Table of Contents
Advertisement
SDD ES ETH
Security
To secure plants, systems, machines and networks against cyberthreats it is necessary to
implement (and continuously maintain) an overall industrial security concept that is state of
the art.
Perform a risk assessment in accordance with VDI/VDE 2182 or IEC 62443-3-2 and plan
the security measures with care. If necessary, seek advice from Pilz Customer Support.
Implemented security measures
}
The web application is protected against unauthorised access by a password prompt.
}
The password is saved in an encrypted format.
}
If a password is changed, you will be prompted to enter the old password for authentica-
tion.
}
A user will automatically be logged out of the web application after a session duration of
24 hours.
}
Defend against CSRF attacks by assigning a unique token to a session.
Required security measures
}
The product is not protected from physical manipulation or from reading of memory con-
tents during physical access. We therefore recommend that you install the product in a
lockable control cabinet.
}
The computer that accesses the product has to be protected from attacks by a firewall or
other suitable measures. We recommend that a virus scanner is used on this computer
and updated regularly.
}
Ensure that the product is separated by a router (layer 3 switch or firewall) from the com-
pany network.
Fig.: Example network topology
}
If necessary, protect the computer and the product from unauthorised use by assigning
passwords and taking further measures if required. We also recommend that the logged
in user does not have administrator rights.
Operating Manual SDD ES ETH
1003824-EN-06
Company firewall
Internet
Company network
Configuration computer
Machine firewall
Machine network
Product
| 10
Advertisement
Table of Contents
