Issue
Continuum NetController fails when a port scanning tool runs a network port scan on the ethernet network where the controller is connected.
Some of the controller failures that have been reported to Product Support Services include controller scan locked, controller resetting, hanged, stuck in bootloader etc. In some cases the controller may be running but exhibiting very strange symptoms due to its tasks scheduling being disturbed by the scanning traffic and/or due to memory corruption.
Product Line
Andover Continuum
Environment
- Continuum CX Gen 1
- Continuum Net Controller II
- Continuum ACX 2 Controller
- Continuum ACX 4 Controller
- Continuum bCX4040 (BACnet)
- Continuum bCX4000 (Router)
- Continuum bCX9640 (Infinet)
Cause
The legacy Continuum controller's network stack is not able to handle some of the packets generated by network scanning tools, most such tools explicitly point out that older internal systems may not be able to handle the port scanning traffic and may fail during the process.
The controller error log may show some variation of the following errors...
219 I 08/10/2024 13:14:53.35 0xbadd0018 0x00002500 0x001783f0 0x40602004 0x0017eeb4
Reset (Spurious interrupt)
4914 I 09/14/2022 09:00:54.00 0xbadd0002 0x00002600 0x02001bd4 0x48082600 0x020ffbb8
Reset (access error)
Resolution
The Continuum NetControllers are now legacy systems no longer in active development, therefore, the only known solution is to add the controller's IP address to the tools white list so that no port scanning packets are directed to the controller.
It is important to note that NONE of the Continuum NetControllers listed above use Windows or Linux based OS, this makes them less vulnerable to the typical hacker attacks.
Andover Continuum is a legacy Schneider Electric product. We strongly encourage upgrading your system to the more secure and feature-rich platform, EcoStruxure Building Operation.
