Programs, Viruses And Malicious Programs; Security Concept - B&R Automation Panel 1000 User Manual

General safety guidelines

2.6.3 Programs, viruses and malicious programs

Any data exchange or installation of software using data storage media (e.g. floppy disk, CD-ROM, USB flash
drive, etc.) or via networks or the Internet poses a potential threat to the system. It is the direct responsibility of the
user to avert these dangers and to take appropriate measures such as virus protection programs, firewalls, etc. to
protect against them and to use only software from trustworthy sources.

2.7 Security concept

B&R products communicate via a network interface and were developed for integration into a secure network. The
network and B&R products are affected by the following hazards (not a complete list):
• Unauthorized access
• Digital intrusion
• Data leakage
• Data theft
• A variety of other types of IT security breaches
It is the responsibility of the operator to provide and maintain a secure connection between B&R products and the
internal network as well as other networks, such as the Internet, if necessary. The following measures and security
solutions are suitable for this purpose:
• Segmentation of the network (e.g. separation of the IT and OT networks)
• Firewalls for the secure connection of network segments
• Implementation of a security-optimized user account and password concept
• Intrusion prevention and authentication systems
• Endpoint security solutions with modules for anti-malware, data leakage prevention, etc.
• Data encryption
It is the responsibility of the operator to take appropriate measures and to implement effective security solutions.
B&R Industrial Automation GmbH and its subsidiaries are not liable for damages and/or losses resulting from, for
example, IT security breaches, unauthorized access, digital intrusion, data leakage and/or data theft.
Before B&R releases products or updates, they are subjected to appropriate functional testing. Independently of
this, the development of customized test processes is recommended in order to be able to check the effects of
changes in advance. Such changes include, for example:
• Installation of product updates
• Notable system modifications such as configuration changes
• Import of updates or patches for third-party software (non-B&R software)
• Hardware replacement
These tests should ensure that implemented security measures remain effective and that systems behave as
expected.
12 Automation Panel 1000 user's manual V2.00