VR9500 Secure Operation
Recently, some of our customers have inquired regarding the VR9500’s suitability for use in projects with a security classification. The decision on suitability in any specific situation certainly rests with the customer but, to help with those decisions, Vibration Research can provide details on how the VR9500 operates.
To function, a VR9500 requires an Ethernet connection to a PC and an analog output connection to a shaker; no other connection is needed. Therefore, if the PC, the Ethernet, and the shaker connection are secured, the VR9500 will not be vulnerable to cyber intrusion while it is controlling tests.
But, what about information residing on the VR9500 after a test? The vulnerability of that information is best understood in terms of the VR9500’s memory architecture, what is stored in the memory, and how the memory subsystem functions.
First, the VR9500 has two types of memory, Flash Memory and RAM. The Flash stores the embedded operating system, called IOBox, the license key information that enables different test modes to operate in the VibrationVIEW software, and the calibration factors for the controller – but no test data is held in Flash Memory.
The test data is stored in RAM. This is volatile memory and the contents are erased each time the VR9500 is power cycled, i.e., turned off and then turned back on. In fact, our approved process for clearing data from the VR9500 hardware is to power-cycle the unit.
Test data is retained on the PC connected to a VR9500 during a test. However, if the VR9500 is power-cycled and then connected to a new PC, that new PC will not have access to older test data.
To assist with any formal security evaluation process, VR can supply a letter of volatility that describes the details regarding the types of memory built into the VR9500 controller and the purpose of those memory units. For more helpful documentation check out our Abstracts and Tech Notes page.