ABB RELION REX640 Operation Manual page 35

Hide thumbs Also See for RELION REX640:

Technical manual (1960 pages)

Operation manual (164 pages)

Engineering manual (156 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

Table of Contents

1MRS759118 A

REX640

Operation Manual

Table 7:

Device CAM mode values

Parameter

Device CAM mode

For more information, see the cyber security deployment guideline.

Local user account management

Four factory default user accounts (VIEWER, OPERATOR, ENGINEER and

ADMINISTRATOR) have been predefined for the LHMI and the WHMI, each with

different rights and default passwords. The roles for these user accounts are the same

as the username. Additional user accounts can be added for the protection relay.

IED Users in PCM600 is used to manage the user accounts. Each protection relay

supports eight fixed roles and 50 user accounts belonging to any one of these roles.

Each user account can be mapped to a maximum of eight roles.

The factory default passwords can be changed with Administrator user rights or by the

users themselves. Relay user passwords can be changed using the LHMI, IED Users

in PCM600 or the WHMI. Only Administrator can create user accounts and update the

roles-to-rights mapping. Administrator can also reset the passwords of the users.

User authorization is disabled by default for the LHMI and can be enabled with the

Local override parameter via the menu path Configuration/Authorization/

Passwords. WHMI always requires authentication. Changes in user management

settings do not cause the protection relay to reboot. The changes are taken into use

immediately after committing the changed settings.

Central account management

The user accounts and roles can be created and authenticated centrally in a CAM

server. CAM needs to be activated in the protection relay from Account Management

in PCM600.

A CAM server can be a tool such as SDM600 or it can be an Active Directory server

such as Windows AD. There can also be a secondary or redundant CAM server

configured which can act as a backup CAM server if the primary CAM server is not

accessible.

The protection relay is the CAM client and can maintain its own replica database of

the user accounts and roles configured in the CAM server. This CAM replica database

acts as a backup authentication mechanism if primary and secondary CAM servers are

not accessible from the protection relay.

Each protection relay supports eight roles and 50 user accounts in the CAM replica

database. Each user account can be mapped to a maximum of eight roles.

Values

Enabled

Disabled (Default)

Section 3

REX640 overview

Description

Authentication done from the

CAM server

Authentication done from the

local user account management

database

Table of Contents

Show Quick Links

Quick Links:
Relay Hardware

Hide quick links:

Table of Contents

ABB RELION REX640 Operation Manual page 35

Hide quick links:

Related Manuals for ABB RELION REX640

Related Products for ABB RELION REX640

Table of Contents