TDC-X FW ver1.5.0

Release Notes – Version 1.5.0

Overview
The 1.5.0 release introduces a comprehensive set of new features, usability enhancements, and critical security fixes. This version focuses on strengthening system security, improving application management and network diagnostics, and delivering significant user experience improvements. We recommend all users upgrade to benefit from the enhanced stability, functionality, and protection included in this release.

New Features
Version 1.5.0 introduces several new capabilities to enhance flexibility and connectivity:
• Support for custom application installation.
• Ability to extend predefined applications with multi-container support.
• Separate subproject trees now available in SBOM for better project management.
• Added access to the IO-Link API via UNIX socket.
• Option to specify shorter passwords when WPA Enterprise is used.
• Ability to set a custom SSH server public key.
• Added Internet availability indicator and corresponding REST API.
• VSCode predefined app now has access to the Docker API.
• Introduced Port Forwarding configuration support.
• Added network diagnostic tools page.

Improvements
This release includes multiple refinements for improved usability, connectivity, and system management:
• Added password confirmation when creating new users.
• Option to specify firmware hash type during configuration.
• Added message to inform users when it’s not possible to connect to unsecured networks.
• Added firewall activity information on the Ethernet port.
• Removed default DHCP fallback mode from the user interface.
• Extended “Applications” API to support uninstall authorization.
• WLAN connections can now seamlessly roam among access points with the same SSID.
• Improved Docker authorization policy to account for default container capabilities.
• Extended “Port Forwarding” API to control firewall hole punching.
• Fixed layout issue where SSH page elements could slide off-screen.
• Resolved issue where application bundle upload could sometimes fail.

Security Fixes
This release includes several important security improvements addressing vulnerabilities and ensuring higher system resilience:
• PT7 – Fixed an open redirect issue through the redirect_url parameter.
• PT8 – Resolved a Cross-Site Scripting (XSS) vulnerability in the redirect_url parameter.
• PT12 – Mitigated a Denial of Service (DoS) vulnerability affecting /api/v1/system/logs/system.
• PT14 – Fixed an XSS vulnerability on /api/v1/system/administration/notice.

Bug Fixes
This release addresses several functional and stability issues:
• Fixed issue where DI on IO-Link connector OnChange stopped working.
• Corrected IO-Link swagger calls after IP changes.
• Resolved sporadic WLAN country code setting failures.
• Various minor performance and UI issues resolved for smoother operation.

Documentation Updates
Documentation has been updated and expanded to support the latest features:
• Updated WPAN documentation.
• Added code sample notes indicating unsupported features where applicable.
• Added CAN and Serial examples for Node-RED.
• Included disclaimer for WLAN periodic scanning.
• Added documentation for using host.docker.internal.

TDC-X FW ver1.4.1

We are pleased to announce a small patch update to version 1.4.0, delivering targeted bug fixes and usability improvements based on recent user feedback.

What’s New & Fixed
Resolved: Mount Capabilities

• The /datafs/operator path can now be reliably mounted inside containers, improving compatibility and operational flexibility.

Enhanced: Security Capabilities

• The DAC_OVERRIDE capability may now be explicitly added to containers, granting advanced users greater control over access rights when required.

Improved: Tool Installation Workflow

• The install-recommended-tools script is now interactive, enabling users to make installation choices step-by-step for a smoother setup experience.

Updated: Developer Documentation

• Documentation now includes guidance on Docker authorization limits.
• Expanded Frequently Asked Questions (F.A.Q.) section to support developer onboarding and troubleshooting.

TDC-X FW ver1.4.0

Introduction
This release introduces major enhancements focused on security, developer experience, administration, and usability. Our latest update advances Docker-based isolation, strengthens network protections, refines configuration options, and expands documentation for developers. Several services now operate more independently, and users benefit from clearer notifications, improved diagnostics, and robust API integrations. Below you’ll find a detailed summary of all new features and improvements included in this release.

Key Features & Changes

1. Containerization & Workspace Isolation
   • Docker Isolation with User Workspace Container
   • SSH Now Drops User Into a Workspace Container

2. Application Engine & Protocol Improvements
   • IO-Link is Decoupled from AppEngine
   • AppEngine Can Be Stopped
   • Remove Ethernet CROWN from AppEngine

3. Developer and API Enhancements
   • Developer Documentation Extensions
   • CSR API Endpoints

4. Diagnostics & Logging
   • Encrypted Diagnostic Dump Packages
   • Logging of Firewall Violations
   • Docker Engine Uses journald Logging by Default

5. Security Updates
   • Security Notification About Using HTTP
   • Firewall DOS Protection
   • AP Mode Uses WPA3 Security by Default

6. User Experience & System Configuration
   • Simplified TDC-X UI Firewall Page (Public, Private, NAT)
   • SSH Use Notification
   • Redirect to Login When Session Expires
   • WLAN Region Change Dialog
   • Analog Inputs Driver Update

Known issues:
IOLink settings will be lost after updating to FW 1.4.0

TDC-X FW ver1.3.0

We are thrilled to announce the release of TDC-X software version 1.3.0! This update introduces a range of exciting new features, with focus on Cyber Security, and enhancements designed to improve your experience. Here’s what you can expect in this version:

New Features

• Display system use notification functionality
• Full license texts viewable under SBOM
• Include copyright notices of original owners and contributors
• Login brute force protection
• Device DoS protection

Improvements

• Various security improvements for IEC62443
  • Access token invalidation postlogout implemented
• Copyright notices included for contributors
• Various performance improvements
• Authentication UI refactored to use Synergy components
• Initial diagnosis dump added to Diagnostics component
• Removed 3G limitation in Modem component
• TDCX UI:
  • Status link up/down for all network interfaces
  • Enable/disable Ethernet interfaces

Bug Fixes

• Fixed random 5GHz WiFi deactivation
• Resolved AppEngine infinite loop during HAL service restart
• Fixed HAL service failure during IOLink firmware upload
• Fixed TDCX UI TLS certificate download issue

TDC-X firmware v1.2.1

Release Notes
Sub version firmware release, fixing some important bugs.

Bugfix

• Fixed issue when RTC resets to year 1970 after reboot with NTP off
• Fixed IO-Link configuration when MQTT topic delete and interval "OnChange" do not work
• Fixed issue with Developers documentation appEngine link opens new tab indefinitely

TDC-X firmware v1.0.0

Software release of our first production firmware, bringing enhanced performance and new features to elevate your experience

Features

• User Interface
  • TDC-X UI Certificates page
  • Secure Boot status
• Automatic WLAN scanning refresh
• Funtional LED integration
• WPAN
  • HAL service API (gRPC)
  • enable / disable
  • discovery
  • connect / pair
  • read HID data (barcode scanner)
• Control Center - Extended applications API
  • deployment of application stacks
  • start / stop applications
• WLAN region select and enforcement
• Reset Button implementation
• Integrated device documentation in UI

Improvements

• Encryption of SWUpdate package
• USB host test
• Secure Boot synchronization with Trust Center solution
• IO Link - General improvements
• HAL Service proto files harmonization (Publish on SICK Profiles Place)

TDC-X FW ver1.2.0

We are excited to announce the latest release of our software for TDC-X, version 1.2.0! This version brings numerous new features and improvements. Here's what's new:

New Features:

• WLAN Access point mode
• WLAN device can connect to AP, get assigned IP address, can access WAN (internet) through device
• User can configure Access Point SSID and passphrase
• User can configure DHCP server parameters (range of IP addresses that will be assigned to WLAN devices)
• Device time is visible on UI at Home screen
• Operational data is visible on UI at Home screen
• SBOM and license information is available on the UI at Resources → Software Components IO-Link
• API documentation is available through Swagger
• IO-Link Examples and How to use guides are available under Developer documentation
• Linux Kernel update with PREEMPT_RT patch

Bug Fixes:

• AppEngine JSON CROWN bug
• Secure Boot status is properly displayed in the UI (if the device has enabled Secure Boot in production)
• Configuring time in the UI
• Switching between http/https

Security Fixes:

• CVE-2024-28757 (vulnerability in libexpat)
• CVE-2024-45490 (vulnerability in libexpat)
• CVE-2024-50602 (vulnerability in libexpat)
• CVE-2024-20696 (vulnerability in libarchive)
• CVE-2024-26256 (vulnerability in libarchive)
• CVE-2024-48957 (vulnerability in libarchive)
• CVE-2024-48958 (vulnerability in libarchive)
• CVE-2023-5156 (vulnerability in Gnu C Library)
• CVE-2023-0687 (vulnerability in Gnu C Library)
• CVE-2023-6246 (vulnerability in Gnu C Library)
• CVE-2023-6779 (vulnerability in Gnu C Library)
• CVE-2023-6780 (vulnerability in Gnu C Library)
• CVE-2024-9143 (vulnerability in OpenSSL)
• CVE-2024-2511 (vulnerability in OpenSSL)
• CVE-2023-45866 (vulnerability in BlueZ)
• CVE-2023-50229 (vulnerability in BlueZ)
• CVE-2023-50230 (vulnerability in BlueZ)
• CVE-2023-51596 (vulnerability in BlueZ)
• CVE-2024-6387 (vulnerability in OpenSSH)
• CVE-2023-52160 (vulnerability in wpa_supplicant)
• CVE-2024-52533 (vulnerability in Glib)

TDC-X FW ver1.1.0

Features/Improvements/Bug fixes

• CAN gRPC can show statistic of the interface

• Serial gRPC can show statistic of the interface

• Control Center API to view statistic of Ethernet interfaces

• Ability to switch CAN interface namespace so CAN bus usage is possible independently of AppEngine

• Extended developer documentation:
  • Bluetooth usage
  • Basic networking usage
  • GNSS usage
  • AppEngine CROWN API documentation is included
  • CAN bus usage independently of AppEngine

• IO-Link:
  • Added persistent port configuration
  • Fixed port Restore and Backup & Restore mode
  • Fixed data storage upload in UI
  • Fixed applying MQTT config

• Secure Boot (requires production level changes)

• IMU buffered read deadlock fix

• Backup and restore

Release Notes TDC-X.pdf