Thank you for the suggestion about configuring the PLC as slave. I was thinking the same, mostly because it looks much simpler to implement for the technician. I don't care about confidentiality of the data transmitted, but I do care about authenticity and integrity. By using ModBus over TCP, these two requirements should be completely satisfied.
From what I read online, anyway, it seems like once the PLC is connected to the network and enabled for ModBus, it will execute any received command, including reading and writing potentially sensitive registers. This is the very scary part: it would make the whole project absolutely unfeasible.
The plant will be soon wired and connected to the internet through a router connected to the various PLCs. I will not be able to set up a pc between the router and the single machines. With the router filtering requests by IP address (and by TCP port/MAC address) the problem should be eased a bit, but I would still not feel completely ok.
Does Unitronics provide any form of access control on the ModBus protocol? Could the technician disable the sensitive registers from being read/write through ModBus and only expose the registers we need? What if I configure the PLC as a master?