How to Remove Write Protection from a Siemens PLC Program

Key Takeaways Table

What is write protection?A security feature to prevent unauthorized modification of the PLC program.
Which Siemens PLC models are commonly affected?SIMATIC S7-1200, S7-1500
What methods can be used to remove write protection?Using a transfer card, changing settings via TIA Portal, password recovery techniques
Why is it important to manage write protection effectively?To maintain security and prevent unauthorized changes to the PLC program.
Are there any best practices for managing PLC write protection?Regular backups, proper password management, combining multiple protection methods


Welcome to ControlNexus, your trusted provider of Siemens PLCs, HMIs, and Inverters since 2013. In this article, we will explore how to remove write protection from a Siemens PLC program, ensuring you can effectively manage and troubleshoot your industrial automation systems.

Siemens PLCs, such as the SIMATIC S7-1200 and S7-1500, are equipped with various security features to protect your programs from unauthorized access. However, there are times when you may need to remove these protections to update or troubleshoot your system. Understanding how to navigate these protections is crucial for maintaining the efficiency and security of your operations.

Understanding Write Protection in Siemens PLCs

Write protection is a security feature designed to prevent unauthorized modifications to the PLC program. This can be essential in maintaining the integrity and reliability of your automation system. Siemens PLCs offer several levels of protection, including write protection, know-how protection, and copy protection.

  • Write Protection: Prevents unintentional modification of the program.
  • Know-how Protection: Blocks of type OB, FB, FC, and global DBs can be protected with a password to prevent unauthorized access.
  • Copy Protection: Binds the code blocks to the serial number of the CPU or memory card, preventing the program from being copied to another device.

These protections are particularly useful in industrial environments where maintaining control over the program is critical.

Methods to Remove Write Protection

Using a Transfer Card

One effective method to remove write protection is by using an empty transfer card. This process involves erasing the internal load memory of the CPU, allowing you to download a new user program from the STEP 7 software.

  1. Prepare an Empty Transfer Card: Obtain an empty transfer card compatible with your Siemens PLC model.
  2. Erase Internal Load Memory: Insert the transfer card into the PLC to erase the internal load memory. This will delete the password-protected program.
  3. Download New Program: Use the STEP 7 software to download a new user program to the CPU.

Important: Always back up your PLC program before performing this procedure to avoid losing important data.

Changing Protection Settings via TIA Portal

The TIA Portal is Siemens’ integrated automation tool that allows you to configure and manage your PLCs. You can change protection settings through this software by following these steps:

  1. Access the TIA Portal: Open the TIA Portal and navigate to the project containing the PLC you want to modify.
  2. Open Device Configuration: Select the PLC and open the device configuration settings.
  3. Modify Protection Settings: Locate the protection settings and adjust them as needed. You can change the write protection level or disable it entirely.

Using the TIA Portal provides a straightforward way to manage your PLC’s security settings, ensuring you can make necessary changes without compromising the system’s integrity.

Password Recovery Techniques

If you have forgotten the password for a write-protected PLC, there are methods available to recover or reset it. Siemens forums and industry support provide valuable insights and community-driven solutions for these scenarios.

  • Use Official Support: Reach out to Siemens industry support for assistance with password recovery. They can provide specific steps and tools to help you regain access.
  • Community Solutions: Participate in Siemens forums where experienced users share their troubleshooting tips and solutions. For example, using a transfer card method or other recovery techniques.

Tip: Regularly update and securely store your passwords to prevent future access issues.

Best Practices for Managing PLC Write Protection

Managing write protection effectively is essential to maintain the security and functionality of your Siemens PLCs. Here are some best practices to follow:

  • Regular Backups: Always back up your PLC programs before making any changes to the protection settings. This ensures you have a copy of your data in case something goes wrong.
  • Proper Password Management: Use strong, unique passwords for your PLCs and update them regularly. Store them securely to prevent unauthorized access.
  • Combine Protection Methods: Use a combination of write protection, know-how protection, and copy protection to create a robust security framework for your PLC programs.

By following these best practices, you can ensure that your PLC programs remain secure and accessible when needed.

Understanding and Managing Different Protection Levels

Know-how Protection

Know-how protection is a block-level security feature that prevents unauthorized users from viewing or modifying the code within a block. This type of protection is essential for safeguarding proprietary logic and intellectual property within your PLC programs.

  • Enabling Know-how Protection: To enable know-how protection, right-click on the desired block (e.g., OB, FB, FC, or DB) within the TIA Portal project tree. Select “Properties,” then navigate to the “Protection” tab, and set a password. This will compile the block and apply the protection.
  • Managing Multiple Blocks: Know-how protection is not recursive, meaning you must individually set it for each block. However, you can select multiple blocks within the project tree and apply the protection simultaneously.

Visual Indicator: Once enabled, a lock icon will appear next to the protected block in the project tree, signaling that the block is secured.

Copy Protection

Copy protection adds an additional layer of security by binding the PLC program to specific hardware components, such as the CPU or memory card. This prevents unauthorized duplication and distribution of the program.

  • Binding to Serial Numbers: You can bind the program to the serial number of the CPU or the memory card. This ensures that the program can only run on the specified hardware.
    • Serial Number of Memory Card: The program will only run on the memory card with the designated serial number. If the card is copied or cloned, the program will not execute.
    • Serial Number of CPU: The program will only run on the designated CPU. If the CPU is replaced, the program will not function on the new hardware.

Implementation: To enable copy protection, navigate to the “Properties” tab of the block within TIA Portal, and select the appropriate binding option under the “Protection” settings.

Access Levels and Restrictions

Access levels control the degree of interaction users can have with the PLC program. These levels can be set during the configuration of the CPU within TIA Portal.

  • Full Access: This level allows unrestricted read and write access to the PLC program.
  • Read Access Only: Users can view but cannot modify the program without entering the password.
  • No Access: Users are completely restricted from reading or writing to the program without the password.

Combining Protection Methods: For enhanced security, it is recommended to combine access levels with know-how protection. This layered approach ensures that even if one security measure is bypassed, the others remain in effect.

Troubleshooting Common Issues

When dealing with write protection and other security features, you may encounter several common issues. Here are some solutions and expert tips to help you address these challenges effectively:

Problem: Forgot Password for Write-Protected PLC

Solution: Use an empty transfer card to reset the password. This method erases the internal load memory of the CPU, allowing you to re-download the user program. Always back up the program before performing this procedure.

Problem: Inability to Modify or Access PLC Program

Solution: Check the protection settings within TIA Portal. Ensure that the correct access level is set and that the password is known and entered correctly. If the program is bound to a specific hardware component, verify that you are using the correct CPU or memory card.

Problem: Write Protection Preventing Program Updates

Solution: Temporarily disable the write protection within TIA Portal by adjusting the protection settings. Make the necessary updates to the program, then re-enable the protection to secure the program.

Expert Tip: Regularly update and securely store your passwords. Consider using a password manager to keep track of passwords and ensure they are easily accessible when needed.


Effectively managing write protection and other security features in Siemens PLCs is crucial for maintaining the integrity and reliability of your automation systems. By understanding the different protection methods and using the appropriate tools and techniques, you can ensure that your PLC programs are both secure and accessible.

For more detailed guidance and professional support with Siemens PLCs, visit ControlNexus. Our team of experts is ready to assist you with all your industrial automation needs. Contact us today to learn more about our comprehensive range of services and solutions.

For further reading on Siemens PLCs, explore our extensive resources on topics like choosing between Siemens and Delta PLCsunderstanding Siemens PLC data types, and mastering Siemens PLC programming.


Leave a Reply

Your email address will not be published. Required fields are marked *

3 × 1 =


Subscribe now for exciting deals and updates.

Don't Miss Out on Exclusive Offers!