Honeywell SEARCHZONE SONIK Acoustic Gas Leak Detector User Guide

SECURITY GUIDE
SEARCH ZONE SONIK™
Acoustic Gas Leak Detector

LEGAL NOTICES

Disclaimer
In no event shall Honeywell be liable for any damages or injury of any nature or kind, no matter how caused, that arise from the use of the equipment referred to in this manual.
Strict compliance with the safety procedures set out and referred to in this manual and extreme care in the use of the equipment is essential to avoid or minimize the chance of personal injury or damage to the equipment.
The information, figures, illustrations, tables, specifications, and schematics contained in this manual are believed to be correct and accurate as at the date of publication or revision. However, no representation or warranty with respect to such correctness or accuracy is given or implied and Honeywell will not, under any circumstances, be liable to any person or corporation for any loss or damages incurred in connection with the use of this manual.
The information, figures, illustrations, tables, specifications, and schematics contained in this manual are subject to change without notice.
Unauthorized modifications to the gas detection system or its installation are not permitted, as these may give rise to unacceptable health and safety hazards.
Any software forming part of this equipment should be used only for the purposes for which Honeywell supplied it. The user  shall undertake no changes, modifications, conversions, translations into another computer language, or copies (except for a necessary backup copy).
In no event shall Honeywell be liable for any equipment malfunction or damages whatsoever, including (without limitation) incidental, direct, indirect, special, and consequential damages, damages for loss of business profits, business interruption, loss of business information, or other pecuniary loss, resulting from any violation of the above prohibitions.
Warranty
Honeywell Analytics warrants the Searchzone Sonik Ultrasonic Gas Leak Detector against defective parts and workmanship and will repair or (at its option) replace any instruments which are or may become defective under proper use within 36 months from date of shipment from Honeywell Analytics. This warranty does not cover consumable items, normal wear and tear or damage caused by accident, abuse, improper installation, poisons, contaminants or abnormal operating conditions. Under no circumstances shall Honeywell Analytics liability exceed the original purchase price paid by the buyer for the product. Any claim under the Honeywell Analytics Product Warranty must be made within the warranty period and as soon as reasonably possible after a defect is discovered. In the event of a warranty claim please contact your local Honeywell Analytics Service representative.
This is a summary, for full warranty terms please refer to the Honeywell “General Statement of Limited Product Warranty”
available upon request.
Copyright Notice
Bluetooth®, Android™, HART® and MODBUS® are registered trademarks.
Other brand and product names mentioned in this manual may be trademarks or registered trademarks of their respective companies and are the sole property of their respective holders.
Honeywell is the registered trademark of Honeywell International Inc.
The Searchzone Sonik™ is a registered trademark of Honeywell.
Find out more at www.sps.honeywell.com

Introduction

This guide has been designed for use by operators and engineering personnel of customers who utilize the Searchzone Sonik system.
It is intended for use when planning the configuration and maintenance of the network infrastructure in which the Searchzone Sonik system exists.
It provides information supporting the identification and mitigation of security risks associated with the day-to-day use of the system in connected IT infrastructures.

Scope

This document applies to the Searchzone Sonik system, to associated mobile applications and devices, and to wireless data transfer.

Revision history
Revision Comment Date
Issue 1  ECO A05126 Jul-18
Issue 2  ECO A05425 Feb-21
Assumptions and pre-requisites

This guide assumes a high degree of technical knowledge and familiarity with:

  • Management through a mobile application
  • Networking systems and concepts
  • Security issues and concepts
Related documents

This guide should be read in conjunction with the following documents:

Document Part Number
Searchzone Sonik Technical Manual  2331M1220
Security controls

Search zone Sonik system has a number of built-in security controls. These include:

  • Limitation of access to designated users
  • Password protection of user accounts
  • Device certificate
  •  User certificate

Additional user control
This guide focuses on additional security controls that should be implemented by users.
Further information
Contact your Honeywell representative if you need more information on securing the Searchzone Sonik system.

IT System architecture

Search zone Sonik can be configured using Bluetooth connection, HART or MODBUS communications.
See the communications diagram below.

Wireless connections

Search zone Sonik utilizes Bluetooth wireless connection, single-user permitted.

Physical and local connections

Search zone Sonik utilizes HART and MODBUS communications.

Threats

Security threats applicable to networked systems include:

  • Unauthorised access
  • Communications snooping
  • Viruses and other malicious software agents
Unauthorized access

This threat includes physical access to Searchzone Sonik and intrusion into the network to which the Searchzone Sonik system is
connected, from the business network.
Unauthorized external access can result in:

  • Loss of system availability
  • Incorrect execution of controls causing damage to the facility, incorrect operation, or spurious alarms
  • Theft or damage of its contents
  • The capture, modification, or deletion of data
  • Loss of reputation if the external access becomes public knowledge
    Unauthorized access to the system can result from:
  • Lack of security of user name and password credentials
  • Uncontrolled access to the detector
  • Uncontrolled access to the network and network traffic
Communications snooping

This threat includes snooping on or tampering with the Bluetooth port while the port is enabled, by means of man-in-the-middle, packet replay or similar methods.
Tampering with the communication link can result in:

  • Loss of system availability
  • Incorrect configuration and so incorrect execution of the Searchzone Sonik safety function
  • The capture, modification, or deletion of data

The configuration port is open when the Searchzone Sonik unit is in use. The configuration port can only be opened by users having wireless access to the controller and suitable login credentials. The configuration port is time-limited and cannot be left open when not in use.

Viruses and other malicious software agents

This threat encompasses malicious software agents such as viruses, spyware (trojans), and worms. These may be present:

  • On a mobile device that is used for setup and configuration
  • If the connected mobile device’s software has been changed to enable capabilities that might not otherwise be present (rooted).
    The intrusion of malicious software agents can result in:
  • Performance degradation
  • Loss of system availability
  • Capture, modify, or deletion of data, including configuration data and device logs Viruses, can be transmitted by media such as USB memory devices and SD cards, from other infected systems on the network, and from infected or malicious Internet sites.

Mitigation strategies

The following mitigation strategies should be followed.

Searchzone Sonik system

4.1.1Monitor system access
In addition to the security controls, Searchzone Sonik has the following facility which can be used to identify unexpected configuration changes:

  • Event History and Log

All user logins and system operations are recorded in the event log and may be viewed on the event history screen or by generating an event report. Use Searchzone Sonik Mobile App to access Event History and Log.
The above should be routinely monitored and verified as part of system maintenance.
4.1.2 user access and passwords
Search zone Sonik recognizes only one level of users. Users have unique usernames and passwords.
Each device is PIN protected. Observe the following good practice:

  • Ensure physical security of passwords. Avoid writing user names and passwords where they can be seen by unauthorized personnel.
  • Create a separate user name and password for each user. Avoid sharing of user names and passwords among multiple users.
  • Ensure that users only log in using their own credentials.
  • Periodically audit user accounts and remove any that are no longer required.
  • Ensure that passwords and user credentials are regularly changed.
  • Administer user name and password through Searchzone Sonik Mobile App.

4.1.3 Software and unusual operation 
If Searchzone Sonik Mobile App becomes unresponsive, shut it down and relaunch.
4.1.4 Memory media
Observe the following good practice when using a mobile device equipped with a removable SD card:

  • Use only authorized removable media that has been scanned and checked for viruses and malware using up-to-date anti-virus software.
  • Ensure that memory media used is not used for other purposes, to avoid risk of infection.
  • Control access to media containing backups, to avoid risk of tampering.
Access

Good security practices should be observed on devices to which Searchzone Sonik may be connected. See below.
4.2.1Operating Software
Operating systems and browsers should be kept up to date by installing the manufacturer’s updates.
4.2.2 User Access and Passwords
Good password security practices should be followed.

  • Require the use of strong passwords and user account controls.
  • Ensure physical security of passwords. Avoid writing user names and passwords where they can be seen by unauthorized personnel.

Search zone Sonik Mobile Application should not be left unattended when a configuration session is open. Access should be restricted to authorized users.
4.2.3 Synch with server
Search zone Sonik Mobile Application shall be connected to the server at least once a year to refresh the detector certificate registration.
4.2.4 Access PIN, Activation Key 
Prior to using Searchzone Sonik Mobile App you will receive Access PIN and Activation Key. Basic security measures should be taken.

  • Do not share Access PIN or Activation Key with unauthorized personnel.
  • Do not write down or record Access PIN or Activation Key.

Find out more
www.sps.honeywell.com
Contact Honeywell:

Europe, Middle East, Africa, India
Life Safety Distribution GmbH
Javastrasse 2
8604 Hegna
Switzerland
Tel: +41 (0)44 943 4300
Fax: +41 (0)44 943 4398
India Tel: +91 124 4752700
 Americas
Honeywell Analytics Inc.
405 Barclay Blvd.
Lincolnshire, IL 60069
USA
Tel: +1 847 955 8200
Toll free: +1 800 538 0363
Fax: +1 847 955 8210
 Asia Pacific
Honeywell Analytics Asia Pacific
7F SangAm IT Tower, 434 Worldcup Buk-ro,
Map-gu, Seoul 03922
Korea
Tel: +82-2-69090300
Fax: +82-2-69090328

Technical Services
EMEA:
US:

Please Note:
While every effort has been made to ensure accuracy in this publication, no responsibility can be accepted for errors or omissions. Data may change, as well as legislation and you are strongly advised to obtain copies of the most recently issued regulations, standards and guidelines. This publication is not intended to form the basis of a contract.
02/2021
2331M1230 Issue 2
© 2021 Honeywell Analytics