Protecting Your ATG: A Guide to Safeguarding Your Station

By ARUME

Automatic Tank Gauges (ATGs) are vital for convenience stores, but internet connectivity introduces security vulnerabilities. Here's a breakdown of protection methods:

Built-in Password Protection

ATGs come with built-in password protection. This works well for secure, private connections like serial cables or modems. When issuing a command, you preface it with the password, which the ATG verifies before accepting the command. However, this method is ineffective over the internet as hackers can easily intercept the password along with the command.

Limited Protection with Non-Standard Ports

Another method uses serial-to-TCP/IP converters for internet communication. These converters use specific ports for communication. The industry standard port for Veeder-Root is 10001 and for Franklin Electric Fueling Systems it's 8001. While you can configure an uncommon port number, it offers minimal protection. Imagine hiking in bear country; using a non-standard port is like having a slower companion - the hacker might target the standard port (your slower friend) first but you’re next.

External Protection Methods

For robust internet security, additional external measures are necessary:


  • Firewalls: These act as security barriers, filtering incoming and outgoing traffic.
  • VPNs (Virtual Private Networks): These create a secure tunnel for data transmission over the public internet.

Kachoolie: A Secure Communication Alternative

Kachoolie offers a unique and secure alternative for ATG communication:


  • Physically Secure Controller Device: Unlike traditional methods that rely on the ATG receiving commands, Kachoolie utilizes a controller device located near or in the tank gauge within a physically secured area. This eliminates the vulnerability of receiving external commands.
  • Outbound Communication Only: The Kachoolie device initiates communication by sending data outward to a specific server or group of servers. This eliminates the risk of hackers gaining access by targeting the device itself, as it doesn't have a publicly accessible address on the internet.
  • Point-to-Point Encryption: Kachoolie employs point-to-point encryption for enhanced security. The data is encrypted by the controller device specifically for the designated server, and only the server can decrypt it. This makes it extremely difficult for hackers to intercept and decipher the information, even if they manage to eavesdrop on the communication.

Benefits of Kachoolie's Approach

  • Reduced Risk of Hacking: By eliminating the ability to receive commands and implementing outbound communication only, Kachoolie significantly reduces the attack surface for hackers.
  • Enhanced Data Security: Point-to-point encryption ensures that even if intercepted, the communication remains undecipherable.
  • Improved Overall Security Posture: Kachoolie's approach provides a strong and comprehensive defense strategy foundation for ATG security without the need for external protection.

When is Protection Needed?

Protection is crucial when:

  • Polling ATGs over the internet
  • Using TCP/IP to serial converters (most common method)

Remember: Password protection and non-standard ports offer minimal security on the internet. Implementing firewalls, VPNs are only as secure as the servers where they are implemented. A secure communication method like that offered by Kachoolie avoids the inherent ATG vulnerabilities and the reliance on secure servers and provides security without relying on external firewalls and VPNs.


By understanding these vulnerabilities and taking appropriate action, you can protect your station from cyberattacks and ensure the smooth operation.