we’re asked by our cybersecurity team how (application) software updates can be securely installed on the used PLC (in our case Power Panel C50).
I have seen that signatures are used by B&R for installing the TerminalOS of the C50. Is there a possibility to sign the update package of our application software as well? We’re using the install method via USB, where I generate the install package in AS. I could not find any information in the AS help.
The second question was, if there are any control mechanisms implemented when starting the application on startup. Is the bootloader performing any checks of a valid and unmanipulated application?
Option 1: update software via USB Flash drive.
Is quite similar to the previous version, the point is that the upgrade is performed at the start-up of the application and not by request of the application.
In this method (the one that you are using) there is no option for certificates.
Option 2. Installing a project installation package from the network
You can use the option to have a FTP service.
this will requiere a SSL connection, and that connection requieres certificates
It means, that the PLC will place a “no signed-project” in a folder where is mandatory to access there to be “signed”.
Option 3: update software via application and library ArProject B&R Online Help (br-automation.com)
You can have a package, prepared in the USB memory, and via applicatiopn update.
There is options to check Configuration ID and Configuration version.
There is no way to use certificates linked to the package itself
The second question was, if there are any control mechanisms implemented when starting the application on startup. Is the bootloader performing any checks of a valid and unmanipulated application?
The answer is no. limitations verifications are described in the “point 3”
Ideas to increase de cibersecurity
1-dissabe the USB installation per default
2-use the installation via FTP via network + SSL.