Cybersecurity considerations for electrical distribution systems
Securing the Network Management Module – 189
•
•
•
•
5 Securing the Network Management Module
5.1 Cybersecurity considerations for electrical distribution systems
5.1.1 Purpose
The purpose of this section is to provide high-level guidance to help customers across industries and applications apply Eaton
solutions for power management of electrical systems in accordance with current cybersecurity standards.
This document is intended to provide an overview of key security features and practices to consider in order to meet industry
recommended standards and best practices.
5.1.2 Introduction
Every day, cyber-attacks against government and commercial computer networks number in the millions. According to U.S. Cyber
Command, Pentagon systems are probed 250,000 times per hour. Similar attacks are becoming more prevalent on other kinds of
information-based smart networks as well, such as those that operate buildings and utility systems. Whether the objective is to
steal intellectual property or halt operations, the tools and the techniques used for unauthorized network access are increasingly
sophisticated.
5.1.3 Connectivity—why do we need to address cybersecurity for
industrial control systems (ICS)?
There is increasing concern regarding cybersecurity across industries where companies are steadily integrating field devices into
enterprise-wide information systems. This occurs in discrete manufacturing and process industrial environments, a wide range of
general and specific purpose commercial buildings, and even utility networks. Traditionally, electrical systems were controlled
through serial devices connected to computers via dedicated transceivers with proprietary protocols. In contrast, today’s control
systems are increasingly connected to larger enterprise networks, which can expose these systems to similar vulnerabilities that
are typically found in computer systems. The differences between information technology (IT) and ICS networks can be
summarized as follows:
The main focus of the IT network is to ensure the confidentiality and the integrity of the data using rigorous access control
and data encryption
The main focus of the ICS network is safety, availability, and integrity of data
Enterprise security protects the servers’ data from attack
Control system security protects the facility’s ability to safely and securely operate, regardless of what may befall the rest of
the network
5.1.4 Cybersecurity threat vectors
Cybersecurity threat vectors are paths or tools that an entity can use to gain access to a device or a control network in order to
deliver a malicious attack. Figure below shows examples of attack vectors on a network that might otherwise seem secure.
Summary of Contents for Network-M2
Page 1: ...UPS Network Management Card Network M2 User s Guide English 10 15 2020 2 0 5 ...
Page 2: ......
Page 24: ...Configuring Modbus Installing the Network Management Module 24 ...
Page 25: ...Configuring Modbus Installing the Network Management Module 25 ...
Page 26: ...Configuring Modbus Installing the Network Management Module 26 ...
Page 38: ...Home Contextual help of the web interface 38 3 2 7 1 3 Battery mode 3 2 7 1 4 Off mode ...
Page 40: ...Home Contextual help of the web interface 40 3 2 7 2 3 Battery mode 3 2 7 2 4 Off mode ...
Page 42: ...Home Contextual help of the web interface 42 3 2 7 3 2 Bypass mode 3 2 7 3 3 Battery mode ...
Page 64: ...Protection Contextual help of the web interface 64 Example 2 Immediate OFF Example 4 Custom ...
Page 65: ...Protection Contextual help of the web interface 65 Settings 1 ...
Page 261: ...Acronyms and abbreviations Information 261 ...
Page 268: ......