Meter firmware upgrades
The meters firmware must be upgraded to the latest version as soon as a new version is
available, to maintain performance. Honeywell will provide notification of important firmware
upgrades when available.
Server Upgrade:
The server software must also be upgraded when the latest version or patches are available. The
server must use the following minimum key sizes for secure management of the database,
software and key storage.
•
Minimum RSA Length: 3072 Bit
•
Minimum ECC Key-Size: 256 Bit
•
Minimum AES Key-Size: 128 Bit
•
Minimum Hash Algorithm: SHA-256
Safe disposal of consumption data
All the PCBs, which may contain sensitive software and/or personal data, must be disposed of
using a method which ensures that the data cannot be restored (e.g. shredding by a certified
waste disposal contractor).
Software Licenses
This device uses open source software. For further details, see www.docuthek.com.
Report security vulnerability
A security vulnerability is defined as a software defect or weakness that can be exploited to reduce the
operational or security capabilities of the software.
Honeywell investigates all reports of security vulnerabilities affecting Honeywell products and services.
For details on Honeywell security policy, visit https://www.honeywell.com/en-us/product-security.
To report a potential security vulnerability against any Honeywell product, please follow the instructions
at:
https://www.honeywell.com/en-us/product-security
To view information on current malware threats impacting the Industrial Control Industry please visit:
https://www.honeywellprocess.com/en-US/support/pages/default.aspx
or
contact the manufacturer.
Elster American Meter Company LLC
2221 Industrial Road
Nebraska City, NE 68410
© Elster American Meter Company LLC – 2020
under the Vulnerability Reporting section.
23