Interface Protection
The operation of the embedded spectroscopy system generates measurement results which are communicated through a process interface to the manufacturing control system. In the conception of industry 4.0, some of the data may be passed to further internal or external communication layers e.g. for data access or cloud storage. In addition, a temporary connection to a PC is used for parameter setting and monitoring purposes.
Facing the fact that these interfaces are vital for the embedded spectroscopy system, a sound concept for the protection of the instrument against cyber-attacks and -threats has to be implemented.
In the first place, the communication interfaces of the tecSaaS® platform and the paths for access are limited to the ones which are absolutely required. In addition, to provide a suitable level of protection, up-to-date and robust methods of encryption and hashing were implemented for the authentication and signing of users and data files [SHA-2 and RSA].
Protection against unauthorized access is realized by several user login levels, each of them with suitable permissions and obligatory password. In this way, the administration of the device and its measurement methods can be effectively limited to persons actually entitled to perform these operations.
An authentication in intervals is used for communication with the monitoring and parameterization tool [MPT] software on a PC. Local pairs of encryption keys are generated by random numbers, produced by the instrument. In this way, it is not possible to gain access to instruments by deducting the key from a known hardware property.
For further product information please click here, or if you have any questions do not hesitate to contact us: embedded@tec5.com
Facing the fact that these interfaces are vital for the embedded spectroscopy system, a sound concept for the protection of the instrument against cyber-attacks and -threats has to be implemented.
In the first place, the communication interfaces of the tecSaaS® platform and the paths for access are limited to the ones which are absolutely required. In addition, to provide a suitable level of protection, up-to-date and robust methods of encryption and hashing were implemented for the authentication and signing of users and data files [SHA-2 and RSA].
Protection against unauthorized access is realized by several user login levels, each of them with suitable permissions and obligatory password. In this way, the administration of the device and its measurement methods can be effectively limited to persons actually entitled to perform these operations.
An authentication in intervals is used for communication with the monitoring and parameterization tool [MPT] software on a PC. Local pairs of encryption keys are generated by random numbers, produced by the instrument. In this way, it is not possible to gain access to instruments by deducting the key from a known hardware property.
For further product information please click here, or if you have any questions do not hesitate to contact us: embedded@tec5.com
