Recently, we received inquiries into the suitability of the VR9500 for projects with a security classification. This decision depends on the details and requirements of each situation; however, to help with the decision, Vibration Research can provide information about the operation of our VR9500 and VR10500 vibration controllers.
A VR9500/VR10500 requires an Ethernet connection to a PC and an analog output connection to a shaker to function; no other connection is needed. If the PC, the Ethernet, and shaker connection are secure, the controller will not be vulnerable to cyber intrusion during test control.
What about information residing on the VR9500/VR10500 after a test? Its vulnerability can best be described in terms of the controllers’ memory architecture, memory storage, and functioning of the memory subsystem.
The VR9500/VR10500 has two types of memory: flash memory and RAM. The flash stores the embedded operating system called the IOBox, the license key information that enables different test modes to operate in the VibrationVIEW software, and the calibration factors for the controller.
The flash memory does not hold test data; test data is stored in RAM. This is volatile memory and the contents are erased when the VR9500 is power cycled, i.e., turned off and then back on. Our approved process for clearing data from the VR9500 hardware is to power-cycle the unit.
Test data is retained on the PC connected to a VR9500/VR10500 during a test. However, if the controller is power-cycled and then connected to a new PC, the new PC will not have access to older test data.
To assist with any formal security evaluation process, VR can supply a letter of volatility that describes the details of memory built into the VR9500/VR10500 controller and the purpose of those memory units. For more helpful documentation, visit our Technical Notes page.