New firmware versions for AVL devices include support for AES128 feature in order to grant a secure transmission channel between field devices and remote servers.
AVL device contains 2 sets of non-readable AES keys for RX and TX to define max. of security structure.
- Set of AES RxTx as FALCOM default
- Set of AES RxTx as Customer/Client Ket Set
Falcom forecasts following roadmap for this feature:
- AES128 for primary TCP port (FW2.10.x)
- AES128 for UDP port (FW2.12.x)
- AES128 for Serial Port (FW2.13.x)
- AES for local storage (FW3.0.x)
Setup AES128 key for decrypting/encrypting incoming/outgoing packets of a secured TCP transmission. The feature AES-TCP must be enabled in order to support this function.
This feature can be enabled via command PFAL,TCP.CLIENT.LOGIN=1,<security_mode>
0 – default mode (no AES encryption)
1 – AES encryption (ECB mode)
2 – AES encryption (CBC mode)