You need an account to access this content
Create a free account and get access to all downloads and more!
Cyber security
The world is becoming increasingly more connected, with more communications possibilities. This is especially true for the energy control industry, with remote access for greater operational flexibility becoming the norm. Remote monitoring and control enable users to save time and money, and also provide reliable data for making crucial business decisions.
However, this connectedness also increases need for stronger security protection to prevent harmful cyber attacks. We take cyber security seriously at ComAp and continuously enhance our solutions and products with new security features to protect your data and equipment.
Security by design
How we can ensure the best cyber security within our products?
That is the main question we ask ourselves when we start the development of our control products and software. As part of this process, we have developed five essential criteria for security:
- Secured firmware
- Communication ciphering
- Protection against brute-force attack
- Reliable user authentication
- System security against data leakage
Secured firmware
All new ComAp firmware is secured by encryption.
This prevents any firmware from being uploaded into non-genuine or modified ComAp products. It also means that the controller will not accept any non-encrypted firmware when someone tries to upload it.
Encrypted communication
All communication that occurs through public networks such using Ethernet, Internet, or AirGate, is bidirectionally secured by our special ComAp ciphering technology CCS. Our proprietary ciphering technology is based on proven cryptographic algorithms.
The technology has been audited by an external security audit company, and it has successfully passed all penetration tests.
Protection against brute-force attack
ComAp’s controllers feature brute force attack detection during the user authentication process.
If an attack is detected, the control unit is gradually blocked by prolonging the time between individual attempts to sign in, similar to a mobile phone preventing users to access the phone if the PIN is entered incorrectly too many times.
Reliable user authentication
ComAp controllers use authentication of unique user accounts to ensure only authorised personnel can access your equipment and data.
All user access is logged, and any activity under a particular login is recorded. In this way all user activities in the control device are tracked, and at the same time the controller administrators have can flexibly manage access rights.
System security against data leakage
If an administrator loses access to the controller, we use a robust mechanism to retrieve the administrator's access. The mechanism is based on a digital signature unique to the controller and requires double-factor authentication.
Only ComAp can grant the access back, which helps to prevent forgery and misuse by a non-authorized person.
Cyber Security Alerts & Advisories
| ID | Version | Document title | CVSS Score | Download |
|---|---|---|---|---|
| CA-VD-001 | V1 | Webserver interfaces vulnerability | 5.4 | Link |