What is TCP?
TCP stands for Transmission Control Protocol and is a reliable, connection-oriented transport protocol within the internet protocol stack. TCP ensures that data arrives correctly, completely and in the right order between two devices on a network.
In OT networks, TCP is widely used for communication between SCADA, PLCs, Historian systems and engineering stations – for instance with protocols such as Modbus TCP, OPC UA or HTTP.
🧠 How does TCP work?
- TCP performs a 3-way handshake to establish a connection:
- SYN → SYN-ACK → ACK
- Data is then sent in numbered segments, with receipt confirmed by ACKs
- If segments are lost, they are retransmitted
- Traffic is buffered, ordered and reliably delivered
- The connection is closed cleanly via a 4-step shutdown (FIN-ACK sequence)
TCP runs on top of IP, at Layer 4 (transport layer) of the OSI model.
🏭 Application of TCP in industrial networks
- Modbus TCP between HMI, SCADA and PLCs
- OPC UA traffic from sensors and field equipment to Historian or MES
- Web servers or REST APIs on industrial components
- Engineering software connecting to devices via TCP/IP
- Connections via VPN, Remote Access or Jump Server to OT systems
TCP is used as the reliable transport mechanism for virtually all modern industrial communication applications.
🔍 TCP vs. UDP
| Aspect | TCP | UDP |
|---|---|---|
| Reliability | Yes – acknowledgement and error correction | No – best effort |
| Connection-oriented | Yes | No |
| Use in OT | For critical or logical communication | For fast, time-critical applications |
| Examples | Modbus TCP, OPC UA, HTTP | SNMP, PTP, Syslog, VoIP |
🔐 Security aspects
- TCP traffic can be intercepted or manipulated without encryption
- Use protocols such as TLS or VPN to encrypt traffic
- Monitor TCP ports via Firewall and SIEM to detect unwanted connections
- Restrict accessible ports via ACL and Port Security
- Beware of SYN-flood attacks (DoS) – use rate limiting and intrusion detection
In industrial networks, segmentation and logging of TCP traffic are essential for security and troubleshooting.
📌 In summary
TCP is the foundation for reliable network communication, including in industrial environments. Thanks to its error correction and acknowledgement mechanisms, TCP is ideal for protocols where accuracy is more important than speed.