Secure storage and the SD card - Facility Explorer - LIT-12012339 - Wireless Device - ZFR: Wireless Field Bus System

FX80 WiFi Technical Bulletin

Brand
Facility Explorer
Product name
ZFR: Wireless Field Bus System
Document type
Technical Bulletin
Document number
LIT-12012339
Revision date
2019-03-22
Language
English

On an FX80 Supervisory Controller, the SD card is the primary storage media for all data. Since data can be removed and duplicated on an SD card, the sensitive data is encrypted when stored on the card. Files are stored in encrypted format, but decoded as they are accessed.

Sensitive data includes the following items:
  • Credentials for accessing a WiFi network
  • FX80 Controller key material
  • Private key files
  • Operating system account credentials

The system protects this data, while at the same time allowing you to move an SD card from a unit that suffered a hardware failure to a new unit with minimal effort.

If the passphrase of the SD card (which contains the system passphrase of the original unit) does not match the passphase on the replacement unit, the boot sequence fails due to the passphrase mismatch. The failure is indicated by the Stat LED flashing with a 50% duty cycle and a 1 second period. You are then prompted to enter the system passphrase (for the original unit which is stored on the SD card) via serial connection. You must first authenticate with platform credentials before you can update the system passphrase.

Note: Preconfiguring (through serial connection) a replacement FX80 Supervisory Controller with a system passphrase matching the passphrase stored on the SD card (swapped out of the other unit) facilitates commissioning the replacement unit. In this situation, the commissioning process does not prompt for a passphrase because it detects a passphrase match.