Programmable Logic Controllers (PLCs) are crucial for driving various industrial processes such as water treatment, electricity, and fuel distribution. Exposure to internet vulnerabilities stems largely from their security misconfigurations. This study highlights the usability challenges in configuring PLC security settings:

• Investigation findings: Presented through a task-based study and semi-structured interviews (N=19).
• Usability issues: Stem from unfamiliar labels, layouts, and terminology.
• Misconceptions and design constraints: Exacerbated by safety and update inflexibility due to long-term system nature.
• Design recommendations: Provided to enhance usable security in industrial environments.

Significance: This work is a pioneering investigation into PLC security usability, emphasizing the critical need for user-friendly security settings to prevent misconfigurations. Further research could explore more on adaptive designs that align with current IT advancements.