Cyber Security
in ComAp Products

Use our new website comap-control.com

Cyber Security

With the whole world increasing its connectivity and communication possibilities, the controls are not staying aside ensuring its users flexibility and remote access. Remote monitoring allows us to save time and money, and provides reliable data for making crucial business decisions.

However, these advantages of digitalisation require comprehensive cyber protection. Security has always been a focus at ComAp, so our customers can rest assured ComAp always has and always will take the security of customer data and equipment seriously.
 
Security by design
When designing control products and software, we start with the question “How we can assure the best cyber security criteria within this product?” at the beginning of product development. As part of this process, we have developed five essential criteria for security.

 
Secured firmware
All new ComAp firmware is secured by encryption. This prevents any firmware from being uploaded into non-genuine or modified ComAp products. It also means that the controller will not accept any non-encrypted firmware when someone tries to upload it.

 
Ciphering of communication
Communication through public networks (Ethernet, Internet, AirGate) is bidirectionally secured by a ComAp-developed ciphering technology CCS. ComAp’s proprietary ciphering technology is based on proven cryptographic algorithms, and it has been audited by an external security audit company, and it passed penetration tests successfully.
Protection against brute-force attack
ComAp’s controllers feature brute force attack detection during the user authentication process. If an attack is detected, the control unit is gradually blocked by prolonging the time between individual attempts to sign in – similar to a mobile phone preventing a user to access the phone if the PIN is entered incorrectly too many times.
Reliable user authentication
ComAp controllers, use authentication of unique user accounts similar to the way cyber security systems in the information technology work. All user access is logged, and any activity under a particular login is recorded. This secures tracking of all user activities in the control device but also enables highly flexible access rights management for controller administrators.
System security against data leakage
If an administrator loses access to the controller, a robust mechanism to retrieve the administrator access is used. This mechanism is based on a digital signature unique to the controller and requires double-factor authentication. Access can only be granted by ComAp. This prevents forgery and misuse by a non-authorized person.

Cyber Security Alerts & Advisories

ID Version Document title CVSS Score Download
SSA-1333038 V1.0 Multiple Modfem File Parsing Vulnerabilities in Simcenter Femap 7.8 Upgraded FW
SSA-1333038 V1.0 Multiple Modfem File Parsing Vulnerabilities in Simcenter Femap 7.8 Upgraded FW
SSA-1333038 V1.0 SMultiple Modfem File Parsing Vulnerabilities in Simcenter Femap 7.8 Link
SSA-1333038 V1.0 SMultiple Modfem File Parsing Vulnerabilities in Simcenter Femap 7.8 Link
SSA-1333038 V1.0 SMultiple Modfem File Parsing Vulnerabilities in Simcenter Femap 7.8 Link
SSA-1333038 V1.0 SMultiple Modfem File Parsing Vulnerabilities in Simcenter Femap 7.8 Link
SSA-1333038 V1.0 SMultiple Modfem File Parsing Vulnerabilities in Simcenter Femap 7.8 Link
SSA-1333038 V1.0 SMultiple Modfem File Parsing Vulnerabilities in Simcenter Femap 7.8 Link
SSA-1333038 V1.0 SMultiple Modfem File Parsing Vulnerabilities in Simcenter Femap 7.8 Link
SSA-1333038 V1.0 SMultiple Modfem File Parsing Vulnerabilities in Simcenter Femap 7.8 Link
SSA-1333038 V1.0 SMultiple Modfem File Parsing Vulnerabilities in Simcenter Femap 7.8 Link

Our website uses cookies and similar technologies to provide you the best experience and to understand how you use our site.

You may either „Accept all“ by which you agree with using functional, analytical and marketing cookies. By pressing „Revoke“ only necessary cookies shall be allowed to enable the website and applications function correctly. To revoke your consent you can do it from footer menu in Change cookie preferences section.

Here or under the section Privacy you may find more detailed information on your privacy.