Introduction
The automatic integrity check feature in Control Expert helps prevent Control Expert files and software from being changed via a virus / malware through the Internet. You can also launch the integrity check manually.
Automatic Integrity Check
Control Expert with Topology Manager is based on client / server architecture.
For a Control Expert client, the Control Expert server can be local or remote whereas the SODB server is always local.
By default only a local client (127.0.0.0) can connect to the Control Expert server. Remote Control Expert clients can connect to a Control Expert server by changing the setting of the Control Expert server. For details, refer to the EcoStruxure Control Expert Installation Manual and the topic Enabling Communication with Remote Clients and Reinforcing Security.
The Control Expert and the SODB servers are configured to start automatically when the computer is powered-on or restarted. Before the servers start, an integrity check is performed on both.
Either server starts only if the integrity check completes without detecting corruptions.
IF |
THEN |
|---|---|
If a corruption is detected on the SODB server |
You can check if any detected error
is logged by using the (source |
If a corruption is detected on the Control Expert server |
You can check if any detected error
is logged by using the (source |
An automatic integrity check is launched when you start Control Expert (with Topology Manager) or Control Expert Classic. The instance execution is blocked until the integrity check result is returned. If a corruption is detected, a message box indicates the corrupted files. Click and the Control Expert instance closes.
Manual Integrity Check with Control Expert Classic
To perform a manual integrity check when an instance of Control Expert Classic is started, follow these steps:
Step |
Action |
|---|---|
1 |
Click . |
2 |
In the field, click . Result: The integrity check runs in the background. Control Expert creates log of the successful and unsuccessful component login. The log file contains the IP address, the date and hour, and the result of the login. NOTE: If an integrity
check displays an unsuccessful component login, the displays a message.
Click . Manually
fix the items in the log.
|
Manual Integrity Check with Control Expert
To perform a manual integrity check when an instance of Control Expert is started, follow these steps:
Step |
Action |
|---|---|
1 |
Click in the Topology Manager toolbar. |
2 |
In the box, click the link . Result: The integrity check runs in the background. Scans are performed on the local client, on SODB server and on the Control Expert server (local or remote) the client is connected to. The client and the servers keep running until the integrity check result is returned. Refer to the following table for the integrity check result consequences. |
IF |
THEN |
|---|---|
If a corruption is detected |
The message self-test completed successfully is displayed. Click . |
If a corruption is detected on the client |
A message box indicates the corrupted files. Click and Control Expert client closes. |
If a corruption is detected on the SODB server |
The SODB server stops. You can check if any detected error is logged
by using the (source The Control Expert client does not close but deploy and system monitoring functionalities are no longer operational. |
If a corruption is detected on the Control Expertserver (local or remote) |
The Control Expert server stops and the client/server
connection ends. You can check if any detected error is logged by
using the (source The Control Expert client does not close and you can connect to another Control Expert server. |
M580 Firmware Integrity Check
The M580 PAC firmware integrity check is done automatically after a new firmware upload or restart of the M580 PAC.
Management of SD Card
Activate the application signature in order to avoid running a wrong application from an SD card.
The SD card signature is managed
using the SIG_WRITE and SIG_CHECK