EasyManua.ls Logo

ABB Relion 670 series - Page 71

ABB Relion 670 series
114 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
A substation can be equipped with two redundant authentication servers
operating in a hot standby mode.
If configured by the security administrator
, the IED itself maintains a local
replica in the database with selected users. This database is periodically
updated with data from the server and used as fallback if none of the servers
are reachable.
Note that not all users in the SDM600 server are part of the replica. There might be
users that are not assigned to any replication group. IED only replicates those users
which are part of replication group configured in the IED.
This replication can be disabled using PCM600 by the security administrator,
which means that the IED will forward login requests to the SDM600 for
authorization and in case of problems with the network users will not be able to log
in to the IED.
If user replication has been disabled in a CAM-enabled IED and if
communication with SDM600 is lost, access to that IED will be
denied until communication is re-established.
All communication between the central management and the IEDs is protected
using secure communication. Customers using SDM600 are required to generate
and distribute certificates during the engineering process of the substation. These
certificates ensure mutual trust between IED and for example SDM600, FTP
,
PCM600 and other system.
Table 9: Authority-related IED functions
Function Description
Authority status
ATHSTAT
This function is an indication function block for user logon activity.
User denied attempt to logon and user successful logon are reported.
Authority check
ATHCHCK
To safeguard the interests of our customers, both the IED and the tools that
are accessing the IED are protected, by means of authorization handling. The
authorization handling of the IED and the PCM600 is implemented at both
access points to the IED:
local, through the local HMI
remote, through the communication ports
The IED users can be created, deleted and edited only in the CAM server.
Authority
management
AUTHMAN
This function enables/disables the maintenance menu. It also controls the
maintenance menu logon time out.
For more information on the functions Authority Management (AUTHMAN),
Authority Status (ATHSTAT), and Authority Check (ATHCHCK) functions, refer
to chapter “Basic IED functions” in the Technical Manual.
1MRK 511 399-UEN B Section 5
Central Account Management
670 series 2.2 IEC 65
Cyber security deployment guideline

Table of Contents

Other manuals for ABB Relion 670 series

Preview: Technical Reference Manual
Technical Reference Manual1232 pages
Preview: Technical Manual
Technical Manual1432 pages
Preview: Applications Manual
Applications Manual944 pages
Preview: Operation Manual
Operation Manual100 pages
Preview: Product Guide
Product Guide184 pages
Preview: Installation Manual
Installation Manual112 pages
Preview: Engineering Manual
Engineering Manual176 pages
Preview: Commissioning Manual
Commissioning Manual330 pages
Preview: Installation And Commissioning Manual
Installation And Commissioning Manual260 pages
Preview: Communication Protocol Manual
Communication Protocol Manual66 pages
Preview: Application Guide
Application Guide110 pages
Preview: Quick Start Guide
Quick Start Guide48 pages

Related product manuals