Local security

Vorheriges Oben Nächstes Helps selection copy topic address english version

HMIs, human machine interfacesThin Client, ET/MT-5x7-...Security conceptLocal security


The following notes and information on safety and risks for Thin Clients apply to all units from firmware 4.0 onwards. Exceptions to this are pointed out explicitly.


Protection of firmware against manipulation by means of a closed system with exactly defined access options (OSD menu)

The Thin Client system provides only one exactly defined access option via the OSD menu or the system console. At no time is there any other access option to the system, also not during the boot process (e.g. via F8) or via specific Windows shortcuts (e.g. Strg-Alt-Del, Alt-F4, Alt-Tab, etc.).


Protection of the firmware against damage when the power supply is disconnected by means of FBWF (file-based write filter)

The Thin Client does not have to be shut down but can simply be switched off, because a filter mechanism prevents the system flash memory from reaching an inconsistent state. To this end, write access is re-routed to a RAM overlay. At each system start, the system is in a "fresh" state. This also means that the flash memory runs without any wear over many years.


Protection of unauthorised access by separating operator and configuration OSD menus with optional password protection

For a maximum of user comfort the password management is de-activated. However, the entire Thin Client configuration menu can be protected via a master password. In addition, all OSB operator actions (e.g. touch screen calibration, connection selection) can be protected by individual usaer passwords. It is possible to allocate access rights flexibly for each user password.


Protection against unauthorised access by means of (temporary) blocking of user input with password protection

As a default, the blocking and releasing of user input is not password protected, because it is necessary to prevent accidental input when cleaning the device during operations. As an option, however, passwords can abe allocated that turn the Thin Client into a pure monitoring station where remote operation of a connected server is only possible by authorised staff.


Protection against running of unauthorised programs from connected USB sticks

When inserting a USB stick the user gains no access to any programs thereon, and the system does not automatically execute any programs by means of auto-run mechanisms. During operations, USB sticks can only be used to import / export the Remote HMI configuration.


Prevention of phantom displays or phantom operations when connection is interrupted

By activating the TCP Keep-Alive mechanism the Thin Client can identify an interrupted connection within one second as a default, and will terminate the active Remote Client. This effectively prevents the permanent display of outdated information or buffering of operator input with subsequent uncontrolled operating processes when the connection is re-established.


Encoding of exported Thin Client configuration data

Configurations exported onto USB sticks are, as a rule, encoded to prevent unauthorised access to configured passwords (for the local OSB operation and remote connections) in case the stick falls into the wrong hands.


See also:

Kapitelseite Network security

Kapitelseite Remaining risks

Kapitelseite Password management


<< back