Security guidelines

Overview

This section provides basic instructions and recommendations for securely integrating and maintaining applications that use the PC SDK APIs to communicate with ABB robot controllers.

Certificate validation

OmniCore robot controllers use SSL certificates to ensure secure communication. Make sure that Certificate validation is enabled when connecting to an OmniCore robot controller. Connecting only to robot controllers with trusted certificates reduces the risk of man-in-the-middle attacks, which could otherwise expose user names and passwords.

If a certificate error occurs during connection, provide the user with sufficient details about the error so they can make an informed decision about whether to trust the certificate. Error details can be accessed through the CertificateErrorEventArgs.CertificateErrors property of the CertificateErrorEventArgs instance, which is provided by the Controller.OnCertificateError event.

Authentication and Authorization

A PC SDK application needs to log on using a user name and password to access the robot controller. It is essential that the application and the user handle these credentials securely.

  • Avoid hardcoding credentials in source code or configuration files.
  • Protect credentials using OS-level encryption or secure vaults if they need to be persisted. Never store user-entered passwords in plain text files.
  • Change default credentials immediately after installation of the robot controller. Do not rely on the UserInfo.DefaultUser property with default credentials. Encourage the user to change the default password or create separate user accounts with appropriate permissions.
  • Always log off when communication with the robot controller is no longer needed—at the latest, during application shutdown.
  • Assign the minimum necessary permissions to users and applications.
  • Use the User Authorization System access controls provided by the robot controller and PC SDK both to restrict access to critical functionality as well as giving the user good guidance in the user interface.

Maintaining Security Over Product Lifetime

Regularly check for and apply updates to PC SDK, RobotWare and other dependencies to have the latest security patches.