Iran’s Nuke Reactor Attack Spurs China; Ditches German, French PLCs For Domestic Tech At Xiluodu Dam

China has completed a significant technology shift at one of its largest energy projects. The Xiluodu Dam, a massive hydropower station on the Jinsha River, has replaced its long-standing German and French industrial control systems with equipment designed and built entirely in China.

The change, announced by Loongson Technology, is part of a broader national effort to strengthen critical infrastructure against cyber threats and reduce reliance on foreign suppliers.

Moving Away From Foreign Control Systems

For years, the Xiluodu Dam relied on programmable logic controllers, or PLCs, supplied by German giant Siemens and French firm Schneider Electric. These devices form the “nervous system” of industrial operations, handling the automated control of machinery, valves, and turbines.

On August 4, Loongson confirmed that all such foreign-made PLCs at Xiluodu had been replaced with the NJ400 series PLC, developed by Atekon Technology and powered by Loongson’s own 3C6000 processors.

The new setup runs on an open-source Linux operating system, has a built-in industrial Ethernet interface, and is designed to withstand the harsh physical conditions of a large hydropower station.

According to Loongson, this marks the complete localisation of the dam’s core control equipment.

“It provides a solid technological base for long-term safe and stable operation using independent and controllable technology,” the company said in its statement.

The same NJ400 series has already been deployed at other landmark Chinese hydropower projects, including the Three Gorges and Xiangjiaba dams.

‘South China Morning Post’, citing Loongson, reported that the switch reflects China’s broader strategy to replace Western-made industrial chips amid security and supply chain concerns.

Why Xiluodu Matters?

Xiluodu is not just any dam. It is China’s third-largest hydropower station after the Three Gorges and Baihetan dams, and the fourth largest in the world. It is also the fifth-tallest dam globally.

The double-curvature arch structure rises 285.5 meters above the river and stretches 700 meters across. Its reservoir holds 12.67 billion cubic metres of water, with nearly half of that serving as active storage for electricity generation.

Eighteen turbine generators, each capable of producing 770 megawatts, give the station a total installed capacity of 13.86 gigawatts. On average, it produces 57.12 terawatt-hours of electricity annually.

Construction was phased, with the first units going online in July 2013 and the final unit connecting to the grid in June 2014. The dam straddles two provinces, Yongshan County in Yunnan on one side and Leibo County in Sichuan on the other, with nine turbines installed on each bank.

Given its size and role in China’s power grid, the security and reliability of Xiluodu’s control systems are critical.

Loongson’s Path From Lab To Strategic Industry Player

Loongson Technology began as part of the Institute of Computing Technology under the Chinese Academy of Sciences, the country’s leading research institution.

Founded in 2001, the project was spun off as a commercial company in 2011 to bring its innovations to market. Since then, Loongson has played a central role in China’s effort to reduce dependence on Western technology.

Its signature product line, the Loongson series of central processing units (CPUs), has been in continuous development since the company’s early days at the institute.

In 2017, the ‘domestic Loongson’ NJ400 PLC was showcased at the third China Civil Military Integration Technology and Equipment Exhibition.

In March 2023, the US Commerce Department placed Loongson, along with dozens of other Chinese firms, on a trade blacklist, alleging that it had used US technology to aid the modernisation of China’s military.

Last month, Loongson introduced its next-generation general-purpose processor, the 3C6000. Built entirely on its self-developed LoongArch instruction set architecture, it eliminates the need for foreign technology licences or reliance on overseas supply chains.

Understand PLCs & Why They Matter?

A programmable logic controller, or PLC, is a specialised digital control system built for industrial use. It functions like a compact computer, designed to automate machinery and processes.

In operation, a PLC receives input from sensors, processes that data according to pre-programmed instructions, and then controls outputs such as motors, pumps, or valves. This allows factories, plants, and other facilities to run equipment efficiently and reliably. PLCs are engineered to endure harsh industrial conditions, making them essential for assembly lines, manufacturing operations, and building automation.

Automation, in this context, means using technology to carry out tasks with little or no human involvement.

PLCs are a backbone technology for industrial control systems across critical sectors, including power generation, petrochemicals, chemicals, rail transit, shipping, coal mining, thermal power, and metallurgy.

Their built-in information security features are particularly important given the role they play in the functioning of vital infrastructure.

Atekon, founded in 2008, specialises in remote industrial control systems of this kind. Its NJ400 series PLCs have replaced the Schneider Premium and Siemens S7-300 models previously used at the Xiluodu hydropower station, according to Loongson.

Lessons From Stuxnet

Concerns over the security of industrial control systems have grown in recent years, partly due to past cyberattacks such as the Stuxnet incident, which reportedly exploited Siemens PLCs to sabotage Iran’s nuclear programme more than a decade ago.

In June 2009, as protests unfolded in Tehran over a disputed presidential election, the CIA received approval to launch a cyber operation against Iran’s Natanz nuclear facility.

Working with Israeli intelligence, the agency deployed a highly sophisticated piece of malware called Stuxnet, now regarded as the world’s first digital weapon.

The malware targeted centrifuges used in uranium enrichment, causing them to operate at damaging speeds until they burned out. While the sabotage was initially aimed at Natanz, variations of the virus later emerged that could target other facilities, including water treatment plants, power stations, and gas pipelines.

Technically, Stuxnet was a multi-part computer worm that spread via infected USB drives and Microsoft Windows systems. It searched compromised computers for Siemens Step 7 software, which is used by PLCs to control and monitor electromechanical equipment.

Once it found a target, the malware updated itself over the internet and sent malicious commands to the connected equipment while feeding back false data to control operators. This deception meant the sabotage could go unnoticed until the equipment physically failed.

Discovered in 2010, Stuxnet drew global attention as the first known cyberweapon capable of damaging physical infrastructure. It marked a turning point in the understanding of how digital tools could be used in state-level intelligence and sabotage operations.

The Broader Strategy

China’s decision to replace foreign PLCs at Xiluodu is part of a wider pattern. The government has been investing heavily in developing domestic alternatives for key technologies, from semiconductors to industrial software, to ensure that its most important infrastructure is not dependent on foreign parts and vulnerable to external control.

The move also reflects concerns over potential supply chain disruptions. Political tensions, trade restrictions, or sanctions could cut off access to replacement parts or software updates for foreign-made equipment. By building and deploying systems based entirely on Chinese technology, operators can avoid such risks.

The combination of Loongson’s home-grown processors, Atekon’s PLC design, and open source operating software fits into this strategy. It also allows for tighter integration of cybersecurity measures tailored to China’s specific infrastructure and threat assessments.

Beyond The Dam

While Xiluodu is a flagship example, the same approach is being applied elsewhere.

Loongson’s NJ400 PLCs are already running at the Three Gorges Dam, the world’s largest hydropower station, and at the Xiangjiaba Dam. Given the size and strategic importance of these facilities, securing their control systems is seen as a priority.

As China continues to expand its renewable energy capacity, including large-scale hydropower, wind, and solar projects, the demand for domestically controlled automation systems is likely to grow.