This is the third blog post in our What’s New With FIN series where we will explore how the FIN Framework is more open, fast, robust, and extensible.
Continuing our series on the exciting new updates to the FIN Framework, we will look at how FIN 5 is more robust than ever. Following J2 Innovations acquisition by Siemens last May, there is now a stronger emphasis on ensuring FIN offers the best cyber-security features.
What Siemens has brought to J2 Innovations (among other things), is deep knowledge and experience in quality assurance processes. We have used these processes to improve the security of FIN and thus enhance its robustness.
Agile Workflow Development Process
The J2 Innovations development team has implemented new software quality processes thanks to the years of experience from our parent company, Siemens. In the development of FIN 5, we followed an agile workflow process development cycle that started with documenting features and issues before any coding began. An integral part of the process is testing, which includes unit testing, automated testing, regression testing, and finally extensive field testing prior to release. These rigorous quality assurance processes ensure that FIN 5 meets the highest standards.
J2 Innovations is now part of Siemens cyber-security initiative to ensure all aspects of the framework are continually monitored for vulnerabilities and threats, with regular updates as necessary. FIN was designed to comply with the IEC62443 security standard. In addition to the rigorous testing mentioned above, comprehensive penetration testing was conducted. During penetration testing, hackers are tasked with the challenge of breaking the software to try and discover vulnerabilities. FIN 5 passed ISTS penetration testing, making it state of the art when it comes to cyber-security.
New FIN Host App
Cyber-security is not just about quality of software, it’s also the way the software is installed and used. Phishing attacks are becoming more pervasive and are one way hackers can access your system, no matter how securely it was built. One of the ways FIN is secure by design, is through the redesigned Host App. FIN’s new Host App includes security enhancements which require users to use strong passwords, and to change passwords through the time expiring feature. This way, if someone with malicious intent accesses a password, it isn’t valid for very long. FIN also does not allow any user to continue with the default password; instead requiring all new users to change their password before continuing to use the system.
The Host App also works independently outside of a project, and additional project management tools have been added for viewing licenses and usage, installing and updating Pods, and links to new interactive developer docs.
FIN’s documentation is now a graphical navigation system. This visual index contains a diagram of the software, making it easier for users and developers to find what they’re looking for.
IT Hardening Guide
We have created a new IT Hardening guide, and an IT White paper to help support IT security professionals implement FIN. This comprehensive guide is an essential pillar to meet highest cyber-security levels. It provides detailed guidance on how to securely commission a project using FIN Framework, as well as guidance on how to securely commission a building automation project in general. The document is targeted at technical professionals both on the OEM / distributor level as well as the SI’s engineering level.
“Many of quality assurance processes Siemens incorporates in their design and development are now fundamentally part of J2 Innovations’ new quality culture. I believe we’ve been able to strike the right balance between innovative and robust products.” – Alex Rohweder, COO, J2 Innovations
All of these updates make FIN 5 the most cyber-secure, robust, and easy to use version of FIN so far.