SlideShare a Scribd company logo

860 dspi secure860link_and_instrument_fingerprint_appnote

T
trilithicweb
Technology
1 of 5
Download to read offline
Application Note 860 DSPi Secure860Link & Instrument Fingerprint The 860 DSPi has two standard features which enhance security, Secure860Link, and Instrument Fingerprint. Secure860Link enhances privacy for communications between the meter and the TDM system. The Instrument Fingerprint, in addition to encoding the serial number internally, enables the owner to internally “imprint” an “asset id” that shows ownership of the 860 in the event that it is lost or stolen. Secure860Link (S8L) The Secure860Link (S8L) feature in the 860 DSP and 860 DSPi provides enhanced privacy for all data communications between the meter and the Trilithic Data Manager (TDM) server. This is accomplished using a unique 1024 bit RSA certificate on every 860 in the cable system and utilizing Secure Sockets Layer (SSL) encryption. Note: TDM must also have this feature for it to work. Upon first time activation of the S8L mode, the meter will (on the next reboot) create a self signed SSL certificate identifying the meter by its MAC address. This may take up to 5 minutes to create but must be done only once. After this certificate is created and its private key stored in hidden flash memory, the certificate will be loaded into run-time memory for use by the meter’s internal web server and internal web browser. The meter operator (using the web browser menu) logs into TDM using secure web port 443 (https:// link) and causes TDM to establish a data connection back to the meter over port 443. TDM then requests the meter’s SSL certificate and compares it against authorized meters within its database. If the meter is authorized, communication continues over port 443 until the transactions are completed. If the meter is not approved in the database, then communication is halted by TDM. Note: TDM maintains a list of connection attempts by unauthorized 860’s. The TDM admin may authorize or de-authorize a meter at any time. For Additional Help Contact Trilithic Applications Engineering 860 DSPi Secure860Link & Instrument Fingerprint 1-800-344-2412 or 317-895-3600 P/N 0010275038 – Rev 4/08 support@trilithic.com or 1 of 5 www.trilithic.com Copyright © 2008 Trilithic, Inc. All Rights Reserved.
Application Note How does my 860 DSPi utilize S8L? Currently, the 860 DSPi can utilize S8L using a combination of its web browser over SSL as well as its web server over SSL. Both (browse and serve) directions use secure TCP port 443 as a communication path. The only connections allowed within the meter are a few identification commands. No data can be read or written to any of the flash devices in the meter while in S8L mode. Additionally, the remote control mode will not allow anyone to view the LCD remotely, thus prohibiting the ability to issue commands remotely. A sample image is shown here of what the viewer sees in Remote Control view while in S8L mode. How can I see if my 860 DSPi supports S8L? The easiest method to see if your 860 DSPi supports S8L is to go to the Information Menu on the Setup TAB. Firmware ending in “.2” indicates that SSL is supported and if your firmware is at least V8.4.1.2 or higher, your meter supports S8L. How do I enable / disable S8L? S8L can be enabled or disabled via WorkBench or the Setup/Global menu in the meter. For Additional Help Contact Trilithic Applications Engineering 860 DSPi Secure860Link & Instrument Fingerprint 1-800-344-2412 or 317-895-3600 P/N 0010275038 – Rev 4/08 support@trilithic.com or 2 of 5 www.trilithic.com Copyright © 2008 Trilithic, Inc. All Rights Reserved.
Application Note How does S8L work? The basic theory behind S8L is two fold. The first is to restrict access to open ports within the 860 and the second is to encrypt data over the available open port 443. The following security measures are activated when S8L is turned on. 1. TCP Port 24007 only supports the following three commands: a. Hello, Who Are You, and What are your Options b. Allows Old WorkBench users to see an 860 but cannot modify the meter in any way. 2. UDP Port 24008 only supports the following two commands: a. Hello and Who Are You b. Allows Auto detection of an 860 on a LAN but cannot modify the meter in any way. 3. TCP Port 443 only supports reading the following files a. screen.bmp -- Actual Screen with Security Message b. index.html -- Remote control large view c. index2.html -- Remote control mini view d. top.jpg -- JPEG of 860 e. left.jpg -- JPEG of 860 f. right.jpg -- JPEG of 860 g. keys.jpg -- JPEG of 860 h. cert.der -- 860 DSP Server Certificate i. p32.html -- HTML Page “Trilithic Command Processor” 4. TCP Port 443 only supports writing the following files a. P32.html -- Binary encrypted Command Path 5. Remote Control is disabled 6. Splash Screen says “Security Enabled” in upper left on meter boot up. For Additional Help Contact Trilithic Applications Engineering 860 DSPi Secure860Link & Instrument Fingerprint 1-800-344-2412 or 317-895-3600 P/N 0010275038 – Rev 4/08 support@trilithic.com or 3 of 5 www.trilithic.com Copyright © 2008 Trilithic, Inc. All Rights Reserved.
Application Note Instrument Fingerprint The 860 DSPi “Instrument Fingerprint” feature, in addition to keeping the serial number in a secure internal code, also enables the owner to “imprint” the meter with an “asset id” that identifies the original owner in the event that the analyzer is lost or stolen. A six digit serial number is entered at the factory, and in addition to being unchangeable, is displayed when the instrument is powered-on. It can also be displayed in the “Info” screen by pressing the #4 soft- key which displays the unit’s ID. When an 860 with older firmware is updated to the version containing this feature, they can access this feature by navigating to the “Information” screen and pressing the number 4 soft-key (Unit ID). The user will be prompted for the serial number on the back of the unit and then asked "Are you sure?". The splash screen will show the serial number in the upper left hand corner. For Additional Help Contact Trilithic Applications Engineering 860 DSPi Secure860Link & Instrument Fingerprint 1-800-344-2412 or 317-895-3600 P/N 0010275038 – Rev 4/08 support@trilithic.com or 4 of 5 www.trilithic.com Copyright © 2008 Trilithic, Inc. All Rights Reserved.
Application Note The serial number can also be seen in the Info screen by pressing softkey #4 (Unit ID). An “asset tag” (at most 31 characters ending in a NULL) can be entered as a free form text string only once using WorkBench. This tag appears in the lower left corner of the boot-up screen, and can be displayed in the “Info” screen by pressing the #4 soft- key (Unit ID). (Examples: “Call if found: 1-800-xxx- xxxx”; “Property of cable system name”) This can also be seen in the Info screen by pressing softkey #4 (Unit ID) if a serial number has been entered. For Additional Help Contact Trilithic Applications Engineering 860 DSPi Secure860Link & Instrument Fingerprint 1-800-344-2412 or 317-895-3600 P/N 0010275038 – Rev 4/08 support@trilithic.com or 5 of 5 www.trilithic.com Copyright © 2008 Trilithic, Inc. All Rights Reserved.

Recommended

Webshield internet of things
Webshield internet of thingsWebshield internet of things
Webshield internet of thingsRaghav Shetty
 
Honeywell alarmnet-internet-faqs
Honeywell alarmnet-internet-faqsHoneywell alarmnet-internet-faqs
Honeywell alarmnet-internet-faqsAlarm Grid
 
Fred server
Fred serverFred server
Fred serverYansi Keim
 
219 ndd la2000(mercury)-en
219 ndd la2000(mercury)-en219 ndd la2000(mercury)-en
219 ndd la2000(mercury)-enAngie Camacho
 
Safe communication between remote locations with modular system HImatrix F
Safe communication between remote locations with modular system HImatrix FSafe communication between remote locations with modular system HImatrix F
Safe communication between remote locations with modular system HImatrix FMinka Grdesic
 
A 2018 practical guide to hacking RFID/NFC
A 2018 practical guide to hacking RFID/NFCA 2018 practical guide to hacking RFID/NFC
A 2018 practical guide to hacking RFID/NFCSlawomir Jasek
 
اتفاقيات84
اتفاقيات84اتفاقيات84
اتفاقيات84essamsnosye
 
86808
8680886808
86808Powerpointstyles.com
 

Recommended

Webshield internet of things
Webshield internet of thingsWebshield internet of things
Webshield internet of thingsRaghav Shetty
 
Honeywell alarmnet-internet-faqs
Honeywell alarmnet-internet-faqsHoneywell alarmnet-internet-faqs
Honeywell alarmnet-internet-faqsAlarm Grid
 
Fred server
Fred serverFred server
Fred serverYansi Keim
 
219 ndd la2000(mercury)-en
219 ndd la2000(mercury)-en219 ndd la2000(mercury)-en
219 ndd la2000(mercury)-enAngie Camacho
 
Safe communication between remote locations with modular system HImatrix F
Safe communication between remote locations with modular system HImatrix FSafe communication between remote locations with modular system HImatrix F
Safe communication between remote locations with modular system HImatrix FMinka Grdesic
 
A 2018 practical guide to hacking RFID/NFC
A 2018 practical guide to hacking RFID/NFCA 2018 practical guide to hacking RFID/NFC
A 2018 practical guide to hacking RFID/NFCSlawomir Jasek
 
اتفاقيات84
اتفاقيات84اتفاقيات84
اتفاقيات84essamsnosye
 
86808
8680886808
86808Powerpointstyles.com
 
ASA day 1.pptx
ASA day 1.pptxASA day 1.pptx
ASA day 1.pptxssuser6ed64a
 
Windows Telnet Server for your mobile devices, RF Terminal data acquisiiton B...
Windows Telnet Server for your mobile devices, RF Terminal data acquisiiton B...Windows Telnet Server for your mobile devices, RF Terminal data acquisiiton B...
Windows Telnet Server for your mobile devices, RF Terminal data acquisiiton B...topomax
 
Axessor_Brochure_US_04-16
Axessor_Brochure_US_04-16Axessor_Brochure_US_04-16
Axessor_Brochure_US_04-16Axel de Blok
 
NMS TX4000
NMS TX4000NMS TX4000
NMS TX4000savomir
 
Tp link extender setup
Tp link extender setupTp link extender setup
Tp link extender setupPPCChamp - Digital Marketing & Consulting Company
 
hardware implementation of aes encryption and decryption for low area & low p...
hardware implementation of aes encryption and decryption for low area & low p...hardware implementation of aes encryption and decryption for low area & low p...
hardware implementation of aes encryption and decryption for low area & low p...Kumar Goud
 
Cisco Router and Switch Security Hardening Guide
Cisco Router and Switch Security Hardening GuideCisco Router and Switch Security Hardening Guide
Cisco Router and Switch Security Hardening GuideHarris Andrea
 
E Keytech
E KeytechE Keytech
E KeytechChe Hsu
 
IS Unit 8_IP Security and Email Security
IS Unit 8_IP Security and Email SecurityIS Unit 8_IP Security and Email Security
IS Unit 8_IP Security and Email SecuritySarthak Patel
 
Managing Network Device Security
Managing Network Device SecurityManaging Network Device Security
Managing Network Device SecurityArnold Derrick Kinney
 
KTLS White-paper - Cyber - Keystroke Encryption technology
KTLS White-paper - Cyber - Keystroke Encryption technologyKTLS White-paper - Cyber - Keystroke Encryption technology
KTLS White-paper - Cyber - Keystroke Encryption technologyTroy Cromwell
 
Cisco 7300-6T3
Cisco 7300-6T3Cisco 7300-6T3
Cisco 7300-6T3savomir
 
CAT III Answer Key.pdf
CAT III Answer Key.pdfCAT III Answer Key.pdf
CAT III Answer Key.pdfSelvaraj Seerangan
 
s2000nano
s2000nanos2000nano
s2000nanoPrzemek Ostrowski
 
Palo alto-review
Palo alto-reviewPalo alto-review
Palo alto-reviewRayan Darine
 
Automatski - The Internet of Things - Security in IoT
Automatski - The Internet of Things - Security in IoTAutomatski - The Internet of Things - Security in IoT
Automatski - The Internet of Things - Security in IoTautomatskicorporation
 
Internetworking With Pix Firewall
Internetworking With Pix FirewallInternetworking With Pix Firewall
Internetworking With Pix FirewallSouvik Santra
 
Secure Sockets Layer(SSL)Certificate
Secure Sockets Layer(SSL)CertificateSecure Sockets Layer(SSL)Certificate
Secure Sockets Layer(SSL)CertificateCheapSSLUSA
 
Atlas brochure
Atlas brochureAtlas brochure
Atlas brochureMail Box Production
 
Cyber forensics
Cyber forensicsCyber forensics
Cyber forensicsGopal Karthik
 
Voip (rtp) server requirements
Voip (rtp) server requirementsVoip (rtp) server requirements
Voip (rtp) server requirementstrilithicweb
 
Voip rf impairments
Voip rf impairmentsVoip rf impairments
Voip rf impairmentstrilithicweb
 

More Related Content

Similar to 860 dspi secure860link_and_instrument_fingerprint_appnote

Windows Telnet Server for your mobile devices, RF Terminal data acquisiiton B...
Windows Telnet Server for your mobile devices, RF Terminal data acquisiiton B...Windows Telnet Server for your mobile devices, RF Terminal data acquisiiton B...
Windows Telnet Server for your mobile devices, RF Terminal data acquisiiton B...topomax
 
Axessor_Brochure_US_04-16
Axessor_Brochure_US_04-16Axessor_Brochure_US_04-16
Axessor_Brochure_US_04-16Axel de Blok
 
NMS TX4000
NMS TX4000NMS TX4000
NMS TX4000savomir
 
hardware implementation of aes encryption and decryption for low area & low p...
hardware implementation of aes encryption and decryption for low area & low p...hardware implementation of aes encryption and decryption for low area & low p...
hardware implementation of aes encryption and decryption for low area & low p...Kumar Goud
 
Cisco Router and Switch Security Hardening Guide
Cisco Router and Switch Security Hardening GuideCisco Router and Switch Security Hardening Guide
Cisco Router and Switch Security Hardening GuideHarris Andrea
 
E Keytech
E KeytechE Keytech
E KeytechChe Hsu
 
IS Unit 8_IP Security and Email Security
IS Unit 8_IP Security and Email SecurityIS Unit 8_IP Security and Email Security
IS Unit 8_IP Security and Email SecuritySarthak Patel
 
KTLS White-paper - Cyber - Keystroke Encryption technology
KTLS White-paper - Cyber - Keystroke Encryption technologyKTLS White-paper - Cyber - Keystroke Encryption technology
KTLS White-paper - Cyber - Keystroke Encryption technologyTroy Cromwell
 
Cisco 7300-6T3
Cisco 7300-6T3Cisco 7300-6T3
Cisco 7300-6T3savomir
 
Automatski - The Internet of Things - Security in IoT
Automatski - The Internet of Things - Security in IoTAutomatski - The Internet of Things - Security in IoT
Automatski - The Internet of Things - Security in IoTautomatskicorporation
 
Internetworking With Pix Firewall
Internetworking With Pix FirewallInternetworking With Pix Firewall
Internetworking With Pix FirewallSouvik Santra
 
Secure Sockets Layer(SSL)Certificate
Secure Sockets Layer(SSL)CertificateSecure Sockets Layer(SSL)Certificate
Secure Sockets Layer(SSL)CertificateCheapSSLUSA
 

Similar to 860 dspi secure860link_and_instrument_fingerprint_appnote (20)

ASA day 1.pptx
ASA day 1.pptxASA day 1.pptx
ASA day 1.pptx
 
Windows Telnet Server for your mobile devices, RF Terminal data acquisiiton B...
Windows Telnet Server for your mobile devices, RF Terminal data acquisiiton B...Windows Telnet Server for your mobile devices, RF Terminal data acquisiiton B...
Windows Telnet Server for your mobile devices, RF Terminal data acquisiiton B...
 
Axessor_Brochure_US_04-16
Axessor_Brochure_US_04-16Axessor_Brochure_US_04-16
Axessor_Brochure_US_04-16
 
NMS TX4000
NMS TX4000NMS TX4000
NMS TX4000
 
Tp link extender setup
Tp link extender setupTp link extender setup
Tp link extender setup
 
hardware implementation of aes encryption and decryption for low area & low p...
hardware implementation of aes encryption and decryption for low area & low p...hardware implementation of aes encryption and decryption for low area & low p...
hardware implementation of aes encryption and decryption for low area & low p...
 
Cisco Router and Switch Security Hardening Guide
Cisco Router and Switch Security Hardening GuideCisco Router and Switch Security Hardening Guide
Cisco Router and Switch Security Hardening Guide
 
E Keytech
E KeytechE Keytech
E Keytech
 
IS Unit 8_IP Security and Email Security
IS Unit 8_IP Security and Email SecurityIS Unit 8_IP Security and Email Security
IS Unit 8_IP Security and Email Security
 
Managing Network Device Security
Managing Network Device SecurityManaging Network Device Security
Managing Network Device Security
 
KTLS White-paper - Cyber - Keystroke Encryption technology
KTLS White-paper - Cyber - Keystroke Encryption technologyKTLS White-paper - Cyber - Keystroke Encryption technology
KTLS White-paper - Cyber - Keystroke Encryption technology
 
Cisco 7300-6T3
Cisco 7300-6T3Cisco 7300-6T3
Cisco 7300-6T3
 
CAT III Answer Key.pdf
CAT III Answer Key.pdfCAT III Answer Key.pdf
CAT III Answer Key.pdf
 
s2000nano
s2000nanos2000nano
s2000nano
 
Palo alto-review
Palo alto-reviewPalo alto-review
Palo alto-review
 
Automatski - The Internet of Things - Security in IoT
Automatski - The Internet of Things - Security in IoTAutomatski - The Internet of Things - Security in IoT
Automatski - The Internet of Things - Security in IoT
 
Internetworking With Pix Firewall
Internetworking With Pix FirewallInternetworking With Pix Firewall
Internetworking With Pix Firewall
 
Secure Sockets Layer(SSL)Certificate
Secure Sockets Layer(SSL)CertificateSecure Sockets Layer(SSL)Certificate
Secure Sockets Layer(SSL)Certificate
 
Atlas brochure
Atlas brochureAtlas brochure
Atlas brochure
 
Cyber forensics
Cyber forensicsCyber forensics
Cyber forensics
 

More from trilithicweb

Voip (rtp) server requirements
Voip (rtp) server requirementsVoip (rtp) server requirements
Voip (rtp) server requirementstrilithicweb
 
Voip rf impairments
Voip rf impairmentsVoip rf impairments
Voip rf impairmentstrilithicweb
 
Using the guardian i-stop Test Probe
Using the guardian i-stop Test ProbeUsing the guardian i-stop Test Probe
Using the guardian i-stop Test Probetrilithicweb
 
Unlocking options on_an_860_dspi
Unlocking options on_an_860_dspiUnlocking options on_an_860_dspi
Unlocking options on_an_860_dspitrilithicweb
 
Seeker GPS System
Seeker GPS System Seeker GPS System
Seeker GPS System trilithicweb
 
Renewing mapquest subscriptions
Renewing mapquest subscriptionsRenewing mapquest subscriptions
Renewing mapquest subscriptionstrilithicweb
 
Law server requirements
Law server requirementsLaw server requirements
Law server requirementstrilithicweb
 
Law ports and protocols
Law ports and protocolsLaw ports and protocols
Law ports and protocolstrilithicweb
 
Ci 1 option-release
Ci 1 option-releaseCi 1 option-release
Ci 1 option-releasetrilithicweb
 
860 evolution continues
860 evolution continues860 evolution continues
860 evolution continuestrilithicweb
 
860 dsp zero_span_appnote
860 dsp zero_span_appnote860 dsp zero_span_appnote
860 dsp zero_span_appnotetrilithicweb
 
860 dspi work_orders_appnote
860 dspi work_orders_appnote860 dspi work_orders_appnote
860 dspi work_orders_appnotetrilithicweb
 
860 dspi wi-fi_option_appnote
860 dspi wi-fi_option_appnote860 dspi wi-fi_option_appnote
860 dspi wi-fi_option_appnotetrilithicweb
 
860 dspi vsb_appnote
860 dspi vsb_appnote860 dspi vsb_appnote
860 dspi vsb_appnotetrilithicweb
 
860 dspi voip_tests
860 dspi voip_tests860 dspi voip_tests
860 dspi voip_teststrilithicweb
 
860 dspi voip testing
860 dspi voip testing860 dspi voip testing
860 dspi voip testingtrilithicweb
 
860 dspi voip_rtp_mos_test
860 dspi voip_rtp_mos_test860 dspi voip_rtp_mos_test
860 dspi voip_rtp_mos_testtrilithicweb
 
860 dspi voip_rtp_find_and_fix (1)
860 dspi voip_rtp_find_and_fix (1)860 dspi voip_rtp_find_and_fix (1)
860 dspi voip_rtp_find_and_fix (1)trilithicweb
 
860 dspi voip_rtp_find_and_fix
860 dspi voip_rtp_find_and_fix860 dspi voip_rtp_find_and_fix
860 dspi voip_rtp_find_and_fixtrilithicweb
 
860 dspi vits_appnote
860 dspi vits_appnote860 dspi vits_appnote
860 dspi vits_appnotetrilithicweb
 

More from trilithicweb (20)

Voip (rtp) server requirements
Voip (rtp) server requirementsVoip (rtp) server requirements
Voip (rtp) server requirements
 
Voip rf impairments
Voip rf impairmentsVoip rf impairments
Voip rf impairments
 
Using the guardian i-stop Test Probe
Using the guardian i-stop Test ProbeUsing the guardian i-stop Test Probe
Using the guardian i-stop Test Probe
 
Unlocking options on_an_860_dspi
Unlocking options on_an_860_dspiUnlocking options on_an_860_dspi
Unlocking options on_an_860_dspi
 
Seeker GPS System
Seeker GPS System Seeker GPS System
Seeker GPS System
 
Renewing mapquest subscriptions
Renewing mapquest subscriptionsRenewing mapquest subscriptions
Renewing mapquest subscriptions
 
Law server requirements
Law server requirementsLaw server requirements
Law server requirements
 
Law ports and protocols
Law ports and protocolsLaw ports and protocols
Law ports and protocols
 
Ci 1 option-release
Ci 1 option-releaseCi 1 option-release
Ci 1 option-release
 
860 evolution continues
860 evolution continues860 evolution continues
860 evolution continues
 
860 dsp zero_span_appnote
860 dsp zero_span_appnote860 dsp zero_span_appnote
860 dsp zero_span_appnote
 
860 dspi work_orders_appnote
860 dspi work_orders_appnote860 dspi work_orders_appnote
860 dspi work_orders_appnote
 
860 dspi wi-fi_option_appnote
860 dspi wi-fi_option_appnote860 dspi wi-fi_option_appnote
860 dspi wi-fi_option_appnote
 
860 dspi vsb_appnote
860 dspi vsb_appnote860 dspi vsb_appnote
860 dspi vsb_appnote
 
860 dspi voip_tests
860 dspi voip_tests860 dspi voip_tests
860 dspi voip_tests
 
860 dspi voip testing
860 dspi voip testing860 dspi voip testing
860 dspi voip testing
 
860 dspi voip_rtp_mos_test
860 dspi voip_rtp_mos_test860 dspi voip_rtp_mos_test
860 dspi voip_rtp_mos_test
 
860 dspi voip_rtp_find_and_fix (1)
860 dspi voip_rtp_find_and_fix (1)860 dspi voip_rtp_find_and_fix (1)
860 dspi voip_rtp_find_and_fix (1)
 
860 dspi voip_rtp_find_and_fix
860 dspi voip_rtp_find_and_fix860 dspi voip_rtp_find_and_fix
860 dspi voip_rtp_find_and_fix
 
860 dspi vits_appnote
860 dspi vits_appnote860 dspi vits_appnote
860 dspi vits_appnote
 

Recently uploaded

Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 

Recently uploaded (20)

Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 

860 dspi secure860link_and_instrument_fingerprint_appnote

  • 1. Application Note 860 DSPi Secure860Link & Instrument Fingerprint The 860 DSPi has two standard features which enhance security, Secure860Link, and Instrument Fingerprint. Secure860Link enhances privacy for communications between the meter and the TDM system. The Instrument Fingerprint, in addition to encoding the serial number internally, enables the owner to internally “imprint” an “asset id” that shows ownership of the 860 in the event that it is lost or stolen. Secure860Link (S8L) The Secure860Link (S8L) feature in the 860 DSP and 860 DSPi provides enhanced privacy for all data communications between the meter and the Trilithic Data Manager (TDM) server. This is accomplished using a unique 1024 bit RSA certificate on every 860 in the cable system and utilizing Secure Sockets Layer (SSL) encryption. Note: TDM must also have this feature for it to work. Upon first time activation of the S8L mode, the meter will (on the next reboot) create a self signed SSL certificate identifying the meter by its MAC address. This may take up to 5 minutes to create but must be done only once. After this certificate is created and its private key stored in hidden flash memory, the certificate will be loaded into run-time memory for use by the meter’s internal web server and internal web browser. The meter operator (using the web browser menu) logs into TDM using secure web port 443 (https:// link) and causes TDM to establish a data connection back to the meter over port 443. TDM then requests the meter’s SSL certificate and compares it against authorized meters within its database. If the meter is authorized, communication continues over port 443 until the transactions are completed. If the meter is not approved in the database, then communication is halted by TDM. Note: TDM maintains a list of connection attempts by unauthorized 860’s. The TDM admin may authorize or de-authorize a meter at any time. For Additional Help Contact Trilithic Applications Engineering 860 DSPi Secure860Link & Instrument Fingerprint 1-800-344-2412 or 317-895-3600 P/N 0010275038 – Rev 4/08 support@trilithic.com or 1 of 5 www.trilithic.com Copyright © 2008 Trilithic, Inc. All Rights Reserved.
  • 2. Application Note How does my 860 DSPi utilize S8L? Currently, the 860 DSPi can utilize S8L using a combination of its web browser over SSL as well as its web server over SSL. Both (browse and serve) directions use secure TCP port 443 as a communication path. The only connections allowed within the meter are a few identification commands. No data can be read or written to any of the flash devices in the meter while in S8L mode. Additionally, the remote control mode will not allow anyone to view the LCD remotely, thus prohibiting the ability to issue commands remotely. A sample image is shown here of what the viewer sees in Remote Control view while in S8L mode. How can I see if my 860 DSPi supports S8L? The easiest method to see if your 860 DSPi supports S8L is to go to the Information Menu on the Setup TAB. Firmware ending in “.2” indicates that SSL is supported and if your firmware is at least V8.4.1.2 or higher, your meter supports S8L. How do I enable / disable S8L? S8L can be enabled or disabled via WorkBench or the Setup/Global menu in the meter. For Additional Help Contact Trilithic Applications Engineering 860 DSPi Secure860Link & Instrument Fingerprint 1-800-344-2412 or 317-895-3600 P/N 0010275038 – Rev 4/08 support@trilithic.com or 2 of 5 www.trilithic.com Copyright © 2008 Trilithic, Inc. All Rights Reserved.
  • 3. Application Note How does S8L work? The basic theory behind S8L is two fold. The first is to restrict access to open ports within the 860 and the second is to encrypt data over the available open port 443. The following security measures are activated when S8L is turned on. 1. TCP Port 24007 only supports the following three commands: a. Hello, Who Are You, and What are your Options b. Allows Old WorkBench users to see an 860 but cannot modify the meter in any way. 2. UDP Port 24008 only supports the following two commands: a. Hello and Who Are You b. Allows Auto detection of an 860 on a LAN but cannot modify the meter in any way. 3. TCP Port 443 only supports reading the following files a. screen.bmp -- Actual Screen with Security Message b. index.html -- Remote control large view c. index2.html -- Remote control mini view d. top.jpg -- JPEG of 860 e. left.jpg -- JPEG of 860 f. right.jpg -- JPEG of 860 g. keys.jpg -- JPEG of 860 h. cert.der -- 860 DSP Server Certificate i. p32.html -- HTML Page “Trilithic Command Processor” 4. TCP Port 443 only supports writing the following files a. P32.html -- Binary encrypted Command Path 5. Remote Control is disabled 6. Splash Screen says “Security Enabled” in upper left on meter boot up. For Additional Help Contact Trilithic Applications Engineering 860 DSPi Secure860Link & Instrument Fingerprint 1-800-344-2412 or 317-895-3600 P/N 0010275038 – Rev 4/08 support@trilithic.com or 3 of 5 www.trilithic.com Copyright © 2008 Trilithic, Inc. All Rights Reserved.
  • 4. Application Note Instrument Fingerprint The 860 DSPi “Instrument Fingerprint” feature, in addition to keeping the serial number in a secure internal code, also enables the owner to “imprint” the meter with an “asset id” that identifies the original owner in the event that the analyzer is lost or stolen. A six digit serial number is entered at the factory, and in addition to being unchangeable, is displayed when the instrument is powered-on. It can also be displayed in the “Info” screen by pressing the #4 soft- key which displays the unit’s ID. When an 860 with older firmware is updated to the version containing this feature, they can access this feature by navigating to the “Information” screen and pressing the number 4 soft-key (Unit ID). The user will be prompted for the serial number on the back of the unit and then asked "Are you sure?". The splash screen will show the serial number in the upper left hand corner. For Additional Help Contact Trilithic Applications Engineering 860 DSPi Secure860Link & Instrument Fingerprint 1-800-344-2412 or 317-895-3600 P/N 0010275038 – Rev 4/08 support@trilithic.com or 4 of 5 www.trilithic.com Copyright © 2008 Trilithic, Inc. All Rights Reserved.
  • 5. Application Note The serial number can also be seen in the Info screen by pressing softkey #4 (Unit ID). An “asset tag” (at most 31 characters ending in a NULL) can be entered as a free form text string only once using WorkBench. This tag appears in the lower left corner of the boot-up screen, and can be displayed in the “Info” screen by pressing the #4 soft- key (Unit ID). (Examples: “Call if found: 1-800-xxx- xxxx”; “Property of cable system name”) This can also be seen in the Info screen by pressing softkey #4 (Unit ID) if a serial number has been entered. For Additional Help Contact Trilithic Applications Engineering 860 DSPi Secure860Link & Instrument Fingerprint 1-800-344-2412 or 317-895-3600 P/N 0010275038 – Rev 4/08 support@trilithic.com or 5 of 5 www.trilithic.com Copyright © 2008 Trilithic, Inc. All Rights Reserved.