Programs, Viruses And Malicious Programs; Cybersecurity Disclaimer For Products - B&R Automation PC 3100 User Manual

General safety guidelines

2.6.3 Programs, viruses and malicious programs

Any data exchange or installation of software using data storage media (e.g. floppy disk, CD-ROM, USB flash
drive) or via networks or the Internet poses a potential threat to the system. It is the direct responsibility of the user
to avert these dangers and to take appropriate measures such as virus protection programs and firewalls to protect
against them and to use only software from trustworthy sources.

2.7 Cybersecurity disclaimer for products

B&R products communicate via a network interface and were developed for secure connection with internal and,
if necessary, other networks such as the Internet.
Information:
In the following, B&R products are referred to as "product" and all types of networks (e.g. internal
networks and the Internet) are referred to as "network".
It is the sole responsibility of the customer to establish and continuously ensure a secure connection between
the product and the network. In addition, appropriate security measures must be implemented and maintained
to protect the product and entire network from any security breaches, unauthorized access, interference, digital
intrusion, data leakage and/or theft of data or information.
B&R Industrial Automation GmbH and its subsidiaries are not liable for damages and/or losses in connection
with security breaches, unauthorized access, interference, digital intrusion, data leakage and/or theft of data or
information.
The aforementioned appropriate security measures include, for example:
• Segmentation of the network (e.g. separation of the IT network from the control network
• Use of firewalls
• Use of authentication mechanisms
• Encryption of data
• Use of anti-malware software
Before B&R releases products or updates, they are subjected to appropriate functional testing. Independently of
this, we recommend that our customers develop their own test processes in order to be able to check the effects
of changes in advance. Such changes include, for example:
• Installation of product updates
• Significant system modifications such as configuration changes
• Deployment of updates or patches for third-party software (non-B&R software)
• Hardware replacement
These tests should ensure that implemented security measures remain effective and that systems in the customer's
environment behave as expected.
The term "control network" refers to computer networks used to connect control systems. The control network can be divided into zones, and there can be
1)
several separate control networks within a company or site. The term "control systems" refers to all types of B&R products such as controllers (e.g. X20), HMI
systems (e.g. Power Panel T30), process control systems (e.g. APROL) and supporting systems such as engineering workstations with Automation Studio.
12
)
1)
Automation PC 3100 User's manual V 2.10