Network recommendations
The Head End software must be securely managed this includes the meter keys
and database with limited access. Use firewalls wherever necessary to secure the
network and Head End System software.
Perform Key Management according to "Recommendation for Key Management,
Special Publication 800-57 Part 1 Rev. 5, NIST, 05/2020."
Meter firmware upgrades
The meter firmware must be upgraded to the latest version as soon as a new
version is available, to maintain performance. Honeywell will provide notification
of important firmware upgrades when available.
Server upgrade:
The server software must also be upgraded when the latest version or patches are
available. The server must use the following minimum key sizes for secure
management of the database, software, and key storage.
1. Minimum RSA Length: 3072 Bit
2. Minimum ECC Key-Size: 256 Bit
3. Minimum AES Key-Size: 128 Bit
4. Minimum Hash Algorithm: SHA-256
Safe disposal of consumption data
All the PCBs, which may contain sensitive software and/or personal data, must be
disposed of using a method which make sures that the data cannot be restored
(e.g., shredding by a certified waste disposal contractor).
Software licenses
This device uses open-source software. For further details, see
www.docuthek.com.
Report security vulnerability
A security vulnerability is defined as a software defect or weakness that can be
exploited to reduce the operational or security capabilities of the software.
Honeywell investigates all reports of security vulnerabilities affecting Honeywell
products and services. For details on Honeywell security policy, visit
https://www.honeywell.com/en-us/product-security.
To Next Page
Loading...
Need help?
General
