Cyber-Security Implementation; Nerc-Compliant Display - GE MiCOM P40 Technical Manual

Hide thumbs Also See for MiCOM P40:

Table of Contents

CYBER-SECURITY IMPLEMENTATION

The General Electric IEDs have always been and will continue to be equipped with state-of-the-art security

measures. Due to the ever-evolving communication technology and new threats to security, this requirement is

not static. Hardware and software security measures are continuously being developed and implemented to

mitigate the associated threats and risks.

This section describes the current implementation of cyber-security. This is valid for the release of platform

software to which this manual pertains. This current cyber-security implementation is known as Cyber-security

At the IED level, these cyber-security measures have been implemented:

NERC-compliant default display

Four-level access

Enhanced password security

Password recovery procedure

Disabling of unused physical and logical ports

Inactivity timer

Security events management

External to the IEDs, the following cyber-security measures have been implemented:

Security patch management

For the device to be NERC-compliant, it must provide the option for a NERC-compliant default display. The default

display that is implemented in our cyber-security concept contains a warning that the IED can be accessed by

authorised users. You can change this if required with the User Banner setting in the SECURITY CONFIG column.

If you try to change the default display from the NERC-compliant one, a further warning is displayed:

The default display navigation map shows how NERC-compliance is achieved with the product's default display

P446SV-TM-EN-1

ACCESS ONLY FOR

AUTHORISED USERS

DISPLAY NOT NERC

COMPLIANT OK?

Chapter 22 - Cyber-Security