Skip to content

Security Information🔗

At MVTec, we prioritize product quality and customer benefit. Our software is developed by highly skilled engineers at our headquarters in Munich, following industry best practices and stringent guidelines.

We are committed to ensuring that our software:

  • Retains recognized industry standards and regulatory requirements.
  • Is designed and tested to be free from known vulnerabilities and backdoors.
  • Is continuously monitored and updated to address emerging security threats.
  • Provides all necessary documentation for full transparency on third-party components and dependencies

Secure Configuration🔗

The HALCON software is available in a development (SDK) and runtime (RTL) version. Only the RTL version is intended to be redistributed to customers. The RTL version is mainly a library, which inherently provides functions that are potentially dangerous from a cybersecurity point of view.

In general, all functions that access memory, provide I/O or file access need to be used with the necessary caution. It is the developer’s responsibility to ensure that no functions are used in an unintentionally insecure manner.

The operator set_system can be used to completely disable unwanted functionality using the parameter disabled_operators. All calls to operators need to be checked by the caller if the parameters are in a secure range.

HALCON provides various ways of communication and it is up to the developers of the final application to choose the security level according to their needs. For example, socket support includes TLS functionality, but this must be actively enabled by the developer.

You can find relevant changes in the release notes.

Security Contact🔗

If you have any security-related questions or concerns, please contact us at security@mvtec.com. Your request will be processed with care and discretion.

For more information and further contact options, please refer to the MVTec homepage at www.mvtec.com/cybersecurity.