Modules added

Short Note

Traffic rules

Defines the rules for network traffic management, such as prioritization, blocking, or allowance of data packets.

NTP settings

Configures the Network Time Protocol settings to synchronize the system clock with NTP servers.

Banner text

Customizable text displayed on the system banner for identification or informational purposes.

General settings

Central hub for configuring broad system settings such as language, time zone, and other system-wide parameters.

OPCUA client settings

Configuration settings for OPC Unified Architecture (OPCUA) clients to facilitate machine-to-machine communication.

Quick client

Provides a simplified, user-friendly interface for interacting with client settings and establishing quick connections.

Tags

Labeling mechanism to categorize and manage elements within the system for easier identification and access.

Cyberguard dashboard

A security feature providing a visual overview of the system's security posture and active cybersecurity measures.

Active threats

Real-time monitoring tool that identifies and lists current threats detected within the system's network.

Threat logs

Records and archives of security threats encountered, providing a historical log for analysis and audit purposes.

SMTP settings

Configuration of Simple Mail Transfer Protocol (SMTP) for sending out emails and system notifications.

Process

Outlines the procedures and workflows within the system for various operations, maintenance, and monitoring activities.

Certificate

Manages digital certificates for the system, ensuring secure communication and data exchange.

Password policy

Sets the standards for password complexity and rotation to enhance the security of user credentials.

Firmware Version - 0.6.5

Features

Description

Firmware Version

Version 0.6.5

Compatible Hardware

version 1 or above

New features and Improvement

-implemented signed rootFS using dm-verity. Added dm-verity signature verification in initramfs. This completes secure boot chain of trust.

-Added nftables v1.0.9 for firewall (to be used instead of iptables). updated u-boot to accept increased image size

-Added find and nft commands to adm group sudo capabilities

-Added firmware release notes in folder /etc/release_notes/firmware. 

-Consolidated release notes and release number source info in meta-tas/release-data folder

-Updated u-boot for hardening, add autoboot features: wait for 3 secs for autoboot interruption, delay boot on string input, retry boot with reset after 15 secs in idle u-boot prompt

-Updated web interface to commit hash 9a17946d

Fixed Issues

-Issues found in apache server during penetration testing. Upgraded apache-tomcat to version 9.0.85

-Factory reset failed to clear data partition. Added e2fsprogs-mke2fs package to initramfs

-Static IP address was changing to dhcp assigned address on ethernet cable reconnection. Fixed interaction between dhcpcd and systemd, cleaned up un-needed systemd network profiles, assigned static address in dhcpcd config

Firmware Version - 0.6.4

Features

Description

Firmware Version

Version 0.6.4

Compatible Hardware

version 1 or above

New features and Improvement

-Developed signed FIT image for kernel. FIT image includes kernel, initramfs and dtb - changes to machine config, kernel recipe, u-boot code, u-boot environment vars, imx-boot recipe, and swupdate image. 

-Initialized hwclock to system time, if hwclock loses time for any reason. 

-Code cleanup to remove files and stuff that are not required any more. 

-Updated web interface to commit hash e1f6382f

Fixed Issues

Fix for unstable ping response times on lan0.

Firmware Version - 0.6.3

Features

Description

Firmware Version

Version 0.6.3

Compatible Hardware

version 1 or above

New features and Improvement

-Added base-utils package to get gnu versions of utilities (instead of busybox), removed parted utility 

-Changed log utility from busybox to rsyslog 

-Changed startup sequence of all services - startup-tasks to run before dhcpcd and network services start, taswp500config to start immediately after network target is reached, all other services to start after config completes 

-Cleaned up network configuration files 

-Changed root overlay partition size to 1GB 

Fixed Issues

Removed unnecessary file system sizing calls from init script

-Suppressed rcu cpu stalls 

Firmware Version - 0.6.2

Features

Description

Firmware Version

Version 0.6.2

Compatible Hardware

version 1 or above

New features and Improvement

-Added startup task to disable RTC clkout. Disabled RTC CLKOUT frequency output 

-Added factory reset script /usr/bin/fact_reset.sh (Should run with sudo). Added fact_reset.sh to adm group sudo capabilities 

-Added back RT patch in Linux kernel 

-Added default .bashrc file 

-Included webinterface repo commit hash d15b8229 

Fixed Issues

-Cleaned up Linux device tree and config. Removed extra devices not in use

-Removed old swupdate initramfs that is not being used. 

Firmware Version - 0.6.1

Features

Description

Firmware Version

Version 0.6.1

Compatible Hardware

version 1 or above

New features and Improvement

-iAdded imx HAB (secure boot) authentication to linux kernel and device tree 

-Cleaned up linux kernel recipe, dts and defconfig; removed unnecessary files, patches and defines. 

-Changed rootfs image type to squashfs (read-only). Changed image size and partition size for future expansion in rootfs squashfs image 

-Updated init script and swupdate sw-description as per changed rootfs type 

-Created boot partition image and added to swupdate process. Now all Kernel, device tree and rootfs are all updated in single package 

-Added NTP sync status to hwstatus.dat -as NTP_SYNC_STATUS=no/yes 

-Added MQTT and threat Red/Green LEDs.  

-Removed all users access to config.ini. Added paths for t5cod and t5certificate 

-Moved snort script and service source code to webinterface repository 

-Updated SSH banner link to use banner from web-interface 

Fixed Issues

-Stabilized NTP sync operation 

-Added hwclock to adm group sudo capabilities 

Firmware Version - 0.6.0

Features

Description

Firmware Version

Version 0.6.0

Compatible Hardware

version 1 or above

New features and Improvement

-Implemented secure boot. HAB class, u-boot recipe and scripts/ files added. U-boot config and machine config changed.

-Added webinterface files  

Fixed Issues

-Increased rootfs partition size allocation, to prevent failures during swupdate due to lack of space.