New firmware versions for AVL devices include support for AES128 feature in order to grant a secure transmission channel between field devices and remote servers.

AVL device contains 2 sets of non-readable AES keys for RX and TX to define max. of security structure.

  1. Set of AES RxTx as FALCOM default
  2. Set of AES RxTx as Customer/Client Ket Set

Falcom forecasts following roadmap for this feature:

  1. AES128 for primary TCP port (FW2.10.x)
  2. AES128 for UDP port (FW2.12.x)
  3. AES128 for Serial Port (FW2.13.x)
  4. AES for local storage (FW3.0.x)

Setup AES128 key for decrypting/encrypting incoming/outgoing packets of a secured TCP transmission. The feature AES-TCP must be enabled in order to support this function.

This feature can be enabled via command PFAL,TCP.CLIENT.LOGIN=1,<security_mode>


0 – default mode (no AES encryption)
1 – AES encryption (ECB mode)
2 – AES encryption (CBC mode)