As emerging attacks increasingly target Industrial Control Systems (ICS), the security of Programmable Logic Controllers (PLCs) has become a critical concern. Binary Code Analysis (BCA), which enables analysts to analyze compiled programs, is essential for ICS security tasks such as deployed-binary auditing. However, automated BCA for PLC binaries remains challenging due to three key issues: heterogeneous binary formats across PLC platforms, entangled program semantics with runtime code, and limited semantic representations for downstream tasks. To resolve these challenges, we present PLC-BinX, a cross-platform BCA framework for PLC binaries. PLC-BinX applies a three-stage PLC binary analysis workflow, including cross-platform reverse engineering, core function identification, and function-level semantic representation, to analyze PLC binaries from four platforms: CODESYS v3, GEB, OpenPLC v2, and OpenPLC v3. We evaluate PLC-BinX on PLC-BEAD, which contains 2,431 PLC binaries across four platforms, using two downstream tasks: toolchain prediction and functionality prediction. Experimental results show that PLC-BinX achieves 100.00% precision, recall, and F1 in toolchain prediction, and 51.43% precision, 49.38% recall, and 49.18% F1 in functionality prediction over 22 labels. These results demonstrate that PLC-BinX can transform raw PLC binaries into effective function-level semantic representations for PLC binary code analysis.

翻译：暂无翻译