Security Information for Industrial Edge Apps - Manual - Ethernet IP Connector - Industrial Edge - Industrial Edge App

Ethernet IP Connector

Product
Ethernet IP Connector
Product Version
v3.1
Edition
10/2024
Language
en-US (original)

Security information (assumptions/constraints) for Industrial Edge Apps is as follows:

  • Only authorized internal operators will have access to Industrial Edge Device within a secure network using VPN connection.
  • Perimeter firewall configuration responsibility lies with the end customer.
  • The security guidelines for usage of USB Flash Drives in the shop floor area are applied accordingly.
  • Creating users with appropriate access rights upon commissioning is the responsibility of the operator.
  • The customer is responsible for configuring the application on the basis of the system requirements and technical capabilities of the documented App according to the Installation / User Manual such that the automation system performance is not impacted.
  • The system is installed in an environment ensuring that physical access is limited to authorized maintenance personnel only. Managing unauthorized attachment of removable devices is the responsibility of the operator.
  • The platform including hardware, firmware and operating system is securely configured and maintained by the operator.
  • The operator is capable of protecting the environment from malware infection.
  • Centralized IT security components (Active Directory, Centralized IT Logging Server) are provided and well secured by the operator and are trustworthy.
  • The operator personnel accessing the system is well trained in the usage of the system and general information security aspects like password handling, removable media, etc.
  • The operator is responsible for the CIA (Confidentiality, Integrity and Availability) of data stored outside the Industrial Edge Device.
  • The operator is responsible for configuring the PLCs with appropriate read/write authorizations (legitimization) and for configuring the Industrial Edge apps with suitable passwords for acquiring data from PLCs.
  • The customer takes care about the time synchronization of Industrial Edge Management and Industrial Edge Device.