The controller has a user database. There is a project on the controller; HTTP, HTTPS, FTP,
and Telnet have been activated in the HW Config.
User password authentication is mandatory for access to websites with sensitive content (e.g.
firmware update watch table, ...), FTP, and Telnet.
Security Level High
High security with maximum access protection:
HTTP, HTTPS, FTP, and Telnet have been deactivated via HW Config. Access to the Ethernet
via the various ports of the services is then no longer possible.
State transition from security level low to normal
After taking delivery of the device, the user creates a project and loads it onto the device. This
can be done by using the download functions of the SCOUT, by loading it directly onto the
memory card (e.g. also via FTP), or via the Manage Config website, Device update tab.
Whichever method is used, the act of loading a project onto the device corresponds to a
transition from security level low to security level normal from the point of view of the web
server.
Resetting the security level from normal to low
If the user forgets to edit the UserDataBase.xml during initial commissioning, it will no longer
be possible to access FTP, web services, or access-protected pages during use.
If there is no mechanical access to the memory card or the device, this can be achieved with
the SCOUT function "Delete user data on card". After setting up the user administration, the
project must be downloaded again.
Alternatives without SCOUT:
Setting the service selector switch to position "8" restores security level low (SIMOTION IT
service mode). Using this method, the device can always be reset to security level low by
hardware means. The following behavior must be taken into account:
● The "Service mode" is activated by turning the SVC switch to position "8".
● If the switch is already set to "8" at ramp-up, it is ignored (protection against forgetfulness).
● The service mode stops immediately when position "8" is exited.
● The service mode stops automatically after 120 minutes.
● It is possible to retrigger 120 minute timeout at any time by turning the switch briefly from
"8" to "7" and back, for example.
● The service mode is indicated (as for underlicensing) through slow red flashing of the SF
LED.
● In service mode, a login with an OPC UA Client is always possible, irrespective of the
selected password and user name or the set read and write rights.
Diagnostics
9.3 Additional service and diagnostics options
SIMOTION D4x5-2
410
Commissioning and Hardware Installation Manual, 03/2018, A5E33441636B