Audit Trail - ABB RELION 620 Series Technical Manual

1MAC504801-IB E
2.4.1
620 series ANSI
Technical Manual
Table 3: Predefined user categories
Username
VIEWER
OPERATOR
ENGINEER
ADMINISTRATOR
For user authorization for PCM600, see PCM600 documentation.

Audit trail

The protection relay offers a large set of event-logging functions. Critical system and
protection relay security-related events are logged to a separate nonvolatile audit trail for
the administrator.
Audit trail is a chronological record of system activities that allows the reconstruction and
examination of the sequence of system and security-related events and changes in the
protection relay. Both audit trail events and process related events can be examined and
analyzed in a consistent method with the help of Event List in LHMI and WHMI and
Event Viewer in PCM600.
The protection relay stores 2048 audit trail events to the nonvolatile audit trail.
Additionally, 1024 process events are stored in a nonvolatile event list. Both the audit trail
and event list work according to the FIFO principle. Nonvolatile memory is based on a
memory type which does not need battery backup nor regular component change to
maintain the memory storage.
Audit trail events related to user authorization (login, logout, violation remote and
violation local) are defined according to the selected set of requirements from IEEE 1686.
User rights
Read only access
•
Selecting remote or local state with
• Changing setting groups
• Controlling
• Clearing indications
• Changing settings
• Clearing event list
• Clearing DFRs and load profile record
• Changing system settings such as IP address, serial baud rate or
DFR settings
• Setting the protection relay to test mode
• Selecting language
• All listed above
• Changing password
• Factory default activation
Section 2
620 series overview
(only locally)
47