Skip to main content
Bosch Security and Safety Systems I South Korea
Public address and voice alarm

PRAESENSA Safety and Security

Find out more about the safety and data security measures of the PRAESENSA public address system.

Protecting public address systems

Modern public address systems are connected to the wider AV solution over IP. While this provides huge advantages in functionality, there is also an inherent risk that comes from the networked nature of these systems. Large amounts of information circulate over these networks, which can increase the risk of cybercriminals looking to access and steal sensitive data. To provide secure and reliable products, Bosch has established security and data protection as fundamental requirements during the entire life cycle of our products.

Man with laptop

Addressing potential vulnerabilities

Data security

Whether it is commercially important or safety critical, the data carried over audio networks can be extremely sensitive. For this reason, every aspect of the audio system and network needs to be addressed for security.

Solutions built on trust

All PRAESENSA system components are developed in accordance with Bosch's Security Engineering Process (SEP). We conduct comprehensive security testing for products prior to release, and regular penetration tests are performed as well. Any findings from these tests are assessed using the Common Vulnerability Scoring System (CVSSv3) (https://www.first.org/cvss/), an industry-standard framework. Identified vulnerabilities are addressed based on their CVSSv3 rating. In addition, we perform thorough threat and risk analyses on all our equipment during development and prior to release. Even after market release, PRAESENSA system components and software are continually updated and enhanced throughout their lifecycle. This ensures that our solutions remain secure and dependable, giving you confidence in the robust security foundation of our products.

Plugs in a network router

Product and data security measures

Security with supplier Security engineering process Vulnerability and incident management
Security with supplier
We have high-quality requirements for purchased products. To ensure the security of purchased products, modules, and components, we evaluate the product security of each supplier as an integral part of our purchasing process.
Security engineering process
Whenever we develop a new product, we conduct a comprehensive threat and risk analysis and create an individual security concept for the product and its integration into a complete solution. We ensure product security with comprehensive security and penetration testing during the design phase and before release. Any updates, patches, or upgrades will undergo the same rigorous tests and only be deployed once they have proven secure.
Vulnerability and incident management
Because environments are constantly evolving, 100% security can never be guaranteed. To address this, we have established a structured vulnerability and incident management process to professionally manage potential product security vulnerabilities and incidents. Additionally, as part of our ongoing commitment to providing the safest and most secure solutions, we continuously adapt and enhance our processes—not only to address new security-related requirements and increasing market awareness but because we believe in upholding the highest standards of security. Visit our Security Advisories webpage to stay informed about identified security vulnerabilities, proposed solutions, and updates on compliance with new security standards.

 

How we maximize data security to meet the highest reliability standards:

Password policy configuration

Compliance with specific guidelines and standards

Minimum TLS 1.2

A minimum version of TLS 1.2 provides maximum security.

Encrypted firmware

Verifies firmware authenticity and prevents malware insertion.

Session timeout

Manage how long a configuration session can be left unattended

Secure by default

Maximum security preset as standard

Secure and encrypted ONMEO

Authentication for OCA control and encrypted AES67 audio

Reporting Product Security Vulnerabilities

Data security visual with keypad

Bosch Building Technologies takes security very seriously, and investigates all vulnerability reports.

Whenever you think you have identified a vulnerability or any other security issue related to a Bosch Building Technologies’ product or service, or any other Bosch product, please contact the Bosch Product Security Incident Response Team (PSIRT):

https://psirt.bosch.com

Resources and tools

Learn more about data security

download icon

PRAESENSA

 Security precautions

Share this on:

Explore more