ES/S-B ARITA

Revision as of 15:52, 7 July 2023 by Wikiadmin (talk | contribs)
ES/S-B ARITA
ES/S-B L2 Platform

ES/S-B ARITA Icon Essbl2.png

INCORP, a ARITA/L2 Based System
Developer Netroda Technologies
Product Family Extensible Services / Server
Licenses N.P.A.L., FoundationShield (EULA)
Initial release 2015 (1998)
Current Version 2.24 (July 2023)
Timeline

Unnamed (2.24) (Current Version)

Platform Windows NT, FreeBSD, GNU Linux
Type Enterprise Resources and Business Applications
Programmed in Multiple, Undisclosed
Origin
  • IVECS (-2009)
    • ↳ ES/S-B (2015-)
Language(s) English, Deutsch, varies by used user interface

ES/S-B ARITA (Named after the famous Cono de Arita Mountain in Argentina) is a powerful, modular high-reliability and high integrity Business Applications Server System developed on base of the Extensible Services / Server Business L2 Platform.

ARITA was the Second member of the ES/S-B Family, today, most new applications, modules and subsystems are created for L2, also known as the ARITA platform, because it has specific advantages. The most common use case includes enterprise resource planning, facturing, finance and warehousing.

The ES/S-B L2 Core has been designed to maintain high stability and data integrity while offering good mantainability of data structures, seamless updating, migration and low process stacks to optimize speed.

Overview

The first version was published late 2015. The predecessors are still used by enterprises wordlwide, that (altough with some efforts) can still migrate their business applications to the ES/S-B L2 Platform

Technical

The ES/S-A Core application consists of the ESSInstance, that monitors, starts and ends all further processes, delegates resources and serves as mediator between components (Modularity). The System has integrated modules for

  • HTTP(S) Web Services
  • TCP/IP Communication
  • PBX Interfaces
  • Public Announcements and SIP Calling
  • E-Mail Signaling
  • Primitive Abstraction Layers (PAL)
  • Facility Services
  • Primive Data Points
  • Complex Objects
  • Script Engines (Extensible Object Script)
  • Building Model Providers
  • Network Cell Presency
  • HVAC and Climatization
  • Energy Monitoring
  • Electric Planning and Lookup
  • Fire and Threat Protection
  • Almbus/IP

Third-Party Modules

  • Primitive Abstraction Layers
    • INEG-L Protocol, via UDP/IP
    • Modbus/RTU/ASCII/TCP via IP (open-mbus), Serial
    • EIB/KNX Bus IEC 14543-3 via IP (cEMI), USB, Serial
    • Artistic Licence ARTNET for DMX512, via IP, USB
    • Modbus RTU/IP, via IP, USB, Serial
    • ASHRAE BACnet, via IP
    • X10 (CM11A) Protocol, Serial
  • Autonomous Instances
    • Asterisk PBX
  • Printer Drivers
    • ESC/POS
    • ESC/P2
    • IBM ProPrinter

User Interfaces

ES/S-A HOTA runs as command-line output only application. Most of the User interfaces are delivered via HTTP and renderen in a Browser Window. User interface can be serve interactive resources that are either directly accessible or require a middleware.

User Interface Type Audience
sv_ata HTML5 (HTTP/S) Residential focused user interface with support for mobile devices and touch screens, rich animated using extesively graphics elements, fun to use and interact with. Low technical knowledge required. Has many features like Screensavers, News, Weather forecast, Graphs, Visual control, Virtual Tours and more.
sv_gna HTML5 (HTTP/S) Professional focused user interface with support for multi-screen setups. Technical knowledge required to address all functions.
mta JSON (HTTP/S) Used for the MicroTaskInvoker application (Native Windows Application). Provides minimal acces to preconfigured functions.
cisco XML (HTTP/S) Used for Cisco SCCP Telephones to access the system via various Cisco IP Phones. Provides secured access to number and call registers, system shortcuts and control of devices.
telnet TCP/IP Provides remote control of the system using minimal bandwidth. Has access to many features of the system. Please notice that remote access must be provided by using an encrypted tunnel like IKEv2, because Telnet does not support TLS encryption.
esterm TCP/IP Provides partial graphical control of the system using text-only transmission utilizing the ESTERM Protocol, can be used with Netroda Technologies NETerm.

Globalization

ES/S-A HOTA uses English only, the various user interfaces that can be installed have variying international support. sv_ata currently supports 4 languages

  • English
  • Deutsch
  • 中国人
  • Tiếng Việt

Support

Support for ES/S-A HOTA is available is currently limited to e-mail support in english only.

Security

ES/S-A HOTA Supports TLS for the Secure HTTP Service (HTTPS) version 1.3. The web interfaces can be protected from bogon requests, internet access in WAN Networks. Network services feature automatic blacklisting and source-network abuse query. By utilizing FoundationShield or any other Firewall or Network monitor, ES/S-A HOTA can be securely exposed to the internet, following a positive risk assessment concering stability agains Distributed DOS (DDoS) attacks.

The default configuration does neither allow anonymous users, nor default credentials or insecure WAN access to recude the probability of security issues by misconfiguration or negligence.

The architecture requires modules accessing the core or other modules to obtain required privileges to execute specific actions. Responsible for distribution and approving is the ESAuthority, a integral core module. The system works by identifying module instances with unique and temporary tokens, that must be validated prior to execute actions in the target module. Applicable modules must provide necessary API functionality (ESAuthorityAwareService, ESAuthorityAwareCaller) and are responsible to correctly implement these by themself. ESContextAuthority provides information of call origins, and can differentiate many cases, such as automation, user interaction or remote procedure requests.

A zero-day vulnerability involving remote code execution in Log4j 2, (a Logging utility for Java) , given the descriptor CVE-2021-44228, was found and reported to Apache by Alibaba on November 24, 2021, and published in a tweet on December 9, 2021. Investigations proceeded and it was reported to customers, that ES/S-A HOTA is not affected, as Log4j (used by various components) is replaced by the distributed debugging service in release versions.

It is recommended to protect facility systems with at least two firewalls from different vendors or with different software.

See also

References

Template:Reflist

Template:WebManTools