Security is an integral part of the Valmet DNA system. To maintain security at an appropriate level, all security features are integrated into normal Valmet processes, guaranteeing that Valmet DNA deliveries are secure.
Valmet also provides additional security services to manage and maintain security of Valmet DNA systems during production.
Windows workstations and servers
- Malware protection The Valmet DNA system uses Symantec Endpoint Protection (SEP) as its defined and tested virus-protection solution. It includes continuous testing of virus definition files and security updates.
- Security patch management The Valmet DNA Security Team takes care of security patch management. Each security update is evaluated. Any required update is delivered immediately after testing.
- Hardening Hardening means taking action to remove or disable any unnecessary features that could possibly cause a security threat to a specific component or environment to achieve a better security level. In the Valmet DNA environment, hardening is considered at all levels – the automation network, PC (workstation and server) based components, and operating systems.
The high availability and security required in automation networks is guaranteed by our secure network topology, with built-in protection against outside threats.
Valmet DNA network security, including strong network perimeter security, is based on carefully evaluated, configured and tested network topology and components
Valmet DNA ACN controllers
The ACN controller is a core component of Valmet DNA that executes control applications and controls production processes. It is essential to guarantee the functionality and availability of the Valmet DNA system.
- Hardening The Valmet DNA operating system’s process controllers is based on Linux. This Linux environment is hardened. All components in the full Linux package have been evaluated.
- Protection against denial of Service (DoS) Valmet DNA ACN controllers have a denial of service identification feature to detect any DoS situation in the network. If a DoS is detected, the ACN controller protects the process application execution by blocking or limiting inbound traffic to the ACN controller.
- ACN access control The ACN’s access control feature prevents access to the controller. When turned on, only proprietary Valmet DNA communication is allowed. For maintenance purposes, the ACN firewall can be temporarily turned off.
- Proprietary protocol Although not a specific security feature itself, the proprietary Valmet DNA communication protocol narrows the potential attack surface of the Valmet DNA system. Since the protocol used in the system is not publicly available, it prevents any detailed analysis. Additionally, it greatly reduces the possibility that an attacker can exploit the protocol for hostile purposes.
The ACN controllers have also been tested by an independent third party.