A very important topic to cover in this article series is something we call security model of the router.

Before getting to that, let's look at the user model. There are a few user models being used in the operating systems based on Linux. Please note that this definition is something to make our security model more understandable and help with further understanding of the securing process, it is not a formal definition as used in information science.

You are about to read the first article in the series of articles about securing our routers. The series is tailored to our router devices, teaching and showing some general and specific principles and also describing possibilities and use cases. While some of the knowledge here is usable also outside of the router devices, you should keep in mind that we are focusing on our cellular routers running Conel OS 6.x here.

This first article is a basic building block. We are going to describe the device and its basic characteristics and possibilities of accessing the device with an accent on security. Also, some basic use cases are to be touched here and the terminology used for the rest of the series established.

Some time ago there has been questions about impact of IoTroop/Reaper Malware on our devices. A week ago there has been another inquiry. As it seems to be an (unexpected) pattern, this short information announcement is given to public.

It has been some time since we implemented and enabled notifications on the Engineering Portal. The notifications are primarily meant as something extra for our distributors and partners (as it requires an account on EP), but for example the RSS can be used by anybody without an account needed - read on.

The notification system we have is, thanks to the tagging system we use for all products and documents, quite unique however it could take some time getting used to. Also, we are still ...

PCN is a name for a specific type of document. The abbreviation means Product Change Notification. It is a kind of a document we issue when there is important change in one or more products we are manufacturing.

Not every change in a product requires a PCN. The documents are here so that we can communicate changes that may have impact on our partners, distributors and customers. Other changes, like, replacing one end-of-life component with equivalent one, may not be significant enough for creating a ...

The Firmware Over-The-Air (FOTA) user module is an additional feature of Advantech routers. This module will assure the correct firmware for cellular module is chosen, downloaded and installed into the router automatically. Only the firmware of the cellular module is updated (not the firmware of the router).

The user module is easy to use – it can be activated with just one checkbox. The router must be connected to the Internet in order to use FOTA updates. The module checks for the new cellular module firmware every 24 hours. It is also possible to check ...

Since January 2018, we have been using alphanumeric form of product serial numbers. An example of such number could be:

ACZ1100123456787

There are some ideas hidden behind the new serial number scheme but this post is about R-SeeNet.

For those unfamiliar with R-SeeNet, it is a legacy Router monitoring tool that is still being supported and maintained.

If you are using this tool, you need to update it via patch linked below to get reasonable level of support for the new serial numbers. Without this patch, the new serial numbers are not being displayed ...

Early this year, a few vulnerabilities impacting inside-CPU code were announced.

While there is not a full disclosure available to us at present time, we can tell a few things now.

First, not all of the vulnerabilities are limited to x86 architecture. The ARM architecture is impacted as well.

While keeping this brief and understandable, the nature of announced vulnerabilities (CVE-2017-5753, CVE-2017-5715, CVE-2017-5754) lies in the problems connected with a few techniques used inside of the CPU.

The known impact is information leak via side effects of speculative execution. "Speculative execution" is nothing extraordinary. ...

User Modules are now available on Engineering Portal.

As you probably know, User Modules are kind of a unique way how the functionality of router devices running Conel OS can be extended.

Well, it is not that unique that you can extend functionality of your device. But it is not common that you have a range of UM ready. It is also not that common that you have a multi-language SDK with examples available so that you can create your own User Modules. Last but not the least, our services always included ...