Secure Software (by Design): Is that possible? Part 2
The issue has been promoted outside the automation industry in recent years by Microsoft, especially with the development of the Security Development Lifecycle (SDL) and has been accepted in adapted form by numerous other software manufacturers, including COPA-DATA. This standard defines, amongst other things, secure software structures, tools and measures such as training for developers and people in charge of QA, and the need for requirement management and the working processes behind this.
However it is not just the process of creating the software, it is also the fundamental software architecture concept, and naturally the technology that is used in the product, that decisively influence the security potential of a product such as zenon.
COPA-DATA consistently uses the latest technology on the market and offers this to its users to its full extent. Thus zenon was one of the first products on the market that is compatible with Windows 7 and Windows 8. For maximum component security, only the latest technologies are applied in the product, such as Microsoft SQL Server 2012 or native support for the most recent 64-bit platforms. A positive side effect is that as a result of these technologies, our customers also benefit from the latest Microsoft patch management.
The COPA-DATA developers have pursued a consistent path of modularization in the product for 25 years. Depending on the application concept, the user decides which software module and functions they wish to allow in their environment. If an automation project should not make contact with the outside world (for example by sending emails), they can physically deactivate this module completely. However if a module is applied, all parameters can be set in zenon by the customer at any time. Regardless of whether this is the domain user or the communication port. zenon can always adapt to the local security environment.