Device capabilities and recommended use
As the device typically uses network communication extensively, please note the follow‐
ing when designing a cybersecurity concept for the system this device shall be part of:
•
When correctly configured, the Nova 2D SensorApp offers basic authentication for
the GUI to prevent unintentional or accidental misuse. However, the underlying
browser to device communication is not authenticated.
•
All communication (images, configuration, logs) between the device and network
devices (e.g. a computer used for configuration), should be assumed to be unen‐
crypted unless otherwise specified.
•
It is recommended to always use the latest software to ensure that the latest
security patches are applied.
•
It is recommended to only connect the device to private isolated networks. At
all points where there is a physical connection to external, possibly untrusted
networks, it is strongly recommended to block all network traffic to and from the
device using a firewall.
•
A user who develops custom software running on the device (i.e. development
in SICK AppSpace) is responsible for the security of the developed solution.
For example, the web-based CROWN interface does not offer any authentica‐
tion, and should be disabled when possible for increased security. For more
information, see the SICK AppSpace Security Concepts document: supportpor‐
tal.sick.com/Product_notes/sick-appspace-security-concepts/.
Network services
The device uses several network services for its operation. For information about
the factory default settings when using the device with the Nova 2D SensorApp, see
table 1, page 9.
Table 1: Default device settings
Service Physical
port
Logical
port
Encrypted Authenti‐
cated
Default
status
Description
SOPAS
REST API
web server
P3 TCP port
80
No Yes Listening Used for configuration of
the device
CROWN
REST API
server
P3 TCP port
80
No No Listening Used for configuration of
the device
CROWN
Web socket
server
P3 TCP port
80
No No Listening Used for configuration of
the device and image
transfer to GUI
Web server P3 TCP port
80
No No Listening Used for configuration of
the device
CoLa-2
server
P3 TCP port
2122
No Yes Listening Used for configuration of
the device
ColaScan P3 UDP port
30718
No No Listening Used for device detection
and automatic IP configu‐
ration
FTP client P3 TCP con‐
figurable
port,
default
21
No No Not used Used for image recording
with the Nova 2D Sensor‐
App
DHCP client P3 TCP port
68
No No Not used Used when DHCP is ena‐
bled on device
SAFETY INFORMATION 2
8028305//2023-05 | SICK O P E R A T I N G I N S T R U C T I O N S | Inspector85x
9
Subject to change without notice
To Next Page
Loading...