Backward compatibility
'Schneider Electric's Modicon controller family, some of the first PLCs on the market and described by the company as "still top of their class,"'
Designed and built when security wasn't at the forefront of engineers thinking. And now nobody wants to scrap millions of dollars invested in hardware and software to upgrade to 'the latest thing'. So in the rare instances in which one has to be changed out (and they can last decades), odds are that the newest plug in replacements have to emulate the older security protocols. That is to say, none.
The factory LAN on which these PLCs reside has to be made as secure as possible. Ethernet switches and routers that can be configured (and locked down) to reject any unknown MAC addresses. And a very restricted list of well cleaned workstations allowed on to do maintenance. I may be that once connected to the PLC network, 'anybody' can execute certain commands. And that may not be fixable. The task is then to limit the list of 'anybodys' with such access to a trusted group.