How I Diagnose a PLC with TIA Portal Using a Sanitized Laptop
By Carlos Espinosa Saldana – Port of Los Angeles | Automation & Cybersecurity
Introduction
Working at the Port of Los Angeles, surrounded by the sound of cranes, horns, and container stackers, I often catch myself thinking: “If one of these machines suddenly stopped working, how would I diagnose it?”
That thought led me down a path into PLC diagnostics — the heart of automation that keeps terminals running. But diagnosing a PLC isn’t just about checking wires or code. It’s also about protecting the system from intrusions.
Every time I connect my laptop to a PLC, I remind myself: a clean connection is a safe connection.
In this post, I’ll share how I approach diagnosing a Siemens PLC using TIA Portal, and why using a sanitized, cybersecurity-safe laptop is key to keeping operations both efficient and secure.
🧼 Step 1: Always Start with a Sanitized Laptop
Before opening TIA Portal:
- Use a dedicated service laptop — no personal use, browsing, or random USB drives.
- Run a malware scan before every connection.
- Disable Wi-Fi and Bluetooth to prevent outside interference.
- Turn off cloud-sync apps like OneDrive or Google Drive.
- Keep Windows and Siemens software fully updated.
💡 In the port world, one infected laptop can halt operations for an entire shift.
A sanitized laptop helps prevent malware, trojans, and ransomware that could target PLCs or SCADA systems. Treat your laptop like your most trusted tool — keep it clean and ready.
🔌 Step 2: Identify the PLC and Connection Type
Before connecting:
- Model: Siemens S7-1200 or S7-1500
- Connection: Ethernet, MPI, or PROFIBUS
- Network info: Confirm IP address and subnet
⚠️ Never perform random network scans — OT systems are sensitive and unauthorized probing can cause faults.
🧰 Step 3: Connect Your Laptop and Verify Communication
- Plug your Ethernet cable from laptop to PLC or switch.
- Set a static IP on your laptop (e.g., 192.168.0.100).
- Open Command Prompt and ping the PLC:
ping 192.168.0.1 - Open TIA Portal → Online → Accessible Devices and search for the PLC.
- Once detected, go online and monitor diagnostics.
If nothing appears, double-check the cable, adapter, and ensure the PLC is in RUN mode.
🔎 Step 4: Diagnose with TIA Portal
Inside TIA Portal:
- Open the Diagnostic Buffer to see fault history and timestamps.
- Review Module Information for hardware/network status.
- Observe Program Blocks and logic changes in real time.
- Use Watch Tables to monitor sensor inputs and actuator outputs.
🧩 If a tag doesn’t change when it should — that’s your starting point.
A repeating “Bus Fault” may point to a damaged cable, bad module, or wrong configuration.
🛡️ Step 5: Practice Cyber Safety During and After Diagnostics
Even when the job seems done, stay cautious:
- Disconnect immediately after finishing.
- Save projects on encrypted or offline drives — never public clouds.
- Keep a log including:
- Date / time
- PLC type and IP
- Faults found
- Actions taken
🧠 Documenting is part of cybersecurity — it proves accountability and traceability.
⚓ Final Thoughts
Working around automation every day taught me this: diagnosing a PLC is as much about mindset as it is about skill.
Using Siemens TIA Portal is only half the job — the other half is staying calm, patient, and secure, both physically and digitally.
“At the end of the day, the best technicians aren’t just the ones who fix problems — they’re the ones who prevent them.”
If you enjoyed this post, check out my other projects on cespsecure.com where I share my journey from the docks to cybersecurity and automation.