GE b30 Instruction Manual page 19
Bus differential system
Hide thumbs
Also See for b30:
- Instruction manual (633 pages) ,
- Communications manual (532 pages) ,
- Technical reference manual (252 pages)
Table of Contents
Advertisement
CHAPTER 2: PRODUCT DESCRIPTION
CyberSentry provides security through the following features:
•
An Authentication, Authorization, Accounting (AAA) Remote Authentication Dial-In User Service (RADIUS) client that is
centrally managed, enables user attribution, provides accounting of all user activities, and uses secure standards-
based strong cryptography for authentication and credential protection
•
A Role-Based Access Control (RBAC) system that provides a permission model that allows access to UR device
operations and configurations based on specific roles and individual user accounts configured on the AAA server (that
is, Administrator, Supervisor, Engineer, Operator, Observer roles)
•
Security event reporting through the Syslog protocol for supporting Security Information Event Management (SIEM)
systems for centralized cybersecurity monitoring
•
Strong encryption of all access and configuration network messages between the EnerVista software and UR devices
using the Secure Shell (SSH) protocol, the Advanced Encryption Standard (AES), and 128-bit keys in Galois Counter
Mode (GCM) as specified in the U.S. National Security Agency Suite B extension for SSH and approved by the National
Institute of Standards and Technology (NIST) FIPS-140-2 standards for cryptographic systems
CyberSentry user roles
CyberSentry user roles (Administrator, Engineer, Operator, Supervisor, Observer) limit the levels of access to various UR
device functions. This means that the EnerVista software allows for access to functionality based on the user's logged in
role.
Example: Administrative functions can be segmented away from common operator functions, or engineering type access,
all of which are defined by separate roles (see figure) so that access of UR devices by multiple personnel within a
substation is allowed.
The table lists user roles and their corresponding capabilities.
Table 2-3: Permissions by user role for CyberSentry
Roles
Device Definition
Settings
|---------- Product Setup
|--------------- Security
(CyberSentry)
|--------------- Supervisory
|--------------- Display Properties
|--------------- Clear Relay Records
(settings)
B30 BUS DIFFERENTIAL SYSTEM – INSTRUCTION MANUAL
Figure 2-2: CyberSentry user roles
Administrator
Engineer
Complete access Complete access
except for
CyberSentry
Security
R
R
RW
R
See table notes
R
RW
RW
RW
RW
Operator
Supervisor
Observer
Command
Authorizes
Default role
menu
writing
R
R
R
R
R
R
R
See table
R
notes
R
R
R
R
R
R
SECURITY
2
2-5
Advertisement
Table of Contents
