Automatic Systems, an industry-pioneering manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications.
With the new V07 software, updates will be delivered by means of an encrypted file. This provides end users with the assurance that the application installed is from Automatic Systems. The software communicates using an Automatic Systems-generated encryption key. An end user can also choose to add their own personalised encryption key before granting access to their internal network.
The V07 is designed for use with the Automatic Systems SlimLane, SlimLite and FirstLane optical barrier speed gate turnstiles as well as their AccessLane swing gates, as these devices use the AS1190 motherboard. The new software will also secure xml-rpc (supervision) and http (integrated web pages) communication.
As stated by David Enderle, General Director at Automatic Systems, “It was clear that, as a supplier of access control devices, it was essential to protect against cyber-attacks to guarantee service availability, data integrity and confidentiality. We began this development three years ago, and today we’re seeing a real shift in our market’s reality, so these enhancements come at just the right time.”
He adds, “More and more devices are being placed on the customer’s local network for monitoring purposes. They are therefore subject to the customer’s IT security constraints and undergo recurring penetration tests.”
The most common authentication rules, including but not limited to: Tiered access levels for user profiles; passwords requiring more robust criteria and a log of all authentication attempts, have been implemented within the V07 software to protect against most common attacks (DDOS, MITM, exploitation of vulnerabilities, injection, etc.).
Automatic Systems has also reduced the attack surface and implemented ‘good practice’ rules on its system by disabling nonmandatory services, closing any unused communication ports and upgrading communication libraries.