As industrial automation advances, integrating Operational Technology (OT) and Information Technology (IT) requires stronger authentication systems. The rise in programmable logic controller (PLC) use, highlights the need to protect OT and PLCs from unauthorised access.
Current PLC systems often rely on password-based authentication due to limited computing power, resulting in significant vulnerabilities.

PLC OTAC brochure download

 

PLC OTAC for ICS & OT Security 

swIDch's PLC OTAC enhances security in Industrial Control Systems (ICS) and Operational Technology (OT) environments by eliminating static passwords and replacing them with a one-way dynamic authentication (OTAC) system. This prevents risks related to password sharing and theft, ensuring secure access to critical infrastructure.



Using the world’s first OTAC technology, our solution delivers passwordless multifactor authentication (MFA) with minimal resource requirements. OTAC operates without storing or transmitting static credentials, significantly reducing the attack surface. It also supports compliance with OT cybersecurity frameworks, helping organisations meet regulatory standards.



OTAC can be deployed in various modes to fit different security needs, providing seamless authentication without requiring passwords. This streamlined login process offers a single-step MFA experience, enhancing both security and usability.

 

Advantages of PLC OTAC 

  • No more passwords – Eliminates the risk of stolen or weak passwords.
  • Cost-effective – Cuts security costs with streamlined authentication.
  • Flexible & scalable – Fits any industrial environment.
  • No network required – Generates OTAC locally, no network needed.
  • Lower CPU usage – Speeds up authentication with minimal processing.
  • Unique dynamic codes - Blocks replay attacks with every login.

How PLC OTAC Works 

swIDch’s Programmable Logic Controller OTAC allows manufacturers and operators to significantly increase security with minimal disruption and minimal computing requirements. By removing password associated vulnerabilities, we have streamlined the process.

 

 

Current PLC certification: Password-based

PLC webpage image 2_edit
  1. Password sharing between engineers
  2. Access is granted to users who are indistinguishable (un-identified)
  3. If a password is stolen (from any user) it can be later used to gain access without any further challenge

Optimal PLC authentication method: OTAC-based authentication

PLC webpage image 3_edit
  1. No password sharing – users enter dynamic codes (OTAC) which are generated differently each time
  2. Access is only granted to authorised users – who are also fully identifiable
  3. If the OTAC is stolen and later used it will be denied access by the OTAC verification module
  4. All of this is possible without any need to modify the existing password interface (8-digit example above)

PLC OTAC Demo 

See PLC OTAC in action—how it eliminates static passwords and prevents unauthorized access. Instead of relying on fixed credentials, the system generates a dynamic one-time authentication code sent to registered users' mobile devices. This ensures only authorized personnel can access critical PLC systems, even if a valid password is compromised.

  • No static passwords – Eliminates risks from stolen or leaked credentials
  • Dynamic authentication – Each login requires a unique one-time code
  • Seamless experience – Fast and secure authentication.

 

 

 

PLC OTAC Deployment 

In operational technology (OT) environments, adaptability is crucial. Our PLC OTAC solution offers flexible, configurable options for seamless integration, whether deployed on a standalone PLC, a central server, or a hybrid setup. Explore more about specific applications and deployment scenarios of PLC OTAC.

Learn more on deployment

Why Choose PLC OTAC

PLC poc image 2 cropped Weak and predictable passwords
  • Weak authentication in other PLC systems, such as shared passwords and default passwords not being changed, lead to attacks.
  • Other PLC systems struggle to keep up with compliance regulations as they are constantly changing. PLC OTAC is always compliant with NIS2, CRA, and IEC 62443 regulations.
  • Limited security is offered from other PLC systems, with engineers prioritising functionality over security, leading to vulnerabilities.

PLC OTAC Compliance 

swIDch’s PLC OTAC (One-Time Authentication Code) solution ensures organisations meet regulatory standards like NIS2, CRA, and IEC 62443 through enhanced authentication mechanisms tailored for OT environments.

 

regulation

swIDch’s PLC OTAC ensures organisations meet regulatory standards like NIS2, NERC CIP, IEC 62443, and CRA through enhanced authentication mechanisms tailored for OT environments.

  • NIS2 Compliance: Provides secure, passwordless access to OT systems, addressing vulnerabilities associated with static credentials and supporting the minimum security measures outlined by NIS2.
  • NERC CIP: Enhances OT authentication security by enforcing user rights-based access control and multi-factor authentication.
  • IEC 62443 Compliance: Aligns with Identification and Authentication Control (FR1) by ensuring that only authorised users access PLCs through non-reusable, dynamic codes.
  • CRA Compliance: Replaces traditional password-based systems with dynamic authentication codes, reducing risks from unauthorised access and simplifying the authentication process.

learn more on our compliance

 

International CC Certification for OTAC
Our OTAC technology has obtained the global CC standard for its strong security, stability and reliability. 

Contact us today

PLC OTAC FAQs

  • PLC OTAC stands for programmable Logic Controller One Time Authentication Code.

  • swIDch’s PLC OTAC solution is scalable, so is ideal for any organisation no matter the size.

  • While we cannot disclose our customer's live network deployment of PLC OTAC, you can explore an unveiled proof of concept (PoC) with LS ELECTRIC to see how PLC OTAC is seamlessly integrated across OT devices here. 
  • Many PLCs still rely on password-based authentication, making them vulnerable to:
    • Manufacturer default passwords still in use
    • Shared passwords weakening security
    • Brute force, phishing, and credential attacks
  • New cybersecurity regulations require stronger authentication measures, but many legacy OT systems:
    • Were not designed for modern security threats
    • Rely on static passwords, which fail to meet compliance standards
    • Require costly upgrades to integrate advanced security solutions
  • Upgrading OT/PLC systems is challenging because:
    • Continuous operations limit downtime for security improvements
    • Legacy systems were not built to handle today’s cyber threats
    • Upgrades require specialized resources and expertise
  • Yes—Remote Terminal Units (RTUs), SCADA systems, and Human-Machine Interfaces (HMIs) often:
    • Use weak or default passwords
    • Lack modern security protections
    • Are exposed to cyberattacks due to outdated protocols

Why swIDch

OTAC, developed by swIDch, is the original technology
that provides all of the following features, tested and substantiated
by the University of Surrey technical report
Why swIDch
DYNAMIC CODE that is
sufficient to IDENTIFY user
Single-step IDENTIFICATION
and AUTHENTICATION
Uni-directional authentication in
off-the-network environment

Single-step identification and authentication with the code alone. Include our biometric option and get single-step MFA. Vastly improved UX by removing steps.

OTAC is a dynamic code, which means the code is constantly changing. Eliminates all use of static information. Forget usernames and passwords forever. Vastly reduced workload for IT helpdesks. 

No network connection required for generating OTAC, enabling uninterrupted use no matter where you are. No more waiting for additional tokens/OTPs and no need for heavy public key infrastructure (PKI). 

 

Highly configurable code parameters and lightweight SDK/applet means wide range of deployment options on many devices across multiple sectors.  

Learn More

'One-time-authentication-code' technical report by University of Surrey Get In touch

Related Topics

Moving Beyond Passwords
OT security is evolving beyond passwords with dynamic, one-time authentication codes. This approach mitigates risks like credential reuse, shared access, and hardcoded passwords, strengthening critical infrastructure against cyber threats and ensuring a more secure, seamless authentication process.
Read More
The Authentication Dilemma
In today's digital age, the importance of robust cybersecurity cannot be overstated. Yet, many organizations remain hesitant to implement necessary patches and continue to exhibit poor password hygiene. This reluctance to address fundamental security flaws leaves critical systems exposed to potential attacks.
Read More
Synergizing Standards: How NIS2, CRA, and IEC 62443 Forge a Unified Front in OT Cyber Security
In the rapidly evolving landscape of Operational Technology (OT), maintaining robust cybersecurity measures is crucial. Several key frameworks and directives have emerged to address the unique challenges faced by this sector. Let’s delve into three significant standards—NIS2, CRA, and IEC 62443—that collectively enhance the cybersecurity posture of OT systems.
Read More