X20(c)SA4430
36
Data sheet V1.141 X20(c)SA4430 Translation of the original documentation
16.3 Security concept
B&R products communicate via a network interface and were developed for integration into a secure network. The
network and B&R products are affected by the following hazards (not a complete list):
•
Unauthorized access
•
Digital intrusion
•
Data leakage
•
Data theft
•
A variety of other types of IT security breaches
It is the responsibility of the operator to provide and maintain a secure connection between B&R products and the
internal network as well as other networks, such as the Internet, if necessary. The following measures and security
solutions are suitable for this purpose:
•
Segmentation of the network (e.g. separation of the IT and OT networks)
•
Firewalls for the secure connection of network segments
•
Implementation of a security-optimized user account and password concept
•
Intrusion prevention and authentication systems
•
Endpoint security solutions with modules for anti-malware, data leakage prevention, etc.
•
Data encryption
It is the responsibility of the operator to take appropriate measures and to implement effective security solutions.
B&R Industrial Automation GmbH and its subsidiaries are not liable for damages and/or losses resulting from, for
example, IT security breaches, unauthorized access, digital intrusion, data leakage and/or data theft.
Before B&R releases products or updates, they are subjected to appropriate functional testing. Independently of
this, the development of customized test processes is recommended in order to be able to check the effects of
changes in advance. Such changes include, for example:
•
Installation of product updates
•
Notable system modifications such as configuration changes
•
Import of updates or patches for third-party software (non-B&R software)
•
Hardware replacement
These tests should ensure that implemented security measures remain effective and that systems behave as
expected.
