ABB RELION 670 SERIES Manual page 28

Section 4
Local user account management
22
User roles Role explanation
SECAUD Security auditor
RBACMNT RBAC
management
ADMINISTRATOR Administrator
rights
Changes in user management settings do not cause an IED reboot.
After three consecutive failed login attempts the user will be locked
out for ten minutes before a new attempt to login can be performed.
This time is settable 10 minutes to 60 minutes.
The PCM600 tool caches the login credentials after successful login
for 15 minutes. During that time no more login will be necessary.
Table 4: Authority-related IED functions
Function Description
Authority status This function is an indication function block for user logon activity.
ATHSTAT User denied attempt to log-on and user successful logon are reported.
Authority check To safeguard the interests of our customers, both the IED and the tools that
ATHCHCK are accessing the IED are protected, by means of authorization handling. The
authorization handling of the IED and the PCM600 is implemented at both
access points to the IED:
•
•
The IED users can be created, deleted and edited only in the CAM server.
Authority This function enables/disables the maintenance menu. It also controls the
management maintenance menu log on time out.
AUTHMAN
For more information on Authority management AUTHMAN, Authority status
ATHSTAT, and Authority check ATHCHCK functions, see Chapter Basic IED
functions in technical manual.
User rights
Can view audit logs
Can change role assignment
Sum of all rights for SECADM, SECAUD and RBACMNT
local, through the local HMI
remote, through the communication ports
1MRK 511 399-UEN B
This User role is vendor specific and
not defined in IEC 62351–8
670 series 2.2 IEC
Cyber security deployment guideline