1. Manuals
  2. Brands
  3. Siemens Manuals
  4. Controller
  5. SIPROTEC 5 V7.80
  6. Operation

Siemens SIPROTEC 5 V7.80 Operation page 252

Hide thumbs
Table of Contents

Advertisement

Security Settings in the Device
11.8 Recording of Cyber-Security Events
Event/Alarm Summary
Configuration change
Firmware change
AuditLog access
Change in time and date
Security management
Logon failed
Product restart
Invalid configuration and
firmware
NOTE
i
i
The use of a confirmation ID is not logged. Only cyber security-related events are logged.
Availability via Communication Protocols
If necessary, you can send cyber safety-critical alarms or warning indications to a supervision system (such as a
control center) via the following communication protocols:
IEC 60870-5-104
DNP3
IEC 61850
IEC 60870-5-103
All warning indications or alarms are available as temporary indications.
252
Syslog Message
Event Information
Severity
WARNING
Events that display a change in the current configura-
tion, for example, from changing a parameter
WARNING
Events relating to uploading the device firmware in the
device
WARNING
Events relating to displaying and downloading the Audit-
Trail of the device
WARNING
Event that displays the changes in the current date/time
configuration.
ALARM
Events that display changes in the current security
configuration for the following elements:
ALARM
Events for a failed logon attempt. If RBAC is active, the
failed logons are logged after 3 attempts for one user
name within the configured time frame. Afterward, each
additional incorrect attempt for the same user name is
logged as well until the maximum number of logon
attempts has been reached. Once the number of logon
attempts has been exhausted, the logon for that user
name is blocked for the configured time span. That is,
additional logon attempts for that user name are refused
and logged, regardless of whether the combination of
user name and password is correct or not. Once the
blocking time has elapsed, the counter for the blocked
user name is reset. The counter for this user name is also
reset if a successful logon attempt occurs for this user
name or if the time span has elapsed without reaching
the maximum number of logon attempts.
ALARM
Events upon restarting the device. Booting or restarting
the device by removing the power supply or by using a
device-internal restart mechanism, for example, a reset
button, switch-on sequence, or access to software, is
logged.
ALARM
Events upon detection of an invalid configuration or
firmware, for example, a SIPROTEC 5 device signature
check
User management
User authentication
Secure communication
Settings for security supervision (logging)
SIPROTEC 5, Operation, Manual
C53000-G5040-C003-9, Edition 06.2018

Advertisement

Table of Contents
loading

Related Manuals for Siemens SIPROTEC 5 V7.80

Related Products for Siemens SIPROTEC 5 V7.80

Table of Contents