Windows 10 was released back in 29th of July 2015. Today, more than 10 years after the release, Windows 10 officially retires as it will stop receiving security updates from Microsoft. This means that any discovered vulnerabilities will not be patched, making a system running Windows 10 vulnerable for various kinds of attacks as time progresses. What impact does it have on me as a Beckhoff/TwinCAT PLC user?

It depends on whether we are referring to the engineering or runtime environment. Let me clarify.

The two editions that will stop receiving security updates are Windows 10 home edition and Windows 10 professional edition. This is what the vast majority of desktop computers running Windows 10 are running, and what you are most likely currently running on your desktop machine for your TwinCAT development unless you are already running Windows 11. These editions are what are commonly referred to the “End user” editions. If you are running of these on your development/engineering machine, whether that’s directly on the metal or a virtual machine, you should consider upgrading to Windows 11.

What about all the Beckhoff PLCs running Windows 10 then? I’m going to start with saying that I’m going to avoid the discussion entirely of how much you should expose your systems to the Internet in the first place. But from the perspective of security updates, there is no rush. Beckhoff are using something called LTSB/LTSC (Long-Term Servicing Channel) editions of Windows 10, which are put in the category of “Mission Critical”. Microsoft will continue to provide security updates for these also after today. The three editions of Windows 10 that Beckhoff are providing with their PLCs and their extended support end date are:

1. Windows 10 2016 LTSB, October 13 2026
2. Windows 10 2019 LTSB, January 9 2029
3. Windows 10 2021 LTSC, January 13 2032

Source

You can get access to these updates directly from Microsoft or through Beckhoff.

In other words, there is no big hurry to replace your PLCs/runtimes. Typically many machine builders and end-users don’t update their runtime systems anyway, as they either isolate them from the Internet or don’t connect them to the Internet at all. What I often encounter in the industry are machines with much older operating systems than Windows 10 running on them (I’ve even seen machines with Windows 3.x and DOS on them). My point is that these dates might not matter, as long as you take the correct precautions and measurements for keeping your systems isolated. Even though the EOL (end-of-life) is still quite far away, Beckhoff will at some point in time decide to not release any new software for their TwinCAT ecosystem for Windows 10. My guess that this is not anytime soon, but it’s just another consideration to factor in. For example, this is what happened with Windows CE, when Beckhoff decided that TwinCAT 4026 will not be supported on that operating system. With that being said, the extended support for Windows CE 7 ended on April 13 2021 to give you a comparison.

Personally I’ve already upgraded all my engineering machines (be it physical/VMs) that I’m using for TwinCAT development to Windows 11, while I have not yet (so far) bought any PLC with Windows 11 for any of my clients projects. I haven’t had the opportunity to test the Beckhoff images for Windows 11 yet. Considering that I’ve started to use Tc/BSD (and probably soon will start to use Beckhoff RT Linux), I’m not so sure how much Windows 11 I will actually use on the runtime system now that other alternatives are emerging. Here Beckhoff are providing very attractive alternatives to Windows on the runtime system. What I end up using for every project is mostly driven by customer requirements so only time will tell which operating system I’ll mostly be using in the coming years.

With the EOL for the general Windows 10 an era goes to its end. I imagine that 20 years from now I will be thinking back to Windows 10 as a nostalgic memory of an operating system that was what I wish Windows 8 was.