Campbell Scientific CR6 CR6 Measurement and Control System - Page 459
Vulnerabilities
![]() |
View all Campbell Scientific CR6 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 459 highlights
Section 8. Operation CRBasic programs, are enabled without password protection. You may wish to secure your CR6 from mistakes or tampering. The following may be reasons to concern yourself with datalogger security: • Collection of sensitive data • Operation of critical systems • Networks accessible by many individuals If you are concerned about security, especially TCP/IP threats, you should send the latest operating system (p. 82) to the CR6, disable un-used services, and secure those that are used. Security actions to take may include the following: • Set passcode lockouts • Set PakBus/TCP password • Set FTP username and password • Set AES-128 PakBus encryption key • Set .csipasswd file for securing HTTP and web API • Track signatures • Encrypt program files if they contain sensitive information • Hide program files for extra protection • Secure the physical CR6 and power supply under lock and key Note All security features can be subverted through physical access to the CR6. If absolute security is a requirement, the physical CR6 must be kept in a secure location. 8.11.1 Vulnerabilities While "security through obscurity" may have provided sufficient protection in the past, Campbell Scientific dataloggers increasingly are deployed in sensitive applications. Devising measures to counter malicious attacks, or innocent tinkering, requires an understanding of where systems can be compromised and how to counter the potential threat. Note Older CR6 operating systems are more vulnerable to attack than recent updates. Updates can be obtained free of charge at www.campbellsci.com. The following bullet points outline vulnerabilities: • external keyboard display o Pressing and holding the Del key while powering up a CR6 will cause it to abort loading a program and provides a 120 second window to begin changing or disabling security codes in the settings editor (not Status table) with the keyboard display. o Keyboard display security bypass does not allow telecommunication access without first correcting the security code. o Note These features are not operable in CR1000KDs with serial numbers less than 1263. Contact Campbell Scientific for information on upgrading the CR1000KD operating system. • LoggerNet o All datalogger functions and data are easily accessed via USB and Ethernet using Campbell Scientific datalogger support software. o Cora command find-logger-security-code 459
![](/manual_guide/products/campbell-scientific-cr6-cr6-measurement-control-a476969/459.png)