Honeywell Suit Iso User Guide

SUIT
AUGUST 2021
SUIT ISO User Guide

AUGUST 2021
ABOUT THIS GUIDE
DISCLAIMER
This document contains Honeywell proprietary information.
Information contained herein is to be used solely for the purpose submitted, and no part of this
document or its contents shall be reproduced, published, or disclosed to a third party without the
express permission of Honeywell International Sàrl.
While this information is presented in good faith and believed to be accurate, Honeywell disclaims the
implied warranties of merchantability and fitness for a purpose and makes no express warranties except
as may be stated in its written agreement with and for its customer.
In no event is Honeywell liable to anyone for any direct, special, or consequential damages. The
information and specifications in this document are subject to change without notice.
Copyright 2021- Honeywell International Sàrl
SUIT ISO AUGUST 2021 2

ABOUT THIS GUIDE
Table of contents
1 ABOUT THIS GUIDE ....................................................................................................5
1.1 Support and other contacts ................................................................................................................... 5
1.2 Symbols and definitions ...................................................................................................................... 6
1.3 Scope ................................................................................................................................................... 7
1.4 Revision history................................................................................................................................... 8
1.5 Intended audience .............................................................................................................................. 15
1.6 Related documents ............................................................................................................................ 15

2 INTRODUCTION ........................................................................................................16
2.1 Overview ........................................................................................................................................... 16
2.2 Supported HPS Products ................................................................................................................... 16
2.3 Honeywell Recommendation ............................................................................................................ 19

3 UPDATE MANAGER ..................................................................................................21
3.1 supported products ............................................................................................................................ 21
3.2 Checking for Available Updates........................................................................................................ 32
3.3 Validating Security Updates .............................................................................................................. 35
3.4 Validating Non-Security Updates ...................................................................................................... 36
3.5 Validating Latest ISO ........................................................................................................................ 36
3.6 Viewing ISO Configuration File ....................................................................................................... 37
3.7 Known Issues and Workarounds ....................................................................................................... 38

3.7.1 Known Issue: Updates fail to install due to USB lockdown enabled. Ex: KB982018,
KB2775511 .................................................................................................................................................. 38
3.7.2 Known Issue: SUIT ISO DVD is taking hours to deploy when a system has WSUS, but the
user wants to use the SUIT ISO to align the system. .................................................................................... 39
3.7.3 Known Issue: DVM R500/R600/R620 and EBI R430 ................................................................... 40
3.7.4 Known Issue: SUIT ISO failed on RAE node ................................................................................ 41
3.7.5 Known Issue: DVM R600/R620/700 and EBI R500/600 On Windows 10/Windows Server
2016. 41
3.7.6 Known Issue: On certain scenarios installing MS update using Dec 2019 ISO may cause OS
crash. 42
3.7.7 Known Issue: ELCN Nodes get stuck in LOC_LOAD after installing Security Update Nov ‘19
or later. 42
3.7.8 Known Issue: Microsoft Security Update September ’19 ->Jan ‘20 might cause a memory leak
in Experion Station on Experion R43x and R5xx. ........................................................................................ 43
3.7.9 Known Issue: KB3125574 install failed on Windows Server 2008 R2 and Windows 7 using
August 2019 ISO or later .............................................................................................................................. 44
3.7.10 Known Issue: EPKS R510.x and R511.x nodes continue displaying popup to install SQL
Server Cumulative Update 22 (CU 22) update KB4577467 although already installed ............................... 46
3.7.11 Known Issue: Error message “Cannot find Script file” is displayed while running January 3
2021 ISO media ............................................................................................................................................ 48

ABOUT THIS GUIDE
3.7.12 Known Issue: When update installation is done by mounting SUIT ISO media, installation
stops after system restart, after installing Service Stack Updates (SSU) ...................................................... 49
3.7.13 Known Issue: Last ISO Installation details not getting updated in Windows 10 1809 tablet
(Node ID: 285) ............................................................................................................................................. 49
3.7.14 Known Issue: MS Updates fails to install with multiple error codes .............................................. 50
Microsoft has suggested below 3 workarounds for fixing this issue: ........................................................... 51
3.8 Procedure to Clean up disk: ............................................................................................................... 51

4 TERMS AND DEFINITIONS .........................................................................................53
5 NOTICES..................................................................................................................54

ABOUT THIS GUIDE
1 About this guide

This guide provides information about using ISO and to keep system updated with latest
available/qualified Security/Non-Security updates.
It is highly recommended that a user completely understands and exercises

precautions published in this document before using the ISO for installation of
ATTENTION Security and Non-Security hot fixes.
1.1 Support and other contacts

Country Contact Phone MAIL/EMAIL FASCIMILE
USA Honeywell 1-800-822-7673 Honeywell TAC, MS L17 1860 W. 1-973-455-
Solution (outside Arizona) Garden Lane Phoenix, AZ, 85027 5000
Support 602313-5558(in USA
Center Arizona)
Europe Honeywell +32-2-728-2732 TAC-BE02 +32-2-728-

TACEMEA Hermes Plaza Hermeslaan, 1H 2696
B-1831 Diegem, Belgium
Pacific Honeywell 1300-364-822 (toll free Honeywell Limited Australia 5 +61-8-9362-

Global TAC within Australia) Kitchener Way 9564
– Pacific +61-8-9362-9559 Burswood 6100, Western/
(outside Australia) AustraliaGTAC@honeywell.com
India Honeywell +91-20-6603-9400 Honeywell Automation India +91-20-6603-

Global Limited 56 and 57 Hadapsar 9800
TAC-India Industrial Estate,
Hadapsar, Pune-411013-Pune/
India Global-TAC-
India@Honeywell.com
Korea Honeywell 82-2-799-6317 (toll free Honeywell Co., Ltd 4F, Sangam +82-2-792-
Global TAC within Korea) IT Tower 9015
– Korea 1590, DMC Sangam-dong, Mapo-
gu Seoul, 121-835, Korea/
Global-TAC-
Korea@honeywell.com

ABOUT THIS GUIDE
Country Contact Phone MAIL/EMAIL FASCIMILE

China Honeywell +86- 21-2219-6888 Honeywell (China) Co., Ltd
Global TAC 800-820-0237 33/F, Tower A, City Center, 100
– China 400-820-0386 Zunyi Rd. Shanghai 200051,
People’s Republic of
China/
Global-TAC-
China@honeywell.com
Singapore Honeywell +65-6580-3500 Honeywell Private Limited +65-6580-3501

Global TAC Honeywell Building +65-6445-3033
– South East 17, Changi Business Park Central 1
Asia Singapore 486073/
GTAC-SEA@honeywell.com
Taiwan Honeywell +886-7-536-2567 Honeywell Taiwan Ltd. +886-7-536-

Global TAC 17F-1, No. 260, Jhongshan 2nd 2039
– Taiwan Road. Cianjhen District
Kaohsiung, Taiwan,
ROC/
Global-TAC-
Taiwan@honeywell.com
Japan Honeywell +81-3-6730-7160 Honeywell Japan Inc. +81-3-6730-

Global TAC New Pier Takeshiba, South Tower 7228
– Japan Building,
20th Floor, 1-16-1 Kaigan, Minato-
ku, Tokyo 105-0022, Japan
Global-
TACJapanJA25@honeywell.com
1.2 Symbols and definitions

The table below describes the symbols and their definitions that are used across in this document.
Symbols Definitions
NOTE: Identifies advice or hints for the user, often in terms of performing a
task.
ATTENTION: Identifies information that requires special consideration.

ABOUT THIS GUIDE
1.3 Scope
 This document is expected to guide a user to keep systems updated with the latest Microsoft
Security/Non-Security updates qualified by Honeywell for the supported HPS products that are
released to market.
 Microsoft Security/Non-Security updates are re-distributed as a standard ISO which has a tool
embedded, Update Manager, designed to manage the Security/Non-Security updates for the
supported HPS product nodes.
 The document also provides information on the HPS product nodes which are assigned with a
unique node ID, used by the Update Manager to identify the node.
 The document describes the various recommendation standards followed by Honeywell to help
a user to understand the importance of recommendations which Honeywell provides to all the
security updates.
 The recommendations are provided in the datasheets of all the security updates bundled in the
ISO. The datasheets can be accessed from the Honeywell On Line Support OLS.
 Though Honeywell provides a recommendation for all the security updates,Honeywell would
not account for any consequences if a user is at his/her own discretion to override the
recommendation provided.
Regardless of the approach taken to update systems with Microsoft

Security/Non-Security updates, Honeywell disclaims the consequences of
ATTENTION
overriding the recommendation associated with all Security/Non-Security
updates.
 This document also deals with the security update install exceptions, it is imperative for a user
to visit this section to obtain a clear set of instructions, if a security update is to be exempted
from installation on any of the HPS products.

ABOUT THIS GUIDE
1.4 Revision history
Revision Release Description
1.0 June 2012 Merged Update Manager User guide and SUIT-
ISO user guide, added region wise contact details.
1.1 July 2012 ISO support for Safety Manager has been upgraded
to R133.3, R145.1 and R1501.
1.2 August 2012 ISO support for EPKS R400.3, EBR

R400.1/R410.1 and PCUS R400.1 has been added.
1.3 September 2012 ISO support for Windows Server 2008 & Windows
Server 2008 R2 Domain Controllers and TPA
R690 has been added.
1.4 October 2012 ISO support for LS/HS R400 and PCUS R400.1 on
Windows 7 SP1 has been added.
1.5 November 2012 ISO support for RAE R610 has been added.
1.6 January 2013 ISO support for PMD R800.1, EPKS R410 RESS
and SM 133.4 on XP SP3 IE6 & IE7 has been
added.
1.7 February 2013 ISO support for SM 133.4 on Windows Server

2003 & Windows 7, Plant Cruise R100.3 and BMA
R340.2/R400.1/R401.1 has been added.
1.8 March 2013 ISO support for FDM R430.1 and EBR R410.1 on
Windows Server 2008 SP2 has been added.
1.9 April 2013 ISO support for EPKS R410.2 and RAE5.0
Update6 with EPKS R301.3 & R310.3 has been
added. Removed updates to obsolete Operating
Systems/ obsolete Windows Components from
ISO.
2.0 June 2013 ISO support for Plant Cruise R100.3 on Windows 7
SP1 and DVM R500.1 has been added.
2.1 July 2013 ISO support for BMA and RAE5 Desktop Server
with EPKS R30x, R310.x & R311.x has been
added.

ABOUT THIS GUIDE
2.2 August 2013 ISO support for HS R410 and vCenter Server 5.0
on Windows Server 2008 R2 SP1 has been added.
2.3 September 2013 ISO support for EPKS R410.3 and FDM R430.1 on
x86 has been added.
2.4 October 2013 ISO support for Print a GUS has been added.
2.5 January 2014 ISO support for BMA OPBC Standalone Client
nodes and EBR R410.2 on Windows Server 2008
R2 SP1 has been added.
2.6 March 2014 ISO support for EPKS R430.1, FDM R440.1 and
SM R133.5/146.1 on Windows Server 2003 SP2 &
Windows XP SP3 has been added.
2.7 July 2014 ISO support for SM R133.5/146.1/151.4 and FSC

R710.6 on Windows Server 2008 R2 SP1
2.8 January 2015 ISO support for PMD R830.1 ha`s been added.
2.9 March 2015 Updated node ID’s information table.
3.0 April 2015 ISO support for EPKS R431, PCUS R431, EPKS
R430 & 431 Flex Server, and FDM R450 on x86 &
x64, EBR R430 and SH R200.2 on x86 & x64 has
been added.
3.1 May 2015 ISO support for FDM R440 on x86, PBM R431.x,
SM R152.1 and FSC R710.7 has been added.
3.2 June 2015 ISO support for PCUS R430 has been added.
3.3 August 2015 Removed ISO support for nodes running on

Windows 2003 and XP OS. However, a separate
Phased-out-products ISO is under progress for
these nodes.
3.4 September 2015 Updated Description for Nodes with ID 181-185
3.5 October 2015 ISO Support added for EPKS 400.8 with IE9,
PCUS 431.2 with IE9 PMD 831.1 and EPKS 410.x
& 430.x combinations are added for BMA nodes
202 to 206
3.6 December 2015 Added Sec 3.7 – Known Issues and Workarounds
3.7 April 2016 Added Note III(a) in end of 2.2 section

ABOUT THIS GUIDE
3.8 May 2016 MS ISO support added for BMA nodes

217,219,220, 221,223,225,226,227,
228,230,231,232,233,234,235,236,237,238
3.9 June 2016 Added Note III(b) in end of 2.2 section
3.10 July 2016 EBR 4xx support is added, independent of IE
3.11 July 2016 ISO support added for EPKS R430.5/ R431.3/
R410.9/ R432.1 (Server A, Server B, ESF, EST,
EAPP, Flex Sever) with IE 11 and .Net 4.5.2,
EPKS 431.x Orion Console, BMA nodes for 4xx
releases, P3. Added Note IV in the end of section
2.2
3.12 September 2016 Reframed node IDs for EPKS R410.9 /R430.5/
R431.3/ R432.1 and added support (NONRED,
SCE, EServer, EHG, EAS and RESS) nodes. ISO
Support added for DC on W2K8 SP2 with IE 9 and
W2K8 R2 SP1 with IE11 Updated the Note I (1) in
section 2.2
3.13 October 2016 ISO support added for SM 153.3/160.x on

WIN2K8 R2, WIN 7 SP1 and HSR 430.1
(ESVRA/ESVRB/FLXSRVR) on WIN7-64bit,
HSR 430.1 (EESRV) on WIN2K8R2.
Added a known issue description and workaround
under section 3.7.
Added new SM and HSR releases entry in
HPS/Third Party Product table under section 2.2.
3.14 November 2016 ISO support for LX R 120.1 Patch1 on WIN2K8

R2 SP1 and Windows 7 SP1 has been added.
Removed Note III(a) in end of 2.2 section
3.15 December 2016 ISO support for FSC 710.9 and Domain
Controllers on Windows Server 2012 and
Windows Server 2012 R2 has been added
3.16 March 2017 ISO support for EPKS R500.1, PMD R900.1, PBM
R500.1, BMA R4xx nodes with IE11 &

ABOUT THIS GUIDE
3.17 April 2017 ISO support for RAE R700.1, BMA 400 nodes
with .Net 4.5 and Domain Controller on Windows
Server 2016 has been added. Updated Known
Issues section 3.7
3.18 June 2017 ISO support for HS R500 and EBR500 has been
added. Updated Known Issues section 3.7
3.19 July 2017 ISO support for FDM R500 has been added.
3.20 August 2017 ISO support for SM R153.4, DVM R600.1 and
EBR R431.x on Windows Server 2012 has been
added.
3.21 October 2017 ISO support for EPKS R505, DVM R620.1 and
SM R153.5 has been added.
3.22 November 2017 ISO support for PHD R340/R321, UPS

R322/R320, DynAmo R200/R120 and AAM R321
has been added.
3.23 February 2018 Added “Note VI” in page 15.
3.24 March 2018 ISO support for FSC R801.1, SM R161.1, SM

R146.2/153.5 on Win 10 and EBR R501
3.25 April 2018 ISO support for EPKS R501.x, Profit Suite
R412/R431/R442, CPM R601.x, EBI R500.1 and
NAS on Windows Server 2016 & Windows Server
2012R2 has been added.
3.26 May 2018 ISO support for PBM R501.x, RAE R701.1 has
been added. Updated Known Issues section 3.7
3.27 June 2018 ISO support for EPKS R510.x, CPM R570.x, EBI
R430.x and PA R500/R430 has been added.
3.28 August 2018 ISO support for Safety Manager R200.2 has been
added and removed support for EPKS
R505.Updated Known Issues section 3.7
3.29 October 2018 ISO support for PMD R910.2 has been added and
Updated Known Issues section 3.7
3.30 December 2018 ISO support for EPKS R511, PHD340.X on

Windows Server 2012R2, SM 162.1, SM 200.3,
FSC 801.2, Carbon black

ABOUT THIS GUIDE
3.31 March 2019 Information added for March SUIT ISO DVD size.
3.32 April 2019 Added attention section for April month ISO.
3.33 May 2019 Added attention section for CVE-2019-0708 RDP

remote code execution vulnerability Added
attention section for System slow boot times and
performance issue with April\May ISO.Added
attention section for UM tool modifications for
automated recheck of installed updates on reboot
Added support for SPA120, FDM R511, SM
201.x, IE11 support on FDM R430, R440, R450,
R500 and R501.
3.34 June 2019 Added ISO support for LX R500/R501/R510/R511

and PC R500/R501/R510/R511, for HS
R500/R501/R510/R511, Skill IC 101.x ProfitSuite
R500 and CPM 602 Removed support for
ProfitSuite R412 on Windows 7 x86
3.35 July 2019 Added ISO support for SM-154.X-Win10,

VcenterSrv 6.0, EBI 500 With DVM 620, EBR
430 With SM151 and SH200
3.36 July 2019 Added ISO support for DVM R700, Carbon Black
8.1.0, EBI R600, EBR R501 and Process Safety
Analyzer R115 Added Reboot required check box
support for rebooting the system automatically
after installing all updates
3.37 September 2019 Added ISO support for Console stations on all
EPKS releases on Windows 2008 R2 and Windows
Server 2016
3.38 October 2019 Modified Node ID support for EPKS 511 Updated
Known issues and workarounds section to include
workaround for file not found error in DVM and
EBI nodes

ABOUT THIS GUIDE
3.39 November 2019 Added ISO support for :

AAM 321 on Windows 2012 R2 and Window
server 2016, Dynamo 202 on Windows 2012 R2.
SM 146, SM 153 and SM 162 on Windows server
2016, Trace 130 on Windows server 2016. SH 200
and 201 on Windows 10 and Windows server
2016.
3.40 December 2019 Added ISO support for VMWare Workstation on

Windows Server 2016, EPKS R515.1 on Windows
Server 2016 and Windows 10, FDM R511 on
Windows Server 2016 and Windows 10, SM 154.2
on Windows Server 2016 and Windows 10
3.41 February 2020 Added ISO support for vCenter Server 6.0 on
Windows 2012 R2
3.42 March 2020 Added support for SM 201.2 and SM 210.1 on

Windows 10 X64. Added support for FSC 710 on
Windows 10 X64. Added support for EPKS R516
on Windows Server 2016 and Windows 10 X64.
3.43 April 2020 Added support for QCS SE 100 on Windows 10

X64 Implemented ESU key detection support.
3.44 June 2020 Added support for SM 210.2 on Windows 10 and

Windows Server 2016
3.45 July 2020 Added support for EPKS R520 on Windows Server
2019 and Windows 10 1809 Build.
Added support for EBR R5xx installed on NAS
node.
Added support for SPA R130.1 on Windows
Server 2016 and Windows Server 2012 R2.
3.46 August 2020 Added support for SH 202.1 on Windows 10 and

Windows Server 2016.
Added support for TRACE 140 on Windows
2012R2 and Windows Server 2016.
3.47 September 2020 Added support for PHD R400.1 on windows

Server 2019
Added support for PHD R340.1 on Windows
Server 2012
Added support for Trace R140.1 on Windows 10

ABOUT THIS GUIDE

3.48 October 2020 Added support for UPS 323.1 on Windows 10
1607 build and Windows 10 1809 build
3.49 December 2020 Added support for CPM 603.1 on Windows Server
2019
Updated Known issues and workarounds section to
include issue related to SQL Server Cumulative
Update 22 KB4577467 installation
3.50 January 2021 Added support for ProfitSuite R510.1 on Windows
Server 2016 and Windows Server 2019
Introduced System Restart after installing Service
Stack Updates (SSU)
Introduced Disabling Experion services before
installing updates and Enabling these services after
completion of update installation
Updated Known issues section with details on
Error message “Script not found”
3.51 February 2021 Added support for QCS SE R110 on Windows

Server 2016
Updated the Known issues section on Error
message “Script not found”
3.52 March 2021 Added procedure to clean up disk space under

section 3.8
Updated known issues section with details on ISO
unmounting issue
3.53 April 2021 Added support for PHD R410 on Windows Server
2012 R2, Windows Server 2016 and Windows
Server 2019
Added support for SM 211.1 on Windows 10 and
Windows Server 2016.
3.54 May 2021 Added support for Windows 10 1809 Tablet
3.55 June 2021 Added support for Carbon Black 8.1.10 on

Windows Server 2016
Removed support for PHD R321 release
Updated known issues section on ISO release date
not getting updated in Windows 10 1809 tablet

ABOUT THIS GUIDE

3.56 July 2021 Added support for PSA R201.1 and PSA R201.2
on Windows Server 2016
Included support for DotNet 4.8 for all EPKS R5xx
releases
Updated known issues section with details on fix
for ISO unmounting issue
Added Known issues section with Known Issue:
MS Updates fails to install with multiple error
codes
3.57 August 2021 Added support for PMD R920 DM on Windows 10

x86
Added support for FBM R520 on Windows Server
2019 and Windows 10 1809
Removed support for EPKS R400 and R410
releases
1.5 Intended audience

This guide is primarily intended for Honeywell field personnel who install and configure the product.
1.6 Related documents

The following list identifies publications that may contain information relevant to the information in
this document.
Document Name Description
This document identifies Anti-virus software certified for currently supported

Anti-Virus Software
Windows based HPS products along with installation and configuration
Guidelines
guidance.
This document provides Quick information about installation and configuration

Anti-Virus Quick of McAfee and Symantec
Reference Guide Antivirus.
Anti-Virus Software
Guidelines for
Virtualization This document guides installation and configuration of McAfee MOVE
Environment Antivirus (Agentless) in an NSX for virtualized environment.

INTRODUCTION
2 Introduction
2.1 Overview
The qualified Security/Non-Security updates are re-distributed as an ISO which is posted at Honeywell
OLS.
Qualification of the Security updates abide by Honeywell policy of supporting N, N-1 and N-2 HPS
product releases, N being the latest HPS product release available to the customer.
Effectively, systems are updated with latest qualified Security updates using a Honeywell proprietary
application which automatically deploys all the Security updates required on the target systems. This
application is typically termed as Update Manager which is responsible for managing the qualified
updates on systems hosting various Windows Operating Systems.
2.2 Supported HPS Products

The HPS product software must be installed on the system for Update Manager to manage the system
as the Security/Non-Security updates are qualified on various HPS product releases. The Update
Manager application cannot manage an Operating System which does not have any of the HPS product
software installed on it.
The following table describes HPS product releases which are Supported by the Update Manager.
If a HPS product is not mentioned in the list below, then that product is not supported by Update
Manager and it is recommended to contact the local TAC for registering a request.
Update Manager doesn’t support all HPS products by default, using ISO on a
product node not supported by Update Manager will not help a user to keep
ATTENTION system updated with latest qualified security updates.
USB lockdown policy must be disabled. Kindly follow the steps described in
section 3.6 of “SUIT-ISO-USER-GUIDE.pdf” before deploying the MS ISO
ATTENTION updates.
Microsoft Windows 7 64bit and Windows Server 2008 R2 64bit reached End of Extended
Support on 14-Jan-2020, and general security updates are no longer available for these
operating systems. Continued access to critical security updates is available through an
ATTENTION
active Extended Security Update (ESU) agreement with Honeywell. Please contact your
Honeywell account manager for details.
Update Manager tool supports only those systems which have ESU key installed in it. User
will not be able to proceed with update installation if ESU key is not installed on systems
with Windows 7 and Windows Server 2008 R2 operating systems.
HPS/Third Party Product Release

Experion R430.x, R431.x, R432.x, R500.x, R501.x, R510.x, R511.x,
R515.x, R516.x

INTRODUCTION

Experion Small Systems HSR410.x, HSR 430.x, HS R500.x, HS R501.x, HS
R510.x, HS R511.x
Experion Plant Cruise LXR120.1 Patch1, LX R500.x, LX R501.x, LX R510.x,

LX R511.x
PC R120.1 Patch1, PC R500.x, PC R501.x, PC R510.x, PC
R511.x
EBR R431.x, R500.x, R501.x
PCUS R400.x, R431.x
Safety Manager R133.x, R146.x, R151.x, R152.x, R153.x(3,4), R154.X

R160.x, R161.x, R162.x, R200.2, R200.3, R201.x, R210.x,
R211.1
Fail Safe Controller R702, R710.x, R801.x
Safety Historian R200.x, R202.x
Digital Video Manager R500.x, R600.x, R620.x, R700.1
Enterprise Buildings Integrator R430.x, R500.x, R600.1
Pulp, Paper and Printing RAE 600, RAE 601, RAE 602, RAE 603, RAE 61X.x,
RAE 700.x, RAE R701.x and RAE R702.x, TPA 690,
PMD R800.x, PMD 830.x, PMD831.x, PMD R900.x,
PMD R910.x, PMD R920.x
Field Device Manager R410.x, R430.x, R440.x, R450.x, R500.x, R501.x, R511.x
Procedure Analyst R430.x, R500.x, R510.x, R511.x
Blending Movement Automation R400.x, R401.x, R410.x, R430.x
Profit Blending & Movement R431.x, R500.1, R501.x, R510.x, R520.x
PHD R340.x, R400.x, R410.x
UPS R320.x, R322.x, R323.1
DynAmo R120.x, R200.x, R201.x, R202.x, R210.x
AAM R321.x
Profit Suite R431.x, R442.x, R501.x, R510.x
CPM R570.x, R601.x, R602.x, R603.x

Uniformance Trace R120.x, R130.x, R140.x

INTRODUCTION

Skill IC R101.x
Domain Controller (Only with High Windows 2008 SP2, Windows 2008 R2
Security Policies) SP1, Windows 2012, Windows 2012 R2, Windows 2016
QCS SE R100, R110
VCenter Server 6.5
Network Attached Storage Windows 2012 R2, Windows 2016
Carbon Black R8.0.0, R8.1.0, R8.1.10
System Performance Analyzer 120.x, 130.x
Process Safety Analyzer R115, R201.x
Latitude 7220 Rugged Extreme Tablet Windows 10 1903, 64bit, No Service Pack
NOTE IV
The Optional updates are excluded from the ISO media, due to the size
NOTE
constraints.
Also, the “Optional Updates” recommendation document is provided with ISO
media, where the user can download and install the necessary optional updates
based on the recommendations provided for EPKS 4xx/5xx releases.
NOTE V
From March-17 onwards providing four ISO images. i.e.
NOTE
1. ISO for HPS Products/Releases running on Windows Vista SP2, Windows
Server 2008 SP2, Windows 7 SP1-x86, and Windows Server 2008R2 SP1
and Windows 7 SP1-x 64 operating systems.
2. ISO1 for HPS Products/Releases running on Windows Server 2016 and
Windows 10x64 operating systems.
3. ISO3 for HPS Products/Releases running on Windows Server 2012,
Windows Server 2012 R2 and Windows 8.1 operating systems. ISO
supports Domain Controller on Win 2012 SP2 with IE10 and Win 2012 R2
with IE11 only.

INTRODUCTION
NOTE VI
In some cases, (for example, prerequisites for the current updates are not
NOTE
installed), the Update Manager will identify prior updates to be installed, and the
user will be presented with the option to install those prior updates and continue
the installation of the current updates. In rare instances, the Update Manager may
not be able to locate the prior updates; in these instances, the Honeywell Technical
Assistance Center (TAC) should be contacted for assistance.
NOTE VII
NOTE SUIT will install VCRuntime_2008_9.0.30729.6161 on a machine, if either version

"9.0.30729.5677" or version "9.0.30729.4148" is installed. It will uninstall the old version and
install the new one. If none of the old versions exist, the new patch will not be installed.
NOTE VIII
NOTE SQL Server 2017 security update “CU22 - KB4577467” has been included in the December1
2020 ISO media. Follow special instruction given in this media to install it.
2.3 Honeywell Recommendation

Honeywell provides a recommendation with every security update which is qualified and published at
the OLS in the form of datasheets. The table below shows different recommendations provided by
Honeywell and details on the connotation of each one of them.
The recommendations are provided by Honeywell with respect to the HPS products and this
recommendation is made in the datasheets provided for every security update against all supported
HPS products. These datasheets along with the ISO image and user guide can be obtained from the
OLS.
Recommendation Description
Mandatory install.
This update is related directly to Honeywell software. This update has
been qualified for installation and should be installed at the earliest
Install
convenience. Please use the installation procedures as per the Microsoft
instructions (click the link in the Microsoft KB Article column) associated
with the update.
Install-Optional Optional install.

INTRODUCTION
Recommendation Description
This update is related to approving the optional software loaded on a
node, an example of this is Microsoft Excel. This update has been
qualified for installation and should be installed at the earliest convenience
based on the existence of the approved optional software. Please use the
installation procedures as per the Microsoft instructions (click the link in
the Microsoft KB Article column) associated with the update.
Mandatory install.
This update is related to an embedded software in the OS that is not used
by Honeywell software or recommended for use (e.g. Outlook Express)
but their existence without their updates represents a security risk. This
Install – Latent
update has been qualified for the installation and should be installed at the
earliest convenience. Please use the installation procedures as per the
Microsoft instructions (click the link in the Microsoft KB Article column)
associated with the update.
Do not install.
This update that is not applicable to the approved Base Honeywell
Exception
Platform software implementation. Note that the components for the update
are not present in the system.
Take no action until the testing is complete, and final recommendation has
Hold
been posted to OLS.
A user must complete registration with the Honeywell OLS website. to view and
download the details of Update Manager from the ISO.
ATTENTION

3 Update Manager
3.1 supported products
Node Windows SP IE Node

ID
Domain Controller on Windows Server 2008R2 WIN 2008R2 1 11 4
Experion R430.x (Server A, Server B, ACE, NONRED, WIN 2008R2 1 11 8

ESC, SCE, eServer, EHG, EAS, RESS)
Experion R430.x (ESF, EST, ESC) WIN 7 1 11 9
Experion R430.x EAPP WIN 2008R2 1 11 10
Experion R430.x Flex Server WIN 7 1 11 11
Experion R431.x (Server A, Server B, ACE, NONRED, WIN 2008R2 1 11 12

ESC, SCE, eServer, EHG, EAS, RESS, Orion console
Server)
Experion R431.x (ESF, EST, ESC, Orion Console) WIN 7 1 11 13
Experion 432.x (Server A, Server B, ACE, NONRED, WIN 2008R2 1 11 16

ESC, SCE, eServer, EHG, EAS, RESS, Orion console
Server)
Experion 432.x (ESF, EST, ESC, Orion console) WIN 7 1 11 17
vSphere Client WIN 7 1 NA 17
Experion R500.x (Server A, Server B, ACE, NONRED, WIN 2016 NA 11 20

ESC, SCE, eServer, EHG, EAS, RESS, PCUS,
ELCNHM)
vSphere Client WIN 2016 NA NA 20
Experion R500.x (ESF, EST, ESC, Orion Console, WIN 10 1607 NA 11 21

PCUS)
vSphere Client WIN 10 1607 NA NA 21

UPDATE MANAGER

ID
Experion R500.x EAPP WIN 2016 NA 11 22
Experion R500.x Flex Server WIN 10 1607 NA 11 23
HSR 430.1 ESVRA/ESVRB/FLXSRVR WIN 7 1 9 24
HSR430.1 eServer WIN 2008R2 1 9 25
LX PC 120.x (Server A, Server B, SCE, eServer, Flex WIN 2008R2 1 11 26

Station and Direct Station)
LX PC 120. x (Server A, Server B, SCE, eServer, Flex WIN 7 1 11 27

Station and Direct Station)
PMD R830.x/831.x/R900.x/R910.x DM, DM_R on WIN 2008 2 9 28

WIN2008 SP2-32 Bit
PMD R900.x/R910.x DM, DM_R on WIN7 SP1-32 Bit WIN 7 1 11 29
Domain Controller on Windows Server 2012 WIN 2012 NA 10 30
Domain Controller on Windows Server 2012R2 WIN 2012 NA 11 31

R2
DynAMo M&R 200.x/201.x/202.x WIN 2016 NA 11 32
Domain Controller on Windows Server 2016 WIN 2016 NA 11 33
PHD R400.x\R410.x WIN 2019 NA 11 35
RAE R700.x AV/QCS Server with EPKS R500.x WIN 2016 NA 11 36
RAE R701.x AV/QCS Server with EPKS R501.x WIN 2016 NA 11 36
RAE R702.x AV/ QCS Server with EPKS R50X.x WIN 2016 NA 11 36
RAE R700.x Opstn/Desktop with EPKS R500.x WIN 10 1607 NA 11 37
RAE R701.x Opstn/Desktop with EPKS R501.x WIN 10 1607 NA 11 37
RAE R702.x Opstn/Desktop with EPKS R50X.x WIN 2016 NA 11 37
QCS – Performance CDMV R700.1 without EPKS WIN 10 1607 NA 11 39

R500.1
EBR 500 on Windows Server 2016 WIN 2016 NA 11 40
EBR 501 on Windows Server 2016 WIN 2016 NA 11 40

UPDATE MANAGER

ID
PHD340 / R400.x / R410.x WIN 2016 NA 11 42
UPS 322+ PHD 340 clients\ UPS323.1-64Bit WIN 10 1607 NA 11 43
RAE 60X - QCS quality server WIN 2008 2 8 45
FDM R500/R501/R511 Server/Client/RCI Client/RCI on WIN 2016 NA 11 46

Windows Server 2016
EPKS R500.x/501.x/510.x/511.x with PBM WIN 2016 NA 11 47

500.x/501.x/510.x
EPKS R500.x/501.x/510.x/511.x with PBM WIN 10 1607 NA 11 48

500.x/501.x/510.x
PBM 500.x/501.x/510.x - No EPKS WIN 2016 NA 11 49
PBM 500.x/501.x/510.x - No EPKS WIN 10 1607 NA 11 50
FDM R500/R501/R511 Server/Client/RCI Client/RCI on WIN 10 1607 NA 11 51

Windows 10 64Bit
Experion HS R500/R501/R510/R511 (SRVA, SRVB, WIN 10 1607 NA 11 52

SCADA
Experion HS R500/R501/R510/R511 EServer WIN 2016 NA 11 53
AAM 321.x WIN 2012 NA 11 54

R2
AAM 321.x WIN 2016 NA 11 55

UPDATE MANAGER

ID
PHD R340.x WIN 2012 NA 11 57
DynAMo M&R 120.2 WIN 2012 NA 11 58

R2
PHD R340.x \ R400.x \ R410.x WIN 2012 NA 11 64

R2
UPS 320.x clients WIN 8.1 NA 11 65
Experion R501.x(ServerA, ServerB, ESV-T, ACE, ACE- WIN 2016 NA 11 66

T, ESC, SCE, eServer, EHG, EAS, RESS, PCUS,
ELCNHM))
Experion R501.x (ESF, EST, ESC, Orion Console, PCUS, WIN 10 1607 NA 11 67
vSphere)
RAE 60X AV\QCS Server WIN 2008 2 8 68
RAE 60X Opstn\ Desktop Server WIN 7 1 8 70
QCS – Performance CDMV R600 WIN 7 1 8 71
Carbon Black-8.0.0 WIN 2016 NA 11 73
Network Attached Storage Storage NA 11 74

Server 2016
EBR 5xx with Network Attached Storage Storage NA 11 74

Server 2016
Experion R501.x (Flex Server, eServer) WIN 10 1607 NA 11 76
FDM R410.1 Server on Windows Server 2008 WIN 2008 2 8 77
FDM R410.1 Server/Client/RCI/RCI Client on Win 7 WIN 7 1 8 78

UPDATE MANAGER

ID
Safety Manager WIN 10 1607 NA 11 84
R146.2/153.5/R154.x/R161.1/R200.2/R200.3/R201.x
R210.1 and Fail Safe Controller R710.x
Safety Manager R200.x / 201.x / R210.2 License WIN 10 1607 NA 11 84

Server / R211.1
Experion R510.x (Server A, Server B, ACE, NONRED, WIN 2016 NA 11 86

ESC, SCE, eServer, EHG, EAS, RESS, PCUS,
ELCNHM)
Experion R510.x (ESF, EST, ESC, Orion Console, WIN 10 1607 NA 11 87

PCUS)
Experion R510.x Flex Server WIN 10 1607 NA 11 89
RAE 61X.x AV/QCS Srv on WIN2K8 R2 SP1 IE8 WIN 2008R2 1 8 93
RAE 61X.x Opstn/Desktop on WIN7 SP1 IE8 WIN 7 1 8 94
RAE 61X.x Qlty Srv on WIN2K8 R2 SP1 IE8 WIN 2008R2 1 8 95
Network Attached Storage WIN 2012 NA 11 96

R2
TPA GUS/DxM 032/005 Win7 SP1 IE8-32 Bit WIN 7 1 8 97
TPA GUS 032 on Win7 SP1 IE8-64 Bit WIN 7 1 8 98
TPA GUS 032 on Remote Srv Win2K8 SP1 IE8 WIN 2008R2 1 8 99
PCUS R400.1 on Win7 SP1 IE8 WIN 7 1 8 102
CPM 570.x WIN 8 NA 11 106
PMD R800.x Srvr/RHS on WIN2K8 R2 SP1 WIN 2008R2 1 8 109
PMD R800.x HMI, Console on WIN7 SP1-64 Bit WIN 7 1 8 110
Safety Manager R146.2/153.5/ WIN 2016 NA 11 111

R154.X/R162.x/R200.2/R200.3/ R201.x/R210.2/R211.1
Safety Manager R200.x / R201.x / R210.2 License Server WIN 2016 NA 11 111
/ R211.1
PMD R800.x DM, DM_R on WIN7 SP1-32 Bit WIN 7 1 8 112

UPDATE MANAGER

ID
FDM R430.1/R440.1 Server on Windows Server 2008R2 WIN 2008R2 1 8 113
SP1- 64 Bit
FDM R430.1/R440.1 Server/Client/RCI/RCI Client on WIN 7 1 8 114

Win 7 SP1-64 Bit
Profit Suite R442 / R501/R510 WIN 2016 NA 11 116
Profit Suite R442 / R501/R510 WIN 10 1607 NA 11 117
Profit Suite R442 / R501 WIN 2012 NA 11 118

R2
Profit Suite R442 WIN 2012 NA 10 119
DVM R500.1 on Windows Server 2008 R2 IE8 WIN 2008R2 1 8 126
DVM R500.1/R600.1/R620.1 on Windows Server 2008 WIN 2008R2 1 11 127

R2 IE11
DVM R500.1 on Windows 7 SP1-64 Bit IE8 WIN 7 1 8 128
DVM R500.1/R600.1/R620.1 on Windows 7 SP1-64 Bit WIN 7 1 11 129

IE11
DVM R500.1 on Windows 7 SP1-32 Bit IE8 WIN 7 1 8 132
DVM R500.1/R600.1/R620.1 on Windows 7 SP1-32 Bit WIN 7 1 11 133

IE11
EBI R500.1 Server WIN 2012 NA 11 135

R2
CPM R601.x / R602.x WIN 2016 NA 11 137
CPM R570.x / R601.x / R602.x WIN 2012 NA 11 138

R2
Procedure Analyst R430 WIN 2008R2 1 NA 139
Procedure Analyst R430 WIN 7 1 NA 140
EBI R430.x WIN 2008R2 1 11 141
EBI R430.x/R500.1 on Win 7 SP1-64 Bit WIN 7 1 11 142
EBI R430.x on Win 7 SP1-32 Bit WIN 7 1 11 143
Procedure Analyst R500 WIN 10 1607 NA 11 144

UPDATE MANAGER

ID
Procedure Analyst R500 WIN 2016 NA 11 145
System Performance Analyzer R120.1 \ R130.1 WIN 2016 NA 11 147
System Performance Analyzer R120.1 \ R130.1 WIN 2012 NA 11 148

R2
FDM R430.1/R440.1 Server/Client/RCI/RCI Client on WIN 7 1 11 149

Win 7, 64bit
LX PC R500 / R501 / R510 / R511 (Server A, Server B, WIN 2016 NA 11 152

SCE, eServer, Flex Station and Direct Station)
LX PC R500 / R501 / R510 / R511 (Server A, Server B, WIN 10 1607 NA 11 153

SCE, eServer, Flex Station and Direct Station)
Skills Insight Immersive Competency R101.x WIN 2016 NA 11 154
Standalone OBPC Server- Win2K8 SP2 IE8 WIN 2008 2 8 157
BMA with No EPKS WIN 2008R2 1 8 158
Experion R511.1(ServerA, ServerB, ESV-T, ACE, ACE- WIN 2016 NA 11 159

ELCNHM)
Experion R511.1 (ESF, EST, ESC, Orion Console, WIN 10 1607 NA 11 160
PCUS,)
Experion R511.1 EAPP WIN 2016 NA 11 161
Experion R511.1 (Flex Server, eServer) WIN 10 1607 NA 11 162
Experion HS R410.1 – Server and Flex on Win 7 SP164 WIN 7 1 8 164

Bit
FDM R430.1/R440.1 Server on Windows Server 2008 WIN 2008 2 8 165

SP2-32 Bit
FDM R430.1/R440.1 Server/Client/RCI/RCIClient on WIN 7 1 8 166

Win 7 SP1-32 Bit
Experion R430.1Server (ESV, eServer, EAS, ACE, ESC, WIN 2008R2 1 9 167
EHG, SCE, RESS)
Experion R430.1 Client (ESF, ESC, EST, ES-CE) WIN 7 1 9 168
Experion R430.1 eApp WIN 2008R2 1 9 169

UPDATE MANAGER

ID
PMD R910.X DM, DMR on WIn 10 32 bit, IE11 WIN 10 1607 NA 11 171
PMD R920.X DM on Win 10 32 bit, IE 11 WIN 10 1607 NA 11 171
Standalone OBPC Client. N e t 3.5 WIN 7 1 8 172
Experion R431.1Server (ESV, eServer, EAS, ACE, ESC, WIN 2008R2 1 9 174
EHG,
SCE, RESS)
Experion R431.1 Client (ESF, ESC, EST, ES-CE) WIN 7 1 9 175
Experion R431.1 eApp WIN 2008R2 1 9 176
Safety Manager WIN 7 1 NA 177

R133.x/R146.x/R151.x/R152.x/R153.x/SM-154.X/
R160.x/R161.x/ R162.1/R200.2 and Fail Safe Controller
R710.x/801.1/801.2 on Win 7- 32 bit SP1
Safety Manager R146.x/R151.x/R152.x/ WIN 7 1 NA 178

R153.x/ SM-154.X/ R160.x/R161.x/ R162.1/R200.2 and
Fail Safe Controller R710.x/801.1/801.2 on Win 7- 64 bit
SP1
Safety Manager R146.x/R151.x/R152.x/R153.x/SM- WIN 2008R2 1 NA 179

154.X/R160.x/R161.x/R162.1 and Fail Safe Controller
R710.x/801.2 on Win 2K8 R2 SP1
EBI 600 on Windows 10 (1903 Build) WIN 10 1903 NA 11 181
PMD R830.x/831.x Srvr/RHS on WIN2K8 R2 SP1 WIN 2008R2 1 9 186
PMD R830.x/831.x HMI, Console on WIN7 SP1-64 Bit WIN 7 1 9 187
PMD R830.x/831.x DM, DM_R on WIN7 SP1-32 Bit WIN 7 1 9 188
FDM R450.1/R500 Server on Windows Server 2008R2 WIN 2008R2 1 8 190

SP164 Bit
FDM R450.1/R500 Server/Client/RCI/RCI Client on Win WIN 7 1 8 191

7 SP1- 64 Bit

UPDATE MANAGER

ID
FDM R450.1/R500 Server on Windows Server 20082 WIN 2008 2 8 192
SP232 Bit
FDM R450.1/R500 Server/Client/RCI/RCI Client on WIN 7 1 8 193

Win 7 SP1-32 Bit
Safety Historian R200.2 Basic/Server on Win 7 SP164 Bit WIN 7 1 8 194
Safety Historian R200.2 Basic/Server on Win 7 SP132 Bit WIN 7 1 8 195
PCUS R431.1 on Win7 SP1 IE8 WIN 7 1 8 197
Safety Historian R200.2 Client on Win 7 SP1-64 Bit WIN 7 1 8 198
Safety Historian R200.2 Client on Win 7 SP1-32 Bit WIN 7 1 8 199
Experion R430.1 Flex Server WIN 7 1 9 200
Experion R431.1 Flex Server WIN 7 1 9 201
QCS SE 100 / 110 WIN 10 1607 NA 11 202

Trace Server WIN NA 11 205
2012R2
Trace Server WIN 2016 NA 11 206
VMware Workstation on Windows 10 WIN 10 1607 NA 11 207
Risk Manager R150.X\160.X\170.X\171.X WIN 2012R2 NA 11 208
Safety Historian R200.2 on Windows 2016 WIN 2016 NA 11 209
Safety Historian R200.2 on Windows 10 WIN 10 1607 NA 11 210
Trace Server R140.x on Windows 10 WIN 10 1607 NA 11 211
Enterprise Risk Manager WIN 2012R2 NA 11 212

R150.X\160.X\170.X\171.X
EBI 500 With DVM 620 on Windows Server 2012 R2, WIN 2012R2 NA 11 213
64bit,
EBR 430 With SM151 and SH200 ON Windows 7, 32bit, WIN 7 1 11 214
Service Pack 1
EBR 430 With SM151 and SH200 ON Windows 7, 32bit, WIN 7 1 11 215
Service Pack 1

UPDATE MANAGER

ID
DVM 700 on Windows Server 2016 WIN 2016 NA 11 218
EBI 600 Server\Client on Win10 (1903 Build) WIN 10 1903 NA 11 219
DVM R600.1/R620.1 on Windows Server 2012 R2 IE11 WIN 2012 NA 11 230

R2
DVM R600.1/R620.1 on Windows 8.1 - 64 bit WIN 8 NA 11 231

Experion R515.1(ServerA, ServerB, ESV-T, WIN 2016 NA 11 237
ACE, ACE-T, ESC, SCE, eServer, EHG, EAS,
RESS, PCUS, ELCNHM)
Experion R515.1 (ESF, EST,ESC, orion console, PCUS) WIN 10 1607 NA 11 238
EBR R500.1 on Win2008 R2 IE11 WIN 2008R2 1 11 246
EBR R500.1 on Win2K12 WIN 2012 NA 11 247
PSA R115 on Windows Server 2012 R2 IE11 WIN 2012 NA 11 248

R2
Experion R516.1 (ServerA, ServerB, ESVT, ACE, ACE WIN 2016 NA 11 252
ELCNHM)
Experion R516.1(ESF, ESC, EST, Orion Console, PCUS) WIN 10 1607 NA 11 253
BMA with EPKS R432.x WIN 2008R2 1 11 256
BMA with EPKS R432.x WIN 7 1 11 257
RAE 61X.x AV/QCS Srv on WIN2K8 R2 SP1 IE11 WIN 2008R2 1 11 261
(EPKS 410.x)
RAE 61X.x Opstn/Desktop on WIN7 SP1 IE11 WIN 7 1 11 262

(EPKS410.x)
FDM R430.1/R440.1 Server on Windows Server 2008R2 WIN 2008R2 1 11 264

SP1- 64 Bit, IE11

UPDATE MANAGER

ID
FDM R430.1/R440.1 Server/Client/RCI/RCIClient on WIN 7 1 11 265
Win 7 SP1-32 Bit, IE11
FDM R450.1/R500/R501 Server on Windows Server WIN 2008R2 1 11 266

2008R2 SP164 Bit, IE11
FDM R450.1/R500/R501 Server/Client/RCI/RCI Client WIN 7 1 11 267

on Win 7 SP1-64 Bit, IE11
FDM R450.1/R500/R501 Server/Client/RCI/RCI Client WIN 7 1 11 268

on Win 7 SP1-32 Bit
Windows 2008 operating system WIN 8 1 11 269
Windows 2008R2 operating system WIN 2008R2 1 11 272
Windows Server 2012 operating system WIN 2012 1 11 273
Windows 8.1 operating system WIN 8.1 NA 11 274
Windows Server 2012 R2 operating system WIN 2012 NA 11 275

R2
Windows 10 operating system WIN 10 NA 11 276
Windows Server 2016 operating system WIN 2016 NA 11 277
UPS 323.1 WIN 10 1809 NA 11 280
CPM 603.1 WIN 2019 NA 11 282
ProfitSuite R510.x WIN 2019 NA 11 283
QCS SE R110 WIN 2016 NA 11 284
Windows 10 Tablet (Latitude 7220 Rugged Extreme WIN 10 1903 NA 11 285

Tablet)
PSA R201 on Windows Server 2016 IE11 WIN 2016 NA 11 286
FBM R520.x PBC/EBC WIN 2019 NA 11 287
FBM R520.x Client WIN 10 1809 NA 11 288
FBM R520.x OBPC/LIMS Server WIN 2019 NA 11 289
FBM R520.x OBPC/LIMS Client WIN 10 1809 NA 11 290

UPDATE MANAGER
3.2 Checking for Available Updates

As mentioned above, when the ISO is mounted on a target system, the Update Manager invokes the
following window.
A left click on Check All Updates would enable the Update Manager to read the configuration file
from the local directory and parse the information to determine a list of
Security/Non-Security updates that have been qualified for a particular node. Additionally, the Update
Manager checks whether the updates have already been installed on the system.
If the updates are not installed, they are included in a custom batch file which is used for automatic
installation there by making sure that only those updates are listed as Required Updates which are not
installed on a target system, as shown in the screenshot below.
A left click on the Load Updates which is placed at the bottom of Required Updates window; this
will initiate an installation of all the Required Updates listed above. If an update is already installed on
the target system, then the Update Manager does not list that update in the Required Updates
window.

UPDATE MANAGER
After initiating the load updates, a command line window opens up to process the installation of updates
as shown below. It is recommended to read information inside this window before the user
acknowledges by pressing any key.
From January-2021 ISO media onwards, System restart has been introduced after installing
Service Stack Update (SSU) as per recommendations from Microsoft. After this modification,
the system will be restarted twice, once after installing SSU and another time after installing
ATTENTION Monthly Rollup (MR) update.
From January-2021 ISO media onwards, on standalone EPKS nodes, Experion Services listed
below along with all dependent services will be disabled before starting update installation.
All these services will be enabled after completing MS update installation. Note that these
ATTENTION disabled services will NOT be enabled incase the update installation is interrupted for any
reasons.
1.Experion PKS BOOTP Server (bootpsrv)
2.Experion PKS GCL Name Server (gclnamesrv)
3.Experion PKS Server System (HSCSERVER_System)

UPDATE MANAGER
Update Manager tools in May 2019.ISO and May1 2019.ISO rerun the installer
automatically post reboot and check if all the required updates are installed or
ATTENTION not. If all the required updates are installed, then user will be prompted with a
message “No more updates are required for this node”.
In addition, the SQL Server and the DST Security updates are not installed
automatically on servers and users must install manually by following the
special instructions available below.
\SPECIALHANDLING\ directory.
Please note that, in case if the SQL Server or the DST security updates are not
installed on the system, the Update Manager tool lists those updates on restart
until these updates are installed.
A check box has been added for the user’s input if a reboot is required.
• Selecting this check box before applying the updates will result in automatic
restart of the system, after installing all the updates.
• Not selecting this check box will result in waiting for the user confirmation, to
reboot the system after applying all updates.
All activities are logged into the following files:
• %programdata% Honeywell\SUIT\honeywell_mspatches.txt - This log file is
for auditing only and contains all information about what is required to be on
the node and what was installed. This file is appended each time whenever the
application is run. If there is an issue with the Update Manager application,
please contact TAC for further assistance.
• %programdata% Honeywell\SUIT \honeywell_required_updates.log - This
log file is for auditing only and contains a log of required updates for a specific
node. This file is overwritten whenever the application is run.
• %programdata% Honeywell\SUIT \honeywell_installed_updates.log - This log
file is for auditing only and contains a log of installed updates for a specific
node. This file is overwritten whenever the application is run.
%windir% is the directory that you installed windows.

For example, C:\Windows.
NOTE
Log file location for EPKS R5xx nodes will be at:

%programdata%\ Honeywell\SUIT\Experion PKS\Install.
If you do not wish to load the patches, click Cancel and no changes will be made to the
system. The batch file will not be deleted from the system.

UPDATE MANAGER
Following Shortcut keys have been added:
i. Check All Updates : ALT+ C

ATTENTION ii. Check Security Updates Only : ALT + S
iii. Check non-Security Updates Only : ALT + N
iv. View Config in notepad : ALT + V
v. Exit : ALT+X
3.3 Validating Security Updates

following window.
A left click on Check Security Updates Only lists only the security updates which are qualified to be
installed on that node. The Update Manager finds the security updates which are installed on the
system and it is ensured that only those updates which are not present on the system are listed in the
Required Updates window as shown below.
A left click on Load Updates starts installing the required security updates.

UPDATE MANAGER
3.4 Validating Non-Security Updates

following window.
A left click on Check Non-Security Updates Only lists only the Non-Security updates which are
qualified to be installed on that node. The Update Manager finds the Non-Security Updates which are
installed on the system and it is ensured that only those updates which are not present on the system are
listed in the Required Updates window as shown below.
A left click on Load Updates starts installing the required Non-Security Updates.
3.5 Validating Latest ISO

If an older version of ISO is used, the Update Manager displays a message as shown below. It is
always recommended to use the latest version of ISO available at Honeywell OLS.

UPDATE MANAGER
If the system is already installed with the latest updates, then the Update Manager notifies the user that
the system is already installed the with latest security updates as shown below.
When the ISO is mounted on a system which is not supported, then the Update Manager informs a
user with the message shown below. It is recommended to contact the local TAC for further details.
The Update Manager is disabled if Auto Logon feature of Windows is enabled on

the local node. This is done to ensure that the user must log in to the computer
ATTENTION with their credentials and not with administrator privileges.
Contact Honeywell, if you have any comments or problems with the Update
Manager or with the installation of Microsoft updates. Ensure that you have
downloaded the latest ISO image from OLS.
If you continue to have problems, log on to the OLS site and click Contact
Honeywell Process Solutions.
3.6 Viewing ISO Configuration File

As mentioned above, the Update Manager invokes the following window, when the ISO is mounted
on a target system.

UPDATE MANAGER
A click on View Config in Notepad launches the ISO configuration file with a notepad and the user
can look in to this file for details on ISO configuration.
The configuration file provides information on an application level and it is not

recommended to open the configuration file unless required.
ATTENTION
3.7 Known Issues and Workarounds

This section provides information on the list of known issues and the corresponding workarounds to
address them.
3.7.1 Known Issue: Updates fail to install due to USB lockdown enabled. Ex: KB982018, KB2775511
Workaround: When usbstor.inf and usbstor.pnf files have non-inherited rights, the workaround is as
follows.
Disable USB Lockdown policy:
Go to Start > Run, type “regedit” and press enter to open the registry editor.
Navigate to the following key. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\USBSTOR
In the right pane, select Start and change the value to 3.
The value 4 will disable USB to OK. This will re-enable USB Ports and allow you
to use USB or Pen drives.
NOTE

UPDATE MANAGER
If you cannot find Start under USBSTOR, right click USBSTOR and then select
Permission.
Click Advanced.
Remove non-inherited rights from the Permissions tab.
Check if right permissions are granted for usbstor.inf and usbstor.pnf files:
a. Log in as local administrator
b. Navigate to C:\Windows\inf
c. Change the owner of usbstor.inf to administrators (local pc)
d. Edit the security and set to inherit from parent folder Remove non-inherited rights from the
file
e. Repeat step 2 – 5 for usbstor.pnf file
f. Install KB3139398 Patch only and then restart the PC
Install MS ISO.
3.7.2 Known Issue: SUIT ISO DVD is taking hours to deploy when a system has WSUS, but the user
wants to use the SUIT ISO to align the system.
Workaround: When WSUS is used, please perform the following steps on the system before
running the SUIT ISO.
Export and remove the below registry key bookmark
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate
For more information, refer to the guide, Steps to clear windows services logs .docx

UPDATE MANAGER
Steps to clear Windows History on Windows Operating System.
1. Press Windows+R, enter services.msc in the Run dialog, and then click OK to open the Services
window.
Select and right-click on the Background Intelligent Transfer Services, and then click Stop service.
Run the SUIT ISO.
Reboot the System.
Import the exported registry key from Export and remove the below registry key.
Reboot the System.
3.7.3 Known Issue: DVM R500/R600/R620 and EBI R430

Security Update for Group Policy: KB 3163622 Issue found with this update.

UPDATE MANAGER
MS16-072: Security update for Group Policy is causing issues for many customers. Some possible
problems caused by the update:
 Drive mappings don’t work
 Settings changed through GPO are no longer retained
 Shortcuts to applications on user's desktops are missing
Reference: http://windowsitpro.com/patch-tuesday/patch-tuesday-security- updategroup-policy-breaks-

gro policy
Workaround: If the update is installed and the issues mentioned are observed, uninstall this update.
3.7.4 Known Issue: SUIT ISO failed on RAE node

SUIT ISO installation is getting failed on RAE Node for June ISO for RAE 61X.x AV/QCS Srv,
R700.X & RAE R701.x Opstn/Desktop (EPKS 500.x & EPKS 501.x)
Workaround: None.
3.7.5 Known Issue: DVM R600/R620/700 and EBI R500/600 On Windows 10/Windows Server 2016.
When the Load Updates button is clicked, an exception is thrown stating that “MyPatchList.txt” is not
found in C:\Windows directory.
Workaround: Following the steps below.
1. Close the Update Manager tool.
Go to C: drive.
Copy the “C:\MyPatchList.txt” file.
Go to “C:\Windows” directory.
Paste the “MyPatchList.txt” file in “C:\Windows”.
Relaunch the Update Manager tool and install updates.

UPDATE MANAGER
3.7.6 Known Issue: On certain scenarios installing MS update using Dec 2019 ISO may cause OS
crash.
PAR DESCRIPTION
Background: Honeywell testing found that

installing MS update using December 2019 ISO
causes operating system crash on a system where
July 2019 ISO or prior version of the ISO is used
On certain scenarios installing MS update using to install MS updates.
Dec 2019 ISO may cause OS crash. Workaround: First Install MS update using Nov
2019 and then install MS update from Dec 2019
ISO
Solution: Honeywell is working with Microsoft

for root cause and solution.
3.7.7 Known Issue: ELCN Nodes get stuck in LOC_LOAD after installing Security Update Nov ‘19
or later.
Problem Description:
On Experion R5xx with ELCN, we have identified that ELCN Nodes may get stuck in LOC_LOAD
after installing Security Update November, or later. Honeywell has identified the problem and
recommends modifying the Windows Firewall rules to include the LCNP4Emulator process.
This only applies to the PC-based ELCN Nodes, and not the UEA/UVA-based ELCN Appliance Nodes.
KB impacting the ELCN Nodes as follows
November - KB4525236
December - KB4530689
January - KB4534271
Any future KBs
Applicable release and node type
Experion R5xx with ELCN
Node type: Applies to ESVT, ES-T, E-APP, ACE-T and ELCN HM
Resolution
Honeywell has produced a hotfix which automates the Windows firewall rules creation.
On the applicable ELCN nodes. Right click on the exe and Run as administrator

UPDATE MANAGER
On successful completion, it provides a message “Experion PKS R5XX ELCN PAR1-C6ISG33 Hotfix
installation completed successfully”. Click on OK.
Note: If LNCNP4emulator is not present, then it will display a message “ This patch is not applicable
on this node”
Instructions for download:
Once logged in to www.honeywellprocess.com, you would go to the Support Section, then search for
106148
3.7.8 Known Issue: Microsoft Security Update September ’19 ->Jan ‘20 might cause a memory leak
in Experion Station on Experion R43x and R5xx.
Problem Description:
Microsoft is still working on resolution; the January 2020 is also impacted. It is safe to deploy security
updates with the script workaround found in article 105374.
Microsoft has informed us that the problem is also applicable to Windows 7/W2008, therefore it also
impacts Experion R43x and R400/410 with IE11. The workaround can be safely used with the last KB
installed.
HPS Technical Support would like to inform that Microsoft has introduced a product anomaly in
Windows 7/W2008, Windows 10 & Windows 2016 September 2019-> Jan 2020 security roll up
affecting Station robustness on Experion R43x, R5xx. Customers running with August 2019 (and
earlier) are not affected.
The issue is triggered by the use of VBScript in HMIWeb displays causing Station processes to
accumulate memory (memory leak) and overtime impacting Station operations.
Microsoft has acknowledged the problem and is working on a resolution. At this time, Microsoft is not
able to provide a resolution date, we would revise this notification once Microsoft have communicated
their plan to resolve the product anomalies
Multiple triggers have been identified, it would be therefore complicated and impossible to modify
displays to mitigate the issue, we are recommending referring to the “recommended actions” section for
mitigation plans.
Recommended Actions:
Using the PowerShell script below ran from an Domain admin account, it would possible to verify the
Station memory usage, if the memory is usage is found to be > 300Mb, it would be the time to log
off/log in the affected Station.
The script enables you to provide a coma separated list of Station computer name to monitor (in
yellow).

UPDATE MANAGER
Get-Counter -Counter "\Process(hscStationWindow*)\Private Bytes" -ComputerName

R501Srv,R510Srv | select -ExpandProperty CounterSamples | sort -Property CookedValue –
Descending.
We have identified a method to work around the issue with a simple Station script, it can be found in
article 105374. With the script, the memory leak is mitigated and there is no need to log off every day.
3.7.9 Known Issue: KB3125574 install failed on Windows Server 2008 R2 and Windows 7 using
August 2019 ISO or later
Symptoms
KB3125574 install failed on Windows Server 2008 R2 and Windows 7 using August 2019 ISO or
later.
Context
 Experion Server R43x
 MS(SUIT) ISO
Diagnosis
KB3125574 installation was completed successfully but status changed back to fail after reboot.

UPDATE MANAGER
Cause
3rd Party Application
Resolution
1. Go to UPDATES\MU19-010 folder inside ISO.
2. Double Click WINDOWS6.1-KB3125574-VW-X64.MSU to install manually.
3. When installation complete, don’t reboot the PC.
4. Click Windows Start button then type “msconfig” to run
5. On the Services tab of System Configuration, select Hide all Microsoft services, and then
select Disable all.

UPDATE MANAGER
6. Click OK then reboot the PC.
7. Confirm KB3125574 installation status is still Successful after reboot.
8. Click Windows Start button then type “msconfig” to run
9. On the Services tab of System Configuration, select Hide all Microsoft services, and then select
Enable all.
10. Click OK then reboot the PC.
3.7.10 Known Issue: EPKS R510.x and R511.x nodes continue displaying popup to install SQL Server
Cumulative Update 22 (CU 22) update KB4577467 although already installed
Symptoms
EPKS R510.x and R511.x nodes continue displaying popup to install SQL server CU 22 MS19-08-SQL
KB4577467 although already installed
Context
 Experion R510.x and R511.x
 December1 2020.ISO
Diagnosis
SQL CU 22 update KB4577467 installation completes successfully but “sqlservr.exe” version

fails to get updated as shown below:
UPDATE MANAGER

UPDATE MANAGER
Cause
3rd Party Application
Resolution
The issue has already been reported to Microsoft. Microsoft has acknowledged the problem and is
working on a resolution. At this time, Microsoft is not able to provide a resolution date, we would
revise this notification once Microsoft have communicated their plan to resolve the product anomalies.
An internal PAR SUIT-407 has been raised for monitoring the issue.
3.7.11 Known Issue: Error message “Cannot find Script file” is displayed while running January 3
2021 ISO media
Symptoms
When the January 3 2021 ISO media is mounted and tried to install on any Windows Server 2012 \ 2012
R2 machines where updates are not installed from past few months, “Cannot find Script file” error
message is displayed.
Context
 Installing MS Updates after long time using January 3 2021.iso by mounting
 Windows Server 2012 Operating system
 Windows Server 2012 R2 Operating system
Diagnosis
When the January 3 2021 ISO media is mounted and tried to install on any Windows Server 2012 \ 2012
R2 machines where updates are not installed from past few months, “Cannot find Script file” error
message is displayed as shown below:

UPDATE MANAGER
Cause
SUIT team is working on the issue and will fix the same in the next ISO release
Resolution
Click on the OK button to close the pop up message. ISO media will continue with update installation.
This issue has been fixed in the February 3 ISO media.
3.7.12 Known Issue: When update installation is done by mounting SUIT ISO media, installation
stops after system restart, after installing Service Stack Updates (SSU)
Symptoms
When update installation is done by mounting SUIT ISO media, installation stops after system
restart, after installing Service Stack Updates (SSU)
Context
 Installing MS Updates by mounting
 All SUIT ISO Media from January 2021 onwards
Diagnosis
When update installation is done by mounting SUIT ISO media, installation stops after system
restart, after installing Service Stack Updates (SSU). The issue is caused due to unmounting of the
SUIT ISO media.
Cause
SUIT ISO media gets unmounted after system is restarted. It is an expected behavior with
Windows operating system.
Resolution
A pop up message has been introduced to inform the user that the ISO media is un-mounted. User
should mount the ISO media and then click on OK button to continue with the update installation. The
tool will wait for sufficient time for the user to re-mount the ISO media and then click on the button.
3.7.13 Known Issue: Last ISO Installation details not getting updated in Windows 10 1809 tablet
(Node ID: 285)
Symptoms
After installing MS updates using ISO media, Last Iso Installation detail in not getting updated in
Windows 10 1809 Tablet (Node ID : 285)

UPDATE MANAGER
Context
 Installing MS Updates
 Windows 10 \ 2016 \ 2019 ISO Media from May 2021 onwards
 Windows 10 1809 Tablet (Node ID : 285)
Diagnosis
After the system is restarted after completing the update installation, the Last ISO Installation details
should get updated with the ISO media Month. But in Windows 10 1809 Tablet, Last ISO Installed
details is being displayed as “Unknown”.
Cause
SUIT team is analyzing the issue and will fix the same in the future releases.
Resolution
Please ignore the issue.
3.7.14 Known Issue: MS Updates fails to install with multiple error codes
Symptoms
We are experiencing multiple windows update failure on Windows Server 2016 for x64-based
Systems and Windows 10. After installation of MS updates, it’s asking restart to complete the
installation. But during restart update is rolling back and getting uninstalled automatically.
Context
 Installing MS Updates
 Windows 10 \ 2016 \ 2019 ISO Media

UPDATE MANAGER
 Windows 10 Operating System
 Windows Server 2016 Operating System
Diagnosis
Microsoft has suggested below 3 workarounds for fixing this issue:
Workaround 1:
i. Run NetSetupSvc in its own container using below command:

sc config netsetupsvc type= own
ii. Install the updates.
iii. Once the machine comes up run the NetSetupSvc in share mode again using below
command:
sc config netsetupsvc type= share
Workaround 2:
If netstupsvc is already in its own svchost container, a clean boot can solve the issue:
How to perform a clean boot in Windows

https://support.microsoft.com/en-us/help/929135/how-to-perform-a-clean-boot-in-
windows
Workaround 3:
i. Open command prompt with Administrator privilege
ii. Run the command chkdsk c: /f /r
iii. Reboot the system
iv. Wait for Check disk operation to complete
v. Open command prompt with Administrator privilege
vi. Run the command sfc /scannow
vii. Then Run the manual ISO install
3.8 Procedure to Clean up disk:

1. Folders to be emptied (if exist):
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp
C:\ProgramData\Honeywell\Experion PKS\Server\data\dct\temp

UPDATE MANAGER
For each user found in c:\users:, C:\Users\nameoftheuser\AppData\Local\Temp for example

C:\Users\HPSInstall\AppData\Local\Temp
2. Search the following directories for crash dumps (*.dmp or *.mdmp).

• C:\ProgramData\Honeywell\Experion PKS\Server\data\dct\Temp\ErrorHandling
• C:\ProgramData\Honeywell\Experion PKS\CrashDump
• C:\ProgramData\Honeywell\HMIWebLog\DumpFiles
• C:\ProgramData\Microsoft SQL Server\
• C:\Windows
 Delete any crash dump file found (dmp/mdmp)
3. Delete any manual ERDB backups or similar in C\temp or similar project backup
4. If “C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb” is large, verify the
Search indexing configuration, see article 115303
5. Confirm the Experion history archive configuration using the Client Server Audit document (article
65350), check 6.
On Physical nodes (not on VMs or vSan), It is recommended to perform a disk defrag after having
deleted large files, the Experion Disk Defrag Procedure can be found in article 65216.
https://wiztreefree.com/ can be used to easily find large files.

TERMS AND DEFINITIONS
4 Terms and definitions

The table below lists the terms used in this document.
Terms Definitions
This is a tool designed to manage all the Security and Non-Security updates
Update Manager
supported for all the HPS product nodes.

NOTICES
5 Notices
Documentation feedback
You can find the most up-to-date documents on the Honeywell Process Solutions support website at:
http://www.honeywellprocess.com/support
If you have comments about Honeywell Process Solutions documentation, send your feedback to:
hpsdocs@honeywell.com
Use this email address to provide feedback, or to report errors and omissions in the documentation. For
immediate help with a technical problem, contact your local Honeywell Process Solutions Customer
Contact Center (CCC) or Honeywell Technical Assistance Center (TAC).
How to report a security vulnerability
For the purpose of submission, a security vulnerability is defined as a software defect or weakness that
can be exploited to reduce the operational or security capabilities of the software.
Honeywell investigates all reports of security vulnerabilities affecting Honeywell products and services.
To report a potential security vulnerability against any Honeywell product, please follow the
instructions at:
https://honeywell.com/pages/vulnerabilityreporting.aspx
Submit the requested information to Honeywell using one of the following methods:
 Send an email to security@honeywell.com; or.
 Contact your local Honeywell Process Solutions Customer Contact Center (CCC) or Honeywell
Technical Assistance Center (TAC).
Support
For support, contact your local Honeywell Process Solutions Customer Contact Center (CCC). To find
your local CCC visit the website, https://www.honeywellprocess.com/en-US/contact-us/customer-
support-contacts/Pages/default.aspx.
Training classes
Honeywell holds technical training classes that are taught by process control systems experts. For more
information about these classes, contact your Honeywell representative, or see
http://www.automationcollege.com.

Honeywell Process Solutions
1250 W Sam Houston Pkwy S #150, Houston, TX

77042
Honeywell House, Skimped Hill Lane

Bracknell, Berkshire, RG12 1EB
Building #1, 555 Huanke Road, Zhangjiang Hi-Tech

Park,
<<DocumentID>>
Pudong New Area, Shanghai, China 201203
August 2021
www.honeywellprocess.com © 2021 Honeywell International Sàrl

Honeywell Suit Iso User Guide

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Honeywell Suit Iso User Guide

Uploaded by

Copyright:

Available Formats

SUIT

SUIT ISO User Guide

Copyright 2021- Honeywell International Sàrl

SUIT ISO AUGUST 2021 2

1.2 Symbols and definitions ...................................................................................................................... 6

1.3 Scope ................................................................................................................................................... 7

1.4 Revision history................................................................................................................................... 8

1.5 Intended audience .............................................................................................................................. 15

1.6 Related documents ............................................................................................................................ 15

2.2 Supported HPS Products ................................................................................................................... 16

2.3 Honeywell Recommendation ............................................................................................................ 19

3.2 Checking for Available Updates........................................................................................................ 32

3.3 Validating Security Updates .............................................................................................................. 35

3.4 Validating Non-Security Updates ...................................................................................................... 36

3.5 Validating Latest ISO ........................................................................................................................ 36

3.6 Viewing ISO Configuration File ....................................................................................................... 37

3.7 Known Issues and Workarounds ....................................................................................................... 38

SUIT ISO AUGUST 2021 3

3.8 Procedure to Clean up disk: ............................................................................................................... 51

SUIT ISO AUGUST 2021 4

1 About this guide

It is highly recommended that a user completely understands and exercises

1.1 Support and other contacts

Europe Honeywell +32-2-728-2732 TAC-BE02 +32-2-728-

B-1831 Diegem, Belgium

Pacific Honeywell 1300-364-822 (toll free Honeywell Limited Australia 5 +61-8-9362-

India Honeywell +91-20-6603-9400 Honeywell Automation India +91-20-6603-

SUIT ISO AUGUST 2021 5

Country Contact Phone MAIL/EMAIL FASCIMILE

Singapore Honeywell +65-6580-3500 Honeywell Private Limited +65-6580-3501

Taiwan Honeywell +886-7-536-2567 Honeywell Taiwan Ltd. +886-7-536-

Japan Honeywell +81-3-6730-7160 Honeywell Japan Inc. +81-3-6730-

1.2 Symbols and definitions

ATTENTION: Identifies information that requires special consideration.

SUIT ISO AUGUST 2021 6

Regardless of the approach taken to update systems with Microsoft

SUIT ISO AUGUST 2021 7

1.4 Revision history

Revision Release Description

1.2 August 2012 ISO support for EPKS R400.3, EBR

1.7 February 2013 ISO support for SM 133.4 on Windows Server

SUIT ISO AUGUST 2021 8

Revision Release Description

2.7 July 2014 ISO support for SM R133.5/146.1/151.4 and FSC

2.9 March 2015 Updated node ID’s information table.

3.3 August 2015 Removed ISO support for nodes running on

3.4 September 2015 Updated Description for Nodes with ID 181-185

3.7 April 2016 Added Note III(a) in end of 2.2 section

SUIT ISO AUGUST 2021 9

Revision Release Description

3.8 May 2016 MS ISO support added for BMA nodes

3.9 June 2016 Added Note III(b) in end of 2.2 section

3.10 July 2016 EBR 4xx support is added, independent of IE

3.13 October 2016 ISO support added for SM 153.3/160.x on

3.14 November 2016 ISO support for LX R 120.1 Patch1 on WIN2K8

SUIT ISO AUGUST 2021 10

Revision Release Description

3.22 November 2017 ISO support for PHD R340/R321, UPS

3.23 February 2018 Added “Note VI” in page 15.

3.24 March 2018 ISO support for FSC R801.1, SM R161.1, SM

3.30 December 2018 ISO support for EPKS R511, PHD340.X on

SUIT ISO AUGUST 2021 11

Revision Release Description

3.33 May 2019 Added attention section for CVE-2019-0708 RDP