addresses inside the PLC, such as input registers, output coils, or internal data blocks.
Once data reaches the SCADA layer, it is processed in several ways:
- Displayed on operator screens as real-time process values, trends, and alarms
- Stored in historian databases for long-term analysis and reporting
- Evaluated against alarm thresholds to trigger operator notifications
- Used as inputs for control logic running at the SCADA level, such as batch sequencing or supervisory setpoints
The scan rate, which is how often the SCADA system requests or receives new data, is a critical configuration parameter. Too slow and operators miss fast process changes. Too fast and the network or PLC processor can become overloaded.
What is the role of OPC-UA in modern PLC-SCADA integration?
OPC-UA (Open Platform Communications Unified Architecture) is the modern standard for PLC-SCADA integration because it provides a vendor-neutral, secure, and scalable way to exchange data between industrial devices and software systems. Unlike older protocols that are proprietary or limited in scope, OPC-UA works across different hardware brands, operating systems, and network architectures.
OPC-UA solves several longstanding challenges in industrial communication:
- Interoperability: A Siemens PLC can share data with a third-party SCADA platform without custom middleware or protocol converters.
- Built-in security: OPC-UA includes authentication, encryption, and access control at the protocol level, unlike older protocols that were designed for closed networks.
- Rich data modeling: Beyond raw values, OPC-UA can transmit context about the data, such as units of measurement, quality indicators, and timestamps.
- Scalability: It supports everything from simple machine-level connections to enterprise-wide data flows connecting PLCs, SCADA, MES, and ERP systems.
In 2026, OPC-UA has become the de facto integration layer for Industry 4.0 and digital twin initiatives. For organizations running Siemens PCS 7 or SIMATIC-based systems, OPC-UA is the natural bridge between process automation and higher-level digital platforms.
What’s the difference between a PLC and a SCADA system?
A PLC (Programmable Logic Controller) is a hardware device that directly controls physical processes by reading inputs from sensors and sending outputs to actuators. A SCADA (Supervisory Control and Data Acquisition) system is software that monitors and supervises those processes from a central point, providing operators with visibility, alarming, and high-level control. The PLC acts; the SCADA observes and guides.
The distinction becomes clearer when you look at where each operates in the automation hierarchy:
- PLC: Operates at the field level, executing control logic in real time, often in milliseconds. It runs independently and continues controlling the process even if the SCADA connection is lost.
- SCADA: Operates at the supervisory level, aggregating data from multiple PLCs across an entire plant or facility. It provides dashboards, alarm management, historical logging, and operator interaction.
In a Siemens PCS 7 environment, the boundary between PLC and SCADA functions is tightly integrated. The engineering environment, the process controllers, and the operator stations all share a common data model, which reduces configuration effort and the risk of mismatches between what the PLC controls and what the SCADA displays.
What causes communication failures between PLCs and SCADA?
Communication failures between PLCs and SCADA systems are most commonly caused by network issues, configuration mismatches, hardware faults, or protocol incompatibilities. When the link between the two systems breaks down, operators lose visibility into the process, alarms may not reach control rooms in time, and automatic responses to process deviations can be delayed.
The most frequent root causes include:
- Network instability: Packet loss, high latency, or switch failures disrupt the data flow between the PLC and the SCADA server.
- IP address or port conflicts: Incorrect network configuration prevents the SCADA driver from reaching the PLC.
- Scan rate mismatches: If the SCADA system requests data faster than the PLC or network can respond, timeouts occur.
- Firmware or software version incompatibilities: Updates to either the PLC firmware or SCADA software can break existing communication drivers.
- Cable or connector faults: Physical layer problems, particularly in older Profibus installations, are a common but often overlooked cause.
- Overloaded PLC processors: A PLC that is near its processing capacity may deprioritize communication tasks, causing intermittent dropouts.
Diagnosing communication failures requires a systematic approach, starting with the physical layer and working up through the network, protocol configuration, and application settings. Good diagnostic tooling, such as Siemens’ integrated diagnostics in PCS 7, can significantly reduce troubleshooting time.
How do cybersecurity risks affect PLC-SCADA communication?
Cybersecurity risks directly threaten PLC-SCADA communication because many industrial networks were originally designed as isolated systems without built-in security. As these networks become increasingly connected to corporate IT systems and the internet, they become exposed to threats such as unauthorized access, man-in-the-middle attacks, and malware that can disrupt or manipulate process data.
The consequences of a successful attack on PLC-SCADA communication can range from data loss to physical process disruption. Key vulnerabilities include:
- Unencrypted protocols: Older protocols like Modbus and Profibus transmit data in plain text, making them easy to intercept and manipulate if an attacker gains network access.
- Flat network architectures: When OT (operational technology) and IT networks are not properly segmented, a breach in the office network can reach the control system.
- Weak authentication: Many PLC systems still rely on no authentication or simple password protection that is rarely updated.
- Remote access vulnerabilities: VPN configurations and remote maintenance connections, if poorly secured, provide an entry point for attackers.
Mitigating these risks requires a layered approach: network segmentation using industrial firewalls and DMZs, adoption of secure protocols like OPC-UA with encryption enabled, strict access control policies, and regular vulnerability assessments. Compliance with standards such as IEC 62443 provides a structured framework for securing industrial communication environments.
How CoNet helps with PLC-SCADA communication and integration
We are CoNet, and PLC-SCADA integration is at the core of what we do. As the leading Siemens PCS 7 specialist in the Netherlands and one of the top PCS 7 Specialist Partners worldwide, we bring deep technical expertise to every aspect of industrial automation communication, from initial engineering to ongoing maintenance and optimization.
When clients come to us with PLC-SCADA challenges, we provide concrete support across the full integration lifecycle:
- Protocol selection and network design: We advise on the right communication protocols for your specific environment, whether that means modernizing from Profibus to Profinet or implementing OPC-UA for broader digital integration.
- Engineering and configuration: Our team handles the full engineering of PLC-SCADA connections within Siemens environments, ensuring correct tag mapping, scan rate optimization, and reliable data flow.
- Fault diagnosis and troubleshooting: When communication failures occur, we diagnose and resolve them quickly, minimizing downtime in critical process environments.
- Cybersecurity for OT environments: We help clients implement network segmentation, secure remote access, and IEC 62443-aligned security measures to protect their automation infrastructure.
- Digital Grid and process automation: As both a Siemens Digital Grid partner and a Certified Solution Partner for SIMATIC PCS 7, we offer a single point of contact for energy and process automation questions.
We work across the chemical, oil and gas, food and beverage, and energy sectors, delivering around 40,000 to 50,000 hours of engineering annually. If you want to strengthen your plant automation infrastructure or resolve an existing PLC-SCADA integration challenge, we are ready to help. Contact us to speak with one of our specialists.
