Secure Coding Practices for PLC’s

We have learned that secure coding practices in application development can dramatically reduce the number of bugs and exploitable vulnerability. Are there or should there be secure coding / programming practices for PLC’s? Of course the answer is yes. Jake Brodsky of Jacobs provides important examples of Security Coding Practices for PLC’s on the S4x20 Stage 2: Technical Deep Dives. He points out that it is too often assumed that bad things won’t happen because the HMI won’t send such a command, but what if it is an attacker who chooses not to use or respect the HMI limitations.