Skip to content

Security Information for Industrial Edge Apps

Security information (assumptions/constraints) for Industrial Edge Apps is as follows:

  • Only authorized internal operators will have access to Industrial Edge Device within a secure network using VPN connection.
  • Perimeter firewall configuration responsibility lies with the end customer.
  • The security guidelines for usage of USB Flash Drives in the shop floor area are applied accordingly.
  • Creating users with appropriate access rights upon commissioning is the responsibility of the operator.
  • The customer is responsible for configuring the application on the basis of the system requirements and technical capabilities of the documented App according to the Installation / User Manual such that the automation system performance is not impacted.
  • The system is installed in an environment ensuring that physical access is limited to authorized maintenance personnel only. Managing unauthorized attachment of removable devices is the responsibility of the operator.
  • The platform including hardware, firmware and operating system is securely configured and maintained by the operator.
  • The operator is capable of protecting the environment from malware infection.
  • Centralized IT security components (Active Directory, Centralized IT Logging Server) are provided and well secured by the operator and are trustworthy.
  • The operator personnel accessing the system is well trained in the usage of the system and general information security aspects like password handling, removable media, etc.
  • The operator is responsible for the CIA (Confidentiality, Integrity and Availability) of data stored outside the Industrial Edge Device.
  • The operator is responsible for configuring the CPUs with appropriate read/write access levels (legitimization), and for configuring the Industrial Edge Apps using appropriate passwords for data collection from CPUs.
  • The customer takes care about the time synchronization of Industrial Edge Management and Industrial Edge Device.

Except where otherwise noted, content on this site is licensed under the Siemens Inner Source License .