Function Packages
56 Unrestricted SICAM A8000 / CP-8000 • CP-8021 • CP-8022 Manual
DC8-037-2.02, Edition 10.2017
3.1 System Services
The function package System Services provides general functions and basic services that are
required by other function packages. It contains
• IPSec VPN
• Security Logging
• Communication with the engineering system
• Integrated webserver
• Data flow control
• Addressing
• Real-time concept
• General interrogation
• Monitoring functions
• Failure management
• Diagnostics and signaling
• Autonomy
• Storage of application data
• Storage of firmware
3.1.1 IPSec VPN
IPSec VPN (Internet Protocol Security – Virtual Private Network) is an extension of the Inter-
net Protocol (IP) for encryption and authentication mechanisms. IPSec VPN actively estab-
lishes a VPN tunnel (initiator), which guarantees the required confidentiality, authenticity and
integrity of data transmission in IP networks. The termination of the IPSec VPN tunnel takes
place in a router. CP-8000/CP-802x supports one IPSec VPN tunnel.
Thus, it is e.g. possible, to completely secure the IEC 60870-104 communication between
CP-8000/CP-802x and a higher-level control center, even if the connection is running over a
public network.
CP-8000/CP-802x uses the IKE protocol (Internet Key Exchange) and the PSK
authentification process (Pre-Shared Key). The used pre-shared key can be set by means of
the engineering tool (e.g. SICAM TOOLBOX II) and is securely stored in SICAM TOOLBOX II
and also in CP-8000/CP-802x.
3.1.2 Security Logging
CP-8000/CP-802x provides a security logbook which acquires security-relevant events and
transmits it by means of a SysLog client to a SysLog server. One automation unit can operate
several SysLog clients (up to 20).
To Next Page
Loading...
Need help?
General
