One user can have one or several user roles. By default, the users in Table 564 are
created in the IED, and when creating new users in the SDM600 server, the
predefined roles from Table 565 can be used.
At delivery, the IED user has full access as SuperUser when using
the LHMI and as Administrator when using FTP or PCM600 until
Central Account Management is activated.
Table 564: Default users
User name User rights
SuperUser Full rights, only presented in LHMI. LHMI is logged on by default until other users
are defined
Guest Only read rights, only presented in LHMI. LHMI is logged on by default when
other users are defined (same as VIEWER)
Administrator Full rights. Password: Administrator. This user has to be used when reading out
disturbances with third party FTP-client.
Table 565: Predefined user roles according to IEC 62351-8
User roles Role explanation User rights
VIEWER Viewer Can read parameters and browse the menus from LHMI
OPERATOR Operator Can read parameters and browse the menus as well as
perform control actions
ENGINEER Engineer Can create and load configurations and change settings
for the IED and also run commands and manage
disturbances
INSTALLER
Installer Can load configurations and change settings for the IED
SECADM Security
administrator
Can change role assignments and security settings. Can
deploy certificates.
SECAUD Security auditor Can view audit logs
RBACMNT RBAC
management
Can change role assignment
ADMINISTRATOR Administrator
rights
Sum of all rights for SECADM, SECAUD and RBACMNT
This User role is vendor specific and
not defined in IEC 62351–8
Changes in user management settings do not cause an IED reboot.
The PCM600 tool caches the login credentials after successful login
for 15 minutes. During that time no more login will be necessary.
1MRK 505 394-UEN A Section 20
Security
Line differential protection RED650 2.2 IEC 759
Technical manual
To Next Page
Loading...
