ABB REF 542plus Скачать руководство пользователя страница 16 | Manualshive

Страница: 16 / 52

ABB REF 542plus Скачать руководство пользователя страница 16

4.1.

User authentication

The user has to authenticate himself by giving a user name and password. The
user name and password have to be communicated to the core unit to check
the authentication. For security reasons, to avoid access from intruders and
not authenticated users, the information (user name and password) is
encrypted with a non-convertible key.

Therefore, digest authentication algorithms are used in the configuration tool
and REF 542plus core unit. This way passwords are not communicated as
plain text through the communication line because they are already converted
on the PC level with an AES algorithm encryption key and converted back on
the device level. The AES algorithm is a symmetric block cipher that can
encrypt (encipher) and decrypt (decipher) information. The encryption
converts data to an unintelligible form called ciphertext; decrypting the
ciphertext converts the data back into its original form called the plaintext.
The AES algorithm is capable of using cryptographic keys of 128, 192, and
256 bits to encrypt and decrypt data in blocks of 128 bits.

4.2.

Security for writing operations

Web-enabled REF 542plus allows some writing operations. This means that
the user can change information on the server, such as the telephone numbers
for SMS messaging.

This writing operation needs an authentication based on user name and
password. For security reasons, the digest authentication is applied. This way
passwords are not communicated as plaintext through the communication
line.

4.3.

Security for saving passwords

Web-enabled REF 542plus allows interaction with the device for different
types of user rights. Operation requiring special rights needs an authentication
based on the user name and password. All the passwords are stored in the
SCL file on the PC. This file is prepared by the Configuration Tool and then
sent to the device. For security purposes, all the passwords are not stored as
plaintext but as already encrypted.

Selecting a suitable password is crucial and part of the security aspects of the
application. A password should be handled like a key and should never be
public. The password should be changed randomly and it should not contain
names or words in order to increase access security for hackers and unwanted
actions. It is further recommended to have figures and special characters in
the password to increase the security level for any intruders.

The password must have a minimum of 8 characters, otherwise
the password is not accepted.

16

REF 542plus

Multifunctional Protection and Switchbay
Control Unit

Installation Manual for Web Interface

Installation manual

1MRS755865

«
...
14
15
16
17
18
...
»

Содержание REF 542plus

Страница 1: ...REF 542plus Installation Manual for Web Interface Installation manual ...

Страница 2: ......

Страница 3: ...witchgear overview 20 5 3 Web communication configuration 21 5 4 Set TCP IP properties 21 5 5 Set WEB SERVER properties 22 5 6 GSM SMS properties 23 5 6 1 REF as SMS gateway 24 5 6 2 GSM modem configuration 24 5 6 3 IP address of SMS gateway 25 5 7 Language file generation 26 5 8 Web pages language selection 26 6 Communication requirements and network installation 29 6 1 REF 542plus Ethernet physi...

Страница 4: ...configuration 39 6 4 1 MAC address configuration 39 6 4 2 TCP IP configuration 39 6 4 3 IP address 40 6 4 4 Subnet mask 40 6 4 5 Default gateway configuration 41 6 4 6 Example of a subnet configuration 41 6 4 7 Examples of communication system addressing 42 6 5 Communication system security 44 6 5 1 Access through standard Ethernet router 45 6 5 2 IPSec function 45 7 Terminology 47 8 Abbreviations...

Страница 5: ... or copied without written permission from ABB Oy and the contents thereof must not be imparted to a third party nor used for any unauthorized purpose The software or hardware described in this document is furnished under a license and may be used copied or disclosed only in accordance with the terms of such license Copyright 2006 ABB Oy All rights reserved Trademarks ABB is a registered trademark...

Страница 6: ...6 ...

Страница 7: ...ard which could result in personal injury The caution icon indicates important information or warning related to the concept discussed in the text It might indicate the presence of a hazard which could result in corruption of software or damage to equipment or property The information icon alerts the reader to relevant facts and conditions It should be understood that operation of damaged equipmen...

Страница 8: ...ical Reference Modbus RTU 1MRS755868 Web Manual Installation 1MRS755865 Web Manual Operation 1MRS755864 1 5 Document revisions Version IED Revision number Date Comment 1VTA100264 Release 1 0 22 01 2004 First release 1VTA100264 Release 1 1 14 05 2004 Update A 28 02 2006 Document updated language layout B 2 5 30 9 2006 Updated to software version V4E03x Applicability This manual is applicable to REF...

Страница 9: ... REF 542plus Ethernet network is connected to a company intranet or the Internet In case the customer decides on his own risk to connect to intranet or the Internet special security advices have to be considered To setup switches and gateways with the IPSec feature is mandatory as described in this manual Do not make any changes to the REF 542plus configuration unless you are familiar with the REF...

Страница 10: ...10 ...

Страница 11: ...owser the plugin can only display svg files but no interaction such as moving or clicking elements Most of the other used technologies and browser functions are also Netscape 6 x and Mozilla 1 x compatible For more information about svg support in browsers have a look at www adobe com svg You can download if necessary the SVGview exe from the Adobe s download page to your PC Simply install the SVG...

Страница 12: ...es is the enable setting for proxy connections See Fig 3 2 2 It can be found in the Internet Options Advanced Browse to HTTP1 1 settings and enable Use HTTP 1 1 through proxy connections 12 REF 542plus Multifunctional Protection and Switchbay Control Unit Installation Manual for Web Interface Installation manual 1MRS755865 ...

Страница 13: ...13 A051093 Fig 3 2 2 Enable the setting for proxy connections 1MRS755865 Multifunctional Protection and Switchbay Control Unit Installation Manual for Web Interface Installation manual REF 542plus ...

Страница 14: ...14 ...

Страница 15: ... IPSec feature to be installed is recommended as shown in Fig 4 1 A051276 Fig 4 1 Example of a connection to an enterprise network It assures that only certified clients that is Web browsers can access the IP address of REF That is pinging to the IP address is in this case not possible 1MRS755865 Multifunctional Protection and Switchbay Control Unit Installation Manual for Web Interface Installati...

Страница 16: ...mation on the server such as the telephone numbers for SMS messaging This writing operation needs an authentication based on user name and password For security reasons the digest authentication is applied This way passwords are not communicated as plaintext through the communication line 4 3 Security for saving passwords Web enabled REF 542plus allows interaction with the device for different typ...

Страница 17: ...et Installing the IPSec function is recommended 4 5 Number of devices allowed per subnet The number of devices per subnet is limited The limitation is set to 254 devices The practical subnet size should be defined by the application and have a practical size of 10 devices In case a GSM Modem is connected one device per total network is sufficient 1MRS755865 Multifunctional Protection and Switchbay...

Страница 18: ...18 ...

Страница 19: ...hinese is selected by the user the English language becomes automatically the second one Then the local language is the default one on the pages when starting the WEBREF functionality on the PC The GSM and the network configuration are handled by the Configuration Tool as well 5 1 SLD design constraints Drawing of busbar symbol has to be on the same vertical coordinates and the whole width of the ...

Страница 20: ...to monitor The size of the overview is the size of a subnet In the subnets click Next to continue or use the numbered navigation buttons There are 3 SLDs displayed per page You can continue and move back with the Next button or use the numbered navigation buttons When drawing SLD in the Configuration Tool use the full width of the drawing area in order to prevent a discontinued only from visual po...

Страница 21: ...ned A051095 2 Fig 5 3 1 Property sheet for the configuration of the Web communication 5 4 Set TCP IP properties In this setting the Ethernet network access can be configured by setting the IP address subnet mask and default gateway 1MRS755865 Multifunctional Protection and Switchbay Control Unit Installation Manual for Web Interface Installation manual REF 542plus ...

Страница 22: ...252 0 For more information refer to Section 6 4 2 TCP IP configuration 5 5 Set WEB SERVER properties After pushing the related button the following Fig 5 5 1 appears A060414 Fig 5 5 1 WEB SERVER properties for Users Configuration The user can add and edit users and the corresponding passwords Removing users can also be done from here 22 REF 542plus Multifunctional Protection and Switchbay Control ...

Страница 23: ...rd them to the GSM modem for transmitting into the GSM network REF 542plus is forwarding all the SMS messages that are sending to this Gateway IP address Also the SMS messages generated by the gateway itself are sent to the GSM for transmitting As the SMS message source is configured REF 542plus will send its SMS message to the Gateway IP address The gateway is then forwarding this message to the ...

Страница 24: ...r subnet The queue is designed to have not more than 10 SMS messages per gateway at the same time 5 6 2 GSM modem configuration The modem configuration is fixed in the actual version By clicking the GSM modem configuration radio button a dialog for selecting the modem type and baud rate is provided The modem type and values cannot be selected For the applications with this version the INSYS GSM 2 ...

Страница 25: ...no GSM physically connected the IP address of SMS gateway button has to be selected Also the IP address of the gateway has to be typed Verify that the address is correctly typed because this can cause malfunction of the SMS messaging 1MRS755865 Multifunctional Protection and Switchbay Control Unit Installation Manual for Web Interface Installation manual REF 542plus ...

Страница 26: ...when a new WEBREF session is opened on the PC A060415 Fig 5 8 1 Selection of language from the Web Page If last update is 20 or more seconds ago then the Last update text becomes red This shows that the connection to the embedded Web server of the REF 542plus is lost A060416 Fig 5 8 2 Lost connection to the embedded Web server in REF 542plus The English language is always present and cannot be uns...

Страница 27: ...dently of device configuration and firmware the user can set a completely arbitrary local language on the server even with different symbols like Chinese or Japanese simply providing the translated language files 1MRS755865 Multifunctional Protection and Switchbay Control Unit Installation Manual for Web Interface Installation manual REF 542plus ...

Страница 28: ...28 ...

Страница 29: ...nto place To remove the connector press the snap in device in the direction of the connector and then remove the connector 6 2 Network devices required To build a network several additional devices are needed The requirements for network devices are described in this paragraph In addition there is an ABB recommendation for each device 6 2 1 Network cables The cable connected directly to REF 542plu...

Страница 30: ... 14 mm stranded shielded outer sheath 5 2 mm diameter preassembled on both sides with RJ 45 connector crossover or line assignment For connections with switch outside the switch gear the heavy version is suggested CAT 5 S UTP cable J 02YS ST C HP 2 x 2 x 24 AWG heavy duty installation cable 2 x 2 x 0 22 mm solid conductor shielded outer sheath 7 8 mm diameter inner sheath 5 2 mm diameter preassemb...

Страница 31: ...tic distances up to 50 m 164 04 ft can be covered with plastic optical fiber POF by using easy to operate polymer fiber technology For distances up to 100 m 328 08 ft HCS fiber also easy to assemble can be used together with optical connection conforms to the F SMA standard If longer distances are to be covered or if an existing glass fiber installation is used the glass fiber optic can normally c...

Страница 32: ...g network segments with different transmission rates auto crossing function DIN rail mountable For medium large plants and especially if the network has composed of several sub networks ABB recommends Phoenix Contact Modular Switch System that can be seamlessly expanded from 8 ports up to 24 ports offering a flexible cable outlet either at the bottom or at the front depending on the requirements o...

Страница 33: ...ersion for modularity and performance reasons it is suggested rather than the software version running on PC 6 3 Network topology 6 3 1 Bus topology A typical bus topology is illustrated in Fig 6 3 1 1 A051109 Fig 6 3 1 1 Bus topology Each switch is connected to the previous switch or next switch in the cascade via one of its ports uplink port The bus topology is recommended for small plants for i...

Страница 34: ...ould have a size of approximately 10 devices In case a GSM Modem is connected one device per total network is sufficient 6 3 3 Example of star topology with REF 542plus WebREF is particularly suitable for low end solutions The Fig 6 3 3 1 shows a typical architecture for low end systems based on a single network in star topology Not all depicted devices are mandatory Example for an unmanned plant ...

Страница 35: ...ides some level of redundancy if any of the ring connections should fail This topology is more cost effective of the star topology but less than the bus one In addition it offers a redundancy in the loop but in this case it requires the use of switch able to change to linear topology in case of a fault 1MRS755865 Multifunctional Protection and Switchbay Control Unit Installation Manual for Web Int...

Страница 36: ... 542plus Considering the Fig 6 3 5 1 the structure is made connecting backbone ports of switches generally provided in industrial Ethernet switches 36 REF 542plus Multifunctional Protection and Switchbay Control Unit Installation Manual for Web Interface Installation manual 1MRS755865 ...

Страница 37: ...chgear With reference to Fig 6 3 6 1 for the integration of the Ethernet network inside the switchgear following basic rules are suggested To use one or more industrial Ethernet switches placed in empty LV cubicles of the switch gear that is the bus rise panel or in an additional empty LV panel It is preferable to use DIN rail mounted Ethernet devices Also it is preferred if the Ethernet switch al...

Страница 38: ... of complex topology in which several network solutions are used The network is based on a star topology where a modular switch is used as a backbone for the substation This modular switch is then connected by an optical uplink glass fibre to the control room and by optical links plastic fiber to the two subnetworks Even if the modular switch is the backbone of the communication system for the cos...

Страница 39: ...more information regarding IP Address Subnet mask and Default Gateway address see Section 7 Terminology The IP address is stored in the configuration file ref downloaded by the REF 542plus engineering tool The tools runs on a PC connected point to point with the serial port of RHMI 1MRS755865 Multifunctional Protection and Switchbay Control Unit Installation Manual for Web Interface Installation m...

Страница 40: ...umbers as an IP address In this case 2 means the device has the number 2 in its sub network It results in that a maximum of 254 devices per subnet are possible The IP address with the number 10 41 75 255 determines a broadcast address It is not allowed to configure any addresses with this end figure because all the users above the subnet mask range are then addressed 6 4 4 Subnet mask The subnet m...

Страница 41: ...uired if it is intended to address the network configurable devices from a management station separated from them by a router The default Gateway IP address has to be inside the subnet mask 6 4 6 Example of a subnet configuration How to create two sub networks The two networks are identified through the 3rd address identifier Table 6 4 6 1 Example of two sub networks Subnet 1 Subnet 2 10 41 72 1 1...

Страница 42: ...9h 4ah 4bh which is in decimal 72 73 74 75 6 4 7 Examples of communication system addressing Communication system addressing should be based on the following network design rules The router and REF 542plus devices belonging to the LAN plant have to have the same subnet mask address The default gateway address configured in each REF 542plus has to be equal to the IP address of the router The IP add...

Страница 43: ...ch the PC is a workstation in control room or a dedicated server PC belonging to the network in control room If a remote connection that is ISDN is needed a router has to be connected to Ethernet network 2 and not directly to 1 Note the DHCP configuration for the server in the example This is necessary to have a transparent access to REF 542plus from the Corporate WAN side 1MRS755865 Multifunction...

Страница 44: ... with PC server 6 5 Communication system security Required for customers connecting to intranet or Internet only 44 REF 542plus Multifunctional Protection and Switchbay Control Unit Installation Manual for Web Interface Installation manual 1MRS755865 ...

Страница 45: ...ffic at the IP layer A further functional area is the key management Authentication assures that a received packet was really sent by the source indicated in the packet header and that the data in the packet coincide with the data sent By using encryption listening of the data by third parties has no effect The key management is responsible for the secure exchange of the keys This feature needs to...

Страница 46: ...r router IPSec can be implemented in a firewall or router providing a security tunnel between the two isolated networks While the strongest security is transparently provided for the traffic between the two networks the inner network traffic is not affected or delayed 46 REF 542plus Multifunctional Protection and Switchbay Control Unit Installation Manual for Web Interface Installation manual 1MRS...

Страница 47: ...t physical media such as Ethernet FDDI WAN etc preservation of address space and security The most common reason is to control network traffic In an Ethernet network all nodes on a segment see all the packets transmitted by all the other nodes on that segment Performance can be adversely affected under heavy traffic loads due to collisions and the resulting retransmissions A router is used to conn...

Страница 48: ...48 ...

Страница 49: ...Local Area Network LV Low Voltage RHMI Remote Human Machine Interface as control unit SCL Substation Configuration Language defined by IEC 61850 SLD Single Line Diagram 1MRS755865 Multifunctional Protection and Switchbay Control Unit Installation Manual for Web Interface Installation manual REF 542plus ...

Страница 50: ......

Страница 51: ......

Страница 52: ...ABB Oy Distribution Automation P O Box 699 FI 65101 Vaasa FINLAND 358 10 2211 358 10 224 1080 www abb com substationautomation 1MRS755865 EN 9 2006 ...

Отзывы:

Нет отзывов

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды