Honeywell SmartLine STIW400 User Manual page 14

1. Introduction
1.4. Security Considerations
Firmware image for this transmitter is protected by Honeywell PKI signing process. This ensures
that only firmware that has a valid signature can be used to update the transmitter. If the new
firmware image fails signature validation, it will be discarded and the transmitter will continue
operate with previous version of the firmware. Boot loader also validates the signature of the
current running firmware image in the flash storage every time transmitter powers up. If the flash
firmware signature validation fails, transmitter will not transition to operational mode and
appropriate error message will be displayed on the local display.
This transmitter supports battery power option. It is important to review and follow the
recommendations in Battery Power Option Chapter for safe and secure operation of the battery
powered devices. Transmitter continuously monitors battery status that can be accessed using
wireless interface or local display. Low battery alarm will be issued by the transmitter if the
battery power dips below critical level. Batteries must be replaced as soon as possible when
battery power is low for secure operation of the device.
It is the responsibility of the end-user to establish measures that designed to deny unauthorized
access and ensure physical security of the transmitter and associated equipment. Following the
security best practices outlined below makes the deployment as secure as possible.
•
Transmitter must be installed in a physically secure location and limit the access to only
authorized personnel.
•
The handheld provision device must be protected with a strong alpha-numeric passcode
and must be stored in a physically secure storage.
•
Load the handheld provisioning device with only the adequate number of keys to
provision all the devices and set the expiration to a reasonable limit.
•
Erase all the security keys from the handheld provisioning device, before returning the
device to storage to prevent unauthorized use.
•
Wireless signal strength may vary due to physical changes around transmitter or
environment conditions. Periodically check wireless signal strength and take necessary
action to ensure optimum signal level.
•
Periodically check battery power status. Replace batteries as needed.
How to Report Security Vulnerability
A security vulnerability is defined as a software defect or weakness that can be exploited to
modify the operational or security capabilities of the product. Honeywell investigates all reports
of security vulnerabilities affecting Honeywell products and services very seriously. To report a
potential security vulnerability against any Honeywell product, please navigate to
https://honeywell.com/pages/vulnerabilityreporting.aspx, click on Vulnerability Reporting in the
left menu and follow the instructions.
2 SmartLine Wireless Temperature and Universal I/O User's Manual Revision 1