Follow

HP 4200 Software"SW" indepth Questions [Boeing Case]

Brandon Boulden
  1. Does the HP MJF offer an RJ45 port for network connections that is accessible by the operator from outside of the machine?
  2. Does the HP MJF offer at least one open USB port for patching, maintenance and taking data off the equipment that is accessible by the operator from outside of the machine?
  3. Do the equipment connections (RJ45 and USB ports) have a cover to protect from tampering? i.e. cover, banner, label
  4. Does the HP MJF 4210 use only wired data transmission for all sensing, control and device communication?

[ScottW – HP] Yes. The only connectivity to machines is via ethernet.

  1. If wireless is required, does the equipment have the ability to hold wireless certificates?
  2. Does the HP MJF 4210 have any know Next-Gen firewall known issues? Such as Palo Alto app ID restrictions

[ScottW – HP] Not that I’m aware of.

  1. Does the HP MJF 4210 ensure administrative and technical controls are implemented to support individual accountability regarding use of information systems? i.e. admin, maintenance, operator log-in accounts.

[ScottW – HP] There is no operator login on the machines for normal operation.  Customers can set an admin password on the machine front panel, and certain service and configuration related activities require a service password which only HP has.  We do track where jobs come from (which application, machine IP address, user name) in the internal job data.  That data can be extracted via the REST API mentioned above.

  1. Does the HP MJF 4210 have event logging for traceability of actions to individuals?

[ScottW – HP] No.

  1. Will Boeing administrators be able to create a file directory folder on the printer?

[ScottW – HP] No.  there is no mechanism to log into the machine or access storage resources inside the machine. 

  1. Is the HP MJF 4210 compliable with two factor authentication?

[ScottW – HP] No.

  1. Does the HP MJF 4210 monitor user activity to ensure that users are behaving as expected, to assess the adequacy and effectiveness of internal controls, and to support investigations. i.e. logging, event and auditing

[ScottW – HP] Since operators do not have to log into the machines, there is no concept of “user monitoring” within the system. 

  1. Does the supplier provide documentation to recreate the computer from bare (w/o OS) hardware?

[ScottW – HP] I’m not sure what the context is here.  If it’s related to the SmartStream Command Center application, the only requirements we place on customers is to install it (both server and client components) on a Windows-based machine (Win7 and forward) of their choosing and that the server component run on a machine that is running 24/7.   

  1. Does the HP MJF 4210 contain vendor managed network devices? i.e.  Network switches, USB hubs, etc
  2. Does the HP MJF 4210 require "open share" folders?
  3. Does the HP MJF 4210 use the principal of "least privilege"? i.e. not all functions run as administrator

[ScottW – HP] Yes.  This is true of user actions that require external Admin privileges as well as how the internal code access is managed.

  1. Does the HP MJF 4210 limit share permissions to authorized users?

[ScottW – HP] There is no sharing of anything on the machine directly.  In order to access data from the machine, the application requesting it needs to have credentials (which we issue as part of the technology agreement). 

  1. Does the HP MJF 4210 use standard TCP/IP communications? i.e. can have a default gateway set and doesn’t just broadcast information to everything on the wire

[ScottW – HP] Yes.  Further, the machines do not broadcast anything – all interaction occurs with the machine as the server and the application as the client.

  1. Does the HP MJF 4210 support static and/or DHCP network addresses?

[ScottW – HP] Both.

  1. Does the HP MJF 4210 support password complexity by being capable of meeting the standard 14-characters requirement?

[ScottW – HP] Yes (Speedy, can you confirm?)

  1. Does the HP MJF 4210 support capability to map drives and hold credentials

[ScottW – HP] No.  There is no access to the machine from outside beyond the REST API’s.

  1. Does the HP MJF 4210  designed to allow 3D printing to continue without  interruption if the user logs off,  allowing Boeing to implement 2-factor authentication.

[ScottW – HP] Yes, in the sense that the user doesn’t log on to the machine.

  1. Can the HP MJF 4210 use Boeing IT hardware (commoditized Dell desktops provided by Boeing IT) when possible, in order to ensure the provision of 24/7 Boeing IT factory support?

[ScottW – HP] Yes, for the SW application stack. 

  1. Does the HP MJF 4210 system and application software be configured to minimize the potential for abuse or unauthorized access.

[ScottW – HP] Neither the machine nor the monitoring / job submission applications HP provides require user authentication.

  1. All software developed for this delivery is owned by Boeing and is considered Boeing intellectual property (IP).

[ScottW – HP] I will have to defer to the HP legal

  1. The System software developed as part of this delivery shall be provided by Supplier in an installable form with complete software loading procedures and documentation and not require Supplier support.

[ScottW – HP] Yes.

  1. The Supplier shall be responsible for diagnosis and correction of any errors in the supplied software, logic, or hardware.

[ScottW – HP] Yes, through the standard HP support processes.

  1. The Supplier shall document software configuration, including dataflow diagrams, flow charts (from system to module level), pseudo code for each module, a description of all library functions, and in installation format.

[ScottW – HP] This is not a standard provision – needs legal review.

  1. The Supplier shall provide all software in a manner that will allow future upgrades to the Windows OS without impacting the functionality of the software for its intended use.

[ScottW – HP] Yes.  If a version of SW requires and newer version of the host OS, or vice versa, that will be communicated clearly and with time to transition.

  1. The Supplier shall provide software that allows for periodic Windows OS patches and the running of antivirus or some malware prevention software.

[ScottW – HP] Yes.

  1. Is the HP MJF 4210 capable of operating on the most current version of Windows OS (Windows 10)?

[ScottW – HP] The machines do not involve a Windows system in any way.  Our SW is tested on Windows from Win7 and forward.

  1. Does the HP MJF 4210 have any hard coded IP addresses?

[ScottW – HP] No.

  1. Does the HP MJF 4210 have any hard coded passwords?

[ScottW – HP] Yes.  The machines contain a set of pre-allocated credentials for API clients. 

  1. The Supplier shall provide prompt notification and delivery of new or updated versions of the operating system and application software during the warranty period at no cost to Boeing.

[ScottW – HP] This is true today, but as new applications are developed and released they may require licensing fees.  We shouldn’t make this statement in any absolute form.

  1. Will vendor register software installed on the System in Boeing’s name and provide their license identification and registration numbers?

[ScottW – HP] Where applicable, yes.  Today the SW applications for MJF machines is free and doesn’t require separate licensing.

  1. The Supplier shall identify what computer software is required to restore, backup, and/or edit each piece of proposed software.

[ScottW – HP] Yes.

  1. The Supplier shall deliver physical media backup copies of software installed on the System to Boeing in accordance with the Purchase Contract.

[ScottW – HP] No – there is no physical media associated with the SW shipped with MJF machines.

  1. Does the HP MJF 4210 allow Boeing to change account passwords ?

[ScottW – HP] Depends on where.  The machine admin password can be changed via the front panel.  We don’t manage accounts at the software level today, so that is out of scope.

  1. Does the HP MJF 4210 able synchronize its real-time clocks from a Boeing-provided NTP server.

[ScottW – HP] The machines are synchronized via NTP via the Command Center server SW.  We do not support pointing that application at custom servers.

  1. Does the HP MJF 4210  maintain records of access by authorized users?

[ScottW – HP] No.

  1. System Supplier shall identify all software, files, executables, tools, builders and/or manuals that are required in order to configure the proposed HMI solution.

[ScottW – HP] Not sure what the context is here.  The SW shipped with MJF machines will include manuals and instructions.  There are no separate HMI components included with the machines, so I don’t think the rest of this applies. 

  1. The System shall have the capability to store machine control data (MCD) or NC Programs with a reasonable limit to allow excess capacity for growth.  What are current capacities and what would be a reasonable capacity ceiling to allow for growth?

[ScottW – HP] The printers can contain an active queue of 15 jobs at a time, and jobs that have been printed can be stored for an indefinite amount of time based on hard drive capacity.  Current systems contain a 1TB drive to store job history and other historical data.

  1. The System shall have the capability to receive manual downloads of MCD via secure USB flash drive (for backup functionality if automated download is not possible).

[ScottW – HP] USB-based insertion and invocation of print jobs is not supported. 

  1. The System shall have the capability to store MCD that is delivered manually via secure USB flash drive (for backup functionality if automated download is not possible).

[ScottW – HP] This is not a supported workflow – jobs are submitted through the job submission API and not via USB. 

  1. The System shall prohibit manual editing of the MCD immediately upon MCD load into the part program directory while in any mode except MANUAL EDIT mode.\

[ScottW – HP] This is true.  Once the content of a job is submitted to machines, the contents are processes and not editable. 

  1. The System shall display a “Purge MCD” prompt on the HMI with [HMI ICD] upon completion of the active MCD.

[ScottW – HP] In the case of NJF printers, the job content (not the job metadata and history) is deleted unless the operator indicates that the job should be re-printable from the machine front panel.

  1. Supplier shall identify FCC IDs for any radios within the automation cell.

[ScottW – HP] I don’t believe we have any hardware that transmits radio signals in MJF machines.

 

---Questions asked by Boeing's IT department. Answered by Scott W of HP----

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments