Safety Integrity Level (Sil); Security Considerations - Honeywell SMV800 SmartLine User Manual

2.3 Safety Integrity Level (SIL)

SMV800 units with the SIL2/3 capable designation on the nameplate are intended to achieve
sufficient integrity against systematic errors by the manufacturer's design. A Safety Instrumented
Function (SIF) designed with this product must not be used at a SIL level higher than the statement,
without "prior use" justification by the end user or diverse technology redundancy in the design.
Refer to the SMV800 SmartLine Multivariable Transmitter Safety Manual, Document # 34-SM-25-
05, for additional information. SIL is not applicable to Modbus protocol device.

2.4 Security Considerations

SMV800 provides several features designed to prevent accidental changes to the device configuration
or calibration data. These features include a local display password (HART and Modbus options), a
communication password (HART and Modbus options), a Hardware Write Protect Jumper and a
Software Write Protect configuration parameter. These features can be used in combination to
provide multiple layers of change protection.
NOTE: On Modbus devices a connected jumper disables hardware write protect.
On HART devices a connected jumper enables hardware write protect.
For both the local display and communication passwords, the initial user passwords are defined as
"0000". A "0000" password indicates that the user has not set a user-defined password and the
password protection is disabled. The password used on the local keyboard display is separate from the
password provided for communication. Password protection from the local keyboard display does not
inhibit changes by way of communication over the current loop. Reset / Forgot password option is
supported where user can send the serial number of the device to Honeywell Technical Assistance
Center and get the password code. Then user can enter this code to reset the password.
Physical access to a Modbus device needs to be secured from the device or control system.
For maximum security ensure that device is protected both locally and on the serial network from
unauthorized access.
A hardware write protect locks out changes regardless of the entry of a password. The hardware
jumper requires physical access to the device as well as partial disassembly and should not be
modified where the electronics are exposed to harsh conditions or where unsafe conditions exist. For
configuration or calibration changes without changing the hardware jumper position the user may
choose to rely on the password and software lockout features.
Physical access to the device, configuration host and other devices on the control network must be
restricted. Otherwise, a malicious operation may result in process shutdown or otherwise impact
process control. For maximum security, the transmitter and devices must be protected against
unauthorized physical access.
A tamper detection feature (refer to the HART/DE or Modbus option manual) is available to indicate
whether attempts were made to change either the configuration or calibration of the device, even if
write protect is enabled.
SMV800 Transmitter User's Manual
Page 12 Revision 10