Certificate Management; Creating Ied Certificates - ABB RELION 670 SERIES Manual
Cyber security deployment guideline
Hide thumbs
Also See for RELION 670 SERIES:
- Technical manual (1432 pages) ,
- Technical reference manual (1232 pages) ,
- Applications manual (944 pages)
Table of Contents
Advertisement
Section 5
Central Account Management
5.2
5.2.1
42
Certificate management
Security Administrator
SDM600
Start secure communication
Replicate users
Login
Change own password
IEC15000368 V1 EN-US
Figure 21:
Overview of the functionality between the products in the system.
Before any distribution of users and roles can take place, a trust relation must be
established. The CAM server, such as the SDM600, also acts as a CA meaning that
it is able to issue digital certificates. Each device, such as an IED, will have its own
unique device certificate, one which must be imported into the PCM600
configuration and then written to the IED. At this point trust is automatically
established directly between the CAM server and the IED. The Security
Administrator is responsible for this setup.
Creating IED certificates
As mention above, SDM600 can be used to create IED certificates. Below follows
a short guide on how to create device certificates.
1.
In PCM600, export the Substation Configuration Description (SCD).
Manually transferred certificate
files
IED
Cyber security deployment guideline
1MRK 511 399-UEN B
GUID-FFF5C8F8-8227-435E-8E5B-70D37D8E86DC v1
Normal User
PCM600
Start secure communication
Deploy certificate to IED
Write Role to Right mapping
Activate CAM
Deactivate CAM
Login
Change own password
IEC15000368-1-en.vsdx
GUID-DBE03CD9-0BA9-48F0-AC9A-8CE1E33AD11B v1
670 series 2.2 IEC
Advertisement
Table of Contents
