Application Planning
3.6 Check list: Data security
Fail-safe operation of the Mobile Panel 277F IWLAN
52
Function Manual, 08/2008, 6AV6691-1FQ01-2AB0
Measure
Further information
Check
* Use authentication mechanisms to prevent unauthorized
participation in wireless traffic.
Shared key as well as certificates are allowed as
authentication methods.
The pass phrase must be at least 20 characters long. The
passphrase should contain alphanumeric characters and
special characters.
HMI device
* Protect the HMI device and the toolbar of the HMI device
against unauthorized access with a password.
HMI device operating
instructions, chapter
"Change password
protection".
* Only release the data channel via which the project will
be transmitted to the HMI device, during transmission of
the project.
HMI device operating
instructions, chapter "Data
channel parameter
assignment".
F-CPU and safety program
* Protect the access to the F-CPU and to the safety
program with passwords.
Programming and operating
manual "S7
Distributed Safety
Configuring and
Programming", chapter
"Access protection"
WinCC flexible ES
Protect WinCC flexible Es with general IT technologies.
Examples:
•
Protect the PC where the ES is installed on the
operating system level with a password.
•
To encrypt files, folders, and partitions use an
appropriate encryption program. Programs with this
functionality are available as shareware.
•
Assign access rights to specific drives so that only a
certain person subgroup can use the data.
•
Encrypt the data with mechanisms that Windows
makes available.
Protect the "Effective range name" object with a password. WinCC flexible Information
System
Further information
Addition information on the data security is available in the following publications:
● System manual "Fundamentals - Industrial Wireless LAN", chapter "Data security of
wireless communication in accordance with IEEE 802.11".
● Brochure published by the German Federal Office for Information Secuiruty (Bundesamt
für Sicherheit in der Informationstechnik): "Wireless communication systems and their
security aspects".