3
S M A RT COM M U N I C ATI ON C A R D
M A N UA L
—
1. Purpose and Basic Description
This document provides step-by-step instructions for how to set up the Smart Communication Card (SCC), connect devices to
SCC using OPC UA, Modbus TCP and RTU. The manual also describes how to use JSON files for defining addressing. In addi-
tion, monitoring of data from the connected devices to the SCC using UsExpert is also described.
Note: The Smart Communication Card will be referred to as SCC in this user manual.
—
2. Important disclaimers & recommendations
2.1.
Cyber security legal disclaimer
The SCC is designed to be connected in the ABB and 3
rd
party products and communicate information data via network inter-
face. It is the user’s sole responsibility to provide and continuously ensure a secure connection between the product and the
user’s network or any other. The user shall establish and maintain any appropriate measures (such as but not limited to the
installation of firewalls, application of authentication measures, encryption of data, installation of anti-virus programs, etc.)
to protect the product, the network, its system, and the interface against any kind of security breaches, unauthorized ac-
cess, interference, intrusion, leakage and/or theft of data or information. ABB and its affiliates are not liable for damages
and/or losses related to such security breaches, any unauthorized access, interference, intrusion, leakage and/or theft of
data or information. The data, examples and diagrams in this manual are included solely for the concept or product descrip-
tion and are not to be deemed as a statement of guaranteed properties. All people responsible for applying the equipment
addressed in this manual must satisfy themselves that each intended application is suitable and acceptable, including that
any applicable safety or other operational requirements are complied with. Any risks in applications where a system failure
and/or product failure would create a risk for harm to property or persons (including but not limited to personal injuries or
death) shall be the sole responsibility of the person or entity applying the equipment, and those so responsible are hereby
requested to ensure that all measures are taken to exclude or mitigate such risks. This document has been carefully checked
by ABB, but deviations cannot be completely ruled out. In case any errors are detected, the reader is kindly requested to no-
tify the manufacturer. Other than under explicit contractual commitments, in no event shall ABB be responsible or liable for
any loss or damage resulting from the use of this manual or the application of the equipment.
2.2.
JSON files
JSON files are provided as examples of how data can be retrieved from the devices. Please see the “JSON files” chapter for
details. The user must adapt the files according to the application requirement.
2.3.
UaExpert
UaExpert is software provided by Unified Automation. We suggest using this software to monitor the data as described in
the “UaExpert” chapter.
Important: This software does not belong to ABB, and we take no responsibility for its functionality.
2.4.
Firewall set up of SCC
We strongly recommend using the firewall setting s described in section 5.2 of this instruction manual.
2.5.
Private certificate for 3rd party clouds
We strongly recommend that, for 3rd party cloud, private key must be generated the by the 3rd party cloud and implemented
in the SCC
2.6.
Making your Networks more secure:
Following points are strongly recommended to make networks more secure:
Isolate your network
Separate the OT network (operation technology) from the IT network (information technology). This
helps prevent any attack reaching the IT network from spreading to the OT network.
Use firewalls
Implement firewalls to prevent unauthorized access to the OT network.
Use access control
Implement access controls to restrict the human and device access to the OT network.
Keep software up to
date
Make sure all software/firmware of the devices are up to date to have the latest
security updates installed.
Reduce attack sur-
face
on devices
Disable device functions, services and ports not needed.
Replace default
passwords
Replace all default passwords of the devices to prevent attacker from getting access using default
credentials.
Monitor network ac-
tivity
Monitor the OT network for any malicious activities that could be a sign of an attack. Example of net-
work monitoring tool is intrusion detection system (IDS).
Train employees
Train operators and service people on IT and OT security best practices.
