System security – Rockwell Automation AADvance Controller Safety Manual User Manual







4-50

Document: 553630

ICSTT-RM446K-EN-P Issue: 10

_C

Safety Manual (AADvance Controller)

System Security

Serial networks are closed and local and have limited protocol functionality,
therefore, immune to any external attack except local deliberate sabotage. The

AADvance system, however, with its workstations and DCS interfaces, uses

Ethernet networks which tend to be part of a larger corporate network and
can expose the system to accidental or malicious infection or attack.
There are some simple steps that can be taken to help prevent such issues:



Network and workstation security should be considered, for example:



AADvance should not be on a network with open unsecured access to the

Internet.



The Firewall must be active on the Workstation, preventing access to the
relevant Ethernet ports on each communication interface. Anti-virus

software must be installed and be kept up-to-date.

Note: Firewalls have been known to affect the operation of the AADvance
Discovery tool



The workstation should be password protected. If the workstation is a

laptop, it should be kept locked when not in use.



If the workstation uses a hardware license USB dongle it should be kept

secure, without it the workstation will not run.



The application should be password protected.



Removable media, such as USB storage devices and CDs, should be virus

checked before use within the system.



The program enable key must be inserted into the processor base unit
to let you change the application or I/O configuration. Make sure the key is

removed when the changes ae finished. .