ABB Relion REX610 Скачать руководство пользователя страница 22 | Manualshive

Страница: 22 / 36

background image

Table 3:

Default user roles

Role

Description

VIEWER

Viewing what objects are present in the logical device

OPERATOR

Viewing what objects are present in the logical device

Performing control operations such as opening or closing the circuit

breaker

ENGINEER

Viewing what objects are present in the logical device

Making parameter setting and configuration changes in addition to

having full access to the data sets and files

ADMINISTRATOR

Superset of all the roles

describes the default mapping of all the user rights associated with all the

roles in the protection relay. This mapping can be modified according to the user
requirements.

Table 4:

Default roles-to-rights mapping

Rights/Roles

ADMINISTRATOR ENGINEER

OPERATOR

VIEWER

Settings &

Configuration

Read/Write

Read/Write

Read

Read

Settings Group

Handling

Read/Write

Read

Read/Write

Read

Control

Operations

Read/Write

Read

Read/Write

Read

Record Handling

Read/Write

Read/Write

Read

Read

Test Mode

Read/Write

Read/Write

Read

Read

System Update

Read/Write

Read

Read

Read

User

Management

Read/Write

Read

Read

Read

User account information can be exported from IED Users in PCM600 to an
encrypted file which can be imported into another protection relay.

User authorization is disabled by default for the LHMI and can be
enabled with the

Local override

parameter via the menu path

Configuration/Authorization/Passwords

. Changes in user

management settings do not cause the protection relay to reboot.
The changes are taken into use immediately after committing the
changed settings on the menu root level. When the

Local override

parameter is set to "False", Local User Account Management
comes into use.

If the

Remote override

parameter under

Configuration/Authorization/Passwords

menu has been disabled, all MMS communication (such as communication with
SCADA) requires authentication using the correct password.

Remote override

is

enabled by default. Remote override does not impact FTP/FTPS/USB clients such
as PCM600. Username and password are always required for communication with

Section 4

2NGA000818 A

User management

16

REX610

Cyber Security Deployment Guideline

«
...
20
21
22
23
24
...
»

Содержание Relion REX610

Страница 1: ...RELION PROTECTION AND CONTROL REX610 Cyber Security Deployment Guideline...

Страница 2: ......

Страница 3: ...Document ID 2NGA000818 Issued 2022 04 21 Revision A Product version 1 0 Copyright 2022 ABB All rights reserved...

Страница 4: ...uch license This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit http www openssl org This product includes cryptographic software written developed by Eric Y...

Страница 5: ...e which should be connected to a secure network It is the sole responsibility of the person or entity responsible for network administration to ensure a secure connection to the network and to take th...

Страница 6: ...ical equipment for use within specified voltage limits Low voltage directive 2014 35 EU This conformity is the result of tests conducted by the third party testing laboratory KEMA in accordance with t...

Страница 7: ...TCP IP based protocols and used IP ports 11 Secure communication 12 Certificate handling 12 Encryption algorithms 12 Section 4 User management 15 Local user account management 15 Password policies 17...

Страница 8: ...Section 8 Glossary 27 Table of contents 2 REX610 Cyber Security Deployment Guideline...

Страница 9: ...hase and during normal service 1 2 Intended audience This guideline is intended for the system engineering commissioning operation and maintenance personnel handling cybersecurity during the product l...

Страница 10: ...9 3CE41B04C031 V1 EN US Figure 1 The intended use of documents during the product life cycle 1 3 2 Document revision history Document revision date Product version History A 2022 04 21 1 0 First relea...

Страница 11: ...e and Menu paths are presented in bold Select Main menu Settings LHMI messages are shown in Courier font To save the changes in nonvolatile memory select Yes and press Parameter names are shown in ita...

Страница 12: ...6...

Страница 13: ...echnology including the adoption of open IT standards have brought huge benefits from an operational perspective but they have also introduced cyber security concerns previously known only to office o...

Страница 14: ...8...

Страница 15: ...at the whole system has backups available from all applicable parts Collecting and storing backups of the system components and keeping those up to date Removing all unnecessary user accounts Defining...

Страница 16: ...be used only for point to point configuration access with PCM600 Table 1 Physical ports on relay s communication cards Port ID Type Default state Description A2 RJ 45 Open Ethernet station bus A2 RS 4...

Страница 17: ...ption 20 21 TCP Open File transfer protocol FTP FTPS 102 TCP Open IEC 61850 502 TCP Closed Modbus TCP FTP FTPS and IEC 61850 are primary services needed for relay configuration and those cannot be dis...

Страница 18: ...rotection relay The RSA key stored in the certificate is used to establish secure communication The certificate is used to verify that a public key belongs to an identity The public key is one part of...

Страница 19: ...HA 256 is stored in the protection relay These are not accessible from outside via any ports No passwords are stored in clear text within the protection relay 2NGA000818 A Section 3 Secure system setu...

Страница 20: ...14...

Страница 21: ...s used to manage the local user accounts User accounts can be created under any role Administrator needs to share the default password generated for the user account by the tool with the users and rec...

Страница 22: ...ad Write Read Write Read Read System Update Read Write Read Read Read User Management Read Write Read Read Read User account information can be exported from IED Users in PCM600 to an encrypted file w...

Страница 23: ...no role selection required The highest role for the username is automatically selected by the protection relay Performing the Restore Factory settings operation in IED Users in PCM600 restores user a...

Страница 24: ...ords and password policies are restored User authorization is disabled by default and can be enabled via the LHMI path Configuration Authorization Passwords User configuration change is not allowed wh...

Страница 25: ...t change to maintain the memory storage Audit trail events related to user authorization login logout are defined according to the selected set of requirements from IEEE 1686 The logging is based on p...

Страница 26: ...be used to view the audit trail events and process related events Audit trail events are visible through dedicated Security events view Since only the administrator has the right to read audit trail a...

Страница 27: ...ter to False 1 Press to activate the login procedure 2 Press or to enter the username character by character Login Select user VIEWER GUID 17B1984C 9E98 49CF B108 12D80C131481 V1 EN US Figure 3 Select...

Страница 28: ...iguration System Enable USB and press 2 Select True and press to enable the relay to detect the USB connection 3 Connect a computer with PCM600 to the relay s USB port 4 Enter the credentials if promp...

Страница 29: ...s closed and a new session is initiated when reconnected 6 2 Logging out An automatic logout occurs 30 seconds after the backlight timeout 1 Press continuously for 3 seconds 2 To confirm logout select...

Страница 30: ...24...

Страница 31: ...r password has been changed Administrator or engineer credentials are needed for authorization 7 1 2 Creating a backup from the PCM600 project Backup from the PCM600 project is made by exporting the p...

Страница 32: ...he display a few seconds after which the relay restarts Avoid the unnecessary restoring of factory settings because all the parameter settings that are written earlier to the relay will be overwritten...

Страница 33: ...t Electronic Devices IEDs Cyber Security Capabilities IP Internet protocol LHMI Local human machine interface Modbus A serial communication protocol developed by the Modicon company in 1979 Originally...

Страница 34: ...28...

Страница 35: ...29...

Страница 36: ...ABB Distribution Solutions P O Box 699 FI 65101 VAASA Finland Phone 358 10 22 11 abb com mediumvoltage Copyright 2022 ABB All rights reserved 2NGA000818 A...

Отзывы:

Нет отзывов

Похожие инструкции для Relion REX610

SACE Tmax XT Series

Бренд: ABB Страницы: 11

Бренд: ABB Страницы: 6

Бренд: Ecco Страницы: 3

Бренд: MacDon Страницы: 2

Бренд: MacDon Страницы: 214

Бренд: MacDon Страницы: 32

Бренд: Nautilus Страницы: 12

Бренд: CAIRE Страницы: 16

Бренд: Barreto Страницы: 20

Бренд: Barreto Страницы: 18

Бренд: Backyard Discovery Страницы: 41

Бренд: vanEE Страницы: 52

Бренд: Caddon Hives Страницы: 3

Бренд: Hacker Страницы: 2

Бренд: J.P. SELECTA Страницы: 8

Бренд: Haemonetics Страницы: 134

Бренд: Hadeco Страницы: 72

Бренд: Quincy Страницы: 31

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды