Securing Your Automation1 Controller

This page supplies an overview of how to set up your controller and use Automation1 securely.

Physical Security

The first and most important part of securing your controller is to make sure that your controller is physically secure. Aerotech recommends that the controller that runs Automation1 iSMC is physically locked with a key. Access should be given to as few individuals as possible for as little time as possible.

Unknown USB devices should not be plugged into the PC that is running Automation1.

Securing your Network

This section is mostly about MDK to iSMC communication. See Platform Architecture for more information.

The Automation1 controller is a standalone device on your network, which means that the device is not part of the structure of your network. Aerotech recommends that you use a local USB connection for drive-based controllers or run the MDK and iSMC on the same PC for PC-based controllers if you are using a remote connection. When possible, keep your Automation1 controller on an isolated network.

Aerotech recommends that you configure your firewall to only expose ports 12200 and 12205 because these are necessary for connecting your controller. To do this, Aerotech recommends that you use the firewall on your PC-based controller and set up a hardware firewall between your network and your drive-based controller to block all other ports. Your firewall may have to expose more ports if some features such as Network Time Protocol (NTP) are configured on your controller.

Follow these good networking security practices:

  • Use firewalls.

  • Regularly update and patch software.

  • Monitor network activity.

  • Give the minimal level of permissions and access to users.

Secure Communication

Automation1 supports secure communication between the MDK and iSMC that is authenticated and encrypted (with TLS).

Each Automation1 controller has a unique digital certificate for authentication. To establish secure communications with an Automation1 controller, you must first get the certificate of the controller. The first time that you connect, you can get it through a private channel or by using a process named trust-on-first-use. To make sure that you connect to the correct controller and get the correct certificate, Aerotech recommends that you connect over a private channel. To do this, use one of the methods that follow:

  • For drive-based controllers, connect over USB.
  • For PC-based controllers, connect locally on the same PC.

If you connect for the first time in Studio to a PC-based controller over a local connection or a drive-based controller over USB, Studio will automatically trust and save the certificate for you.

For a remote connection, make sure that you fully trust your network and are connecting to the correct controller. Then you can trust the certificate that is supplied by the controller to which you are connecting.

If you are connecting remotely to the controller through Studio or the APIs and you are not sure about this connection, you must manually get the certificate of the controller. Then make sure that it matches the certificate of the controller to which you are connecting. Refer to the procedure that follows.

  1. Open Automation1 Console on a PC that has one of the conditions that follow:
    • The iSMC is running on the PC that you want to use with a PC-based controller.
    • The PC is connected to a drive-based controller over USB.
    • The PC is on a network with the controller that you fully trust.
  2. In Console, issue the connect command to connect to the controller. To see all of the options for this command, enter connect -h.
  3. After you connect to the controller, issue a security certificate get command to show the certificate. Then record the certificate. You can also save the certificate to a file by adding an -f flag and a directory path to the command.

After you read this page, you can get more information about secure communication. For information about secure communication and Studio, see Automation1 Studio. For information about secure communication and the APIs, see the Connect to the Controller Securely section of the .NET API Controller, C API Controller, and Python API Controller pages.

WARNING: When you establish a secure connection to the controller with Automation1 Studio or the APIs, it will encrypt data that is sent over the Ethernet port on your controller. Data will not be encrypted when you make the connection types that follow:

  • Connect to the controller through Automation1 Console.
  • Use the Industrial Ethernet A and B ports on your controller to connect to external Modbus or EtherCAT devices.

IMPORTANT: To secure your controller, use secure communication with a secure network, and obey best practices for network security.

Regenerating the Certificate of a Controller

To make sure that no interruptions occur during controller operations, an Automation1 controller certificate does not expire automatically. Aerotech recommends that you manually regenerate the certificate each year or if you think the controller is compromised. Refer to the procedure that follows.

  1. Synchronize the time on your controller to match the time on the PC that you are using to connect to it. For information about how to do this, see Date and Time Configurations.
  2. Open Automation1 Console. Then connect to the controller over a local connection for PC-based controllers, USB for drive-based controllers, or over a network that you fully trust by using the connect command. To see all of the options for this Console command, enter connect -h.
  3. Issue the command that follows: security certificate regenerate.
  4. Power cycle the controller.
  5. Connect to the controller again through Automation1 Console.
  6. Issue the security certificate get command to show the certificate. Then record the certificate. You can also save the certificate to a file by adding an -f flag and a directory path to the command.
  7. Connect to the controller from each client and make sure that the certificate you see matches the new one that you generated.

IMPORTANT: If you regenerate the certificate of a controller, you must reaccept the certificate from each client that you use in order to reconnect to the controller.

Access Control and User Management

Automation1 Access Control lets you configure your Automation1 controller to put a limit on the number of users who can get access to it. You can also limit the operations that users can do. By default, access control is disabled on the controller. You must configure access control through Automation1 Studio to turn it on. You also have to turn on access control if you use secure communication.

Access Control Best Practices

Use the best practices that follow with Automation1 Access Control: 

  • Use current best practices when creating passwords.

  • Use the principle of least privilege. Only give users permissions that are necessary for performing their jobs. Administrators should also have a non-administrative account. They should only use their administrative account when they must do work that uses administrative privileges.

  • When users log in for the first time, make sure that they change their password from the default password that was set by administration.

  • Changes passwords for accounts that you think are possibly compromised.

  • Use access control with secure communication in the APIs.

  • Make sure to lock the PC or log out of the controller when away from the PC.

To learn more about Access Control and how to use it, refer to the Access Control page.

General Recommendations for Securing your Controller

Use the recommendations that follow to help keep your controller secure:

  • Make regular backups of your controller by downloading Machine Controller Definition Files. Store the backups in a secure location.

  • Be careful when you use features that execute arbitrary code on the controller, such as Callbacks and C Transformations. Make sure that you trust the code that will run.

  • Stay up-to-date with the latest version of Automation1 because it can have important security patches.

  • Download Automation1 installers only from the official website and over a secure connection. The official Aerotech website always uses the secure HTTPS protocol.

  • If you think an untrusted person got administrative access to a controller, change all user passwords. If those passwords are used on other accounts, which is discouraged, change those, too. Also, regenerate your controller certificate for secure communication. Refer to Regenerating the Certificate of a Controller.

  • Contact Aerotech Global Technical Support if you need help securing your controller.

Related Help Pages 

Automation1 Studio

Access Control