Abb Relion rex610 User manual

—

RELION® PROTECTION AND CONTROL

REX610

Cyber Security Deployment Guideline

Document ID: 2NGA000818

Issued: 2022-04-21

Revision: A

Product version: 1.0

This document and parts thereof must not be reproduced or copied without written

permission from ABB, and the contents thereof must not be imparted to a third

party, nor used for any unauthorized purpose.

The software or hardware described in this document is furnished under a license

and may be used, copied, or disclosed only in accordance with the terms of such

license.

This product includes software developed by the OpenSSL Project for use in the

OpenSSL Toolkit. (http://www.openssl.org/) This product includes cryptographic

software written/developed by: Eric Young ([email protected]) and Tim Hudson

([email protected]).

Trademarks

ABB and Relion are registered trademarks of the ABB Group. All other brand or

product names mentioned in this document may be trademarks or registered

trademarks of their respective holders.

Warranty

Please inquire about the terms of warranty from your nearest ABB representative.

abb.com/mediumvoltage

Disclaimer

The data, examples and diagrams in this manual are included solely for the concept

or product description and are not to be deemed as a statement of guaranteed

properties. All persons responsible for applying the equipment addressed in this

manual must satisfy themselves that each intended application is suitable and

acceptable, including that any applicable safety or other operational requirements

are complied with. In particular, any risks in applications where a system failure

and/or product failure would create a risk for harm to property or persons

(including but not limited to personal injuries or death) shall be the sole

responsibility of the person or entity applying the equipment, and those so

responsible are hereby requested to ensure that all measures are taken to exclude or

mitigate such risks.

This product has been designed to be connected and communicate data and

information via a network interface which should be connected to a secure

network. It is the sole responsibility of the person or entity responsible for network

administration to ensure a secure connection to the network and to take the

necessary measures (such as, but not limited to, installation of firewalls, application

of authentication measures, encryption of data, installation of anti virus programs,

etc.) to protect the product and the network, its system and interface included,

against any kind of security breaches, unauthorized access, interference, intrusion,

leakage and/or theft of data or information. ABB is not liable for any such damages

and/or losses.

This document has been carefully checked by ABB but deviations cannot be

completely ruled out. In case any errors are detected, the reader is kindly requested

to notify the manufacturer. Other than under explicit contractual commitments, in

no event shall ABB be responsible or liable for any loss or damage resulting from

the use of this manual or the application of the equipment. In case of discrepancies

between the English and any other language version, the wording of the English

version shall prevail.

Conformity

This product complies with the directive of the Council of the European

Communities on the approximation of the laws of the Member States relating to

electromagnetic compatibility (EMC Directive 2014/30/EU) and concerning

electrical equipment for use within specified voltage limits (Low-voltage directive

2014/35/EU). This conformity is the result of tests conducted by the third party

testing laboratory KEMA in accordance with the product standard EN 60255-26

for the EMC directive, and with the product standards EN 60255-1 and EN

60255-27 for the low voltage directive. The product is designed in accordance with

the international standards of the IEC 60255 series.

Table of contents

Section 1 Introduction.......................................................................3

This manual........................................................................................ 3

Intended audience.............................................................................. 3

Product documentation.......................................................................4

Product documentation set............................................................4

Document revision history............................................................. 4

Related documentation..................................................................4

Symbols and conventions...................................................................4

Symbols.........................................................................................4

Document conventions.................................................................. 5

Section 2 Security in distribution automation................................... 7

General security in distribution automation........................................ 7

Section 3 Secure system setup........................................................9

Basic system hardening rules.............................................................9

Relay communication interfaces.......................................................10

TCP/IP based protocols and used IP ports...................................... 11

Secure communication..................................................................... 12

Certificate handling......................................................................12

Encryption algorithms.................................................................. 12

Section 4 User management..........................................................15

Local user account management..................................................... 15

Password policies.............................................................................17

Section 5 Security logging..............................................................19

Audit trail...........................................................................................19

Section 6 Using local HMI.............................................................. 21

Logging in......................................................................................... 21

Logging in via USB port...............................................................22

Logging out.......................................................................................23

Section 7 Protection of relay and system configuration................. 25

Backup files...................................................................................... 25

Creating a backup from the relay configuration...........................25

Creating a backup from the PCM600 project.............................. 25

Restoring factory settings................................................................. 26

Restoring the administrator password.............................................. 26

Table of contents

REX610 1

Cyber Security Deployment Guideline

Section 8 Glossary......................................................................... 27

Table of contents

2REX610

Cyber Security Deployment Guideline

Section 1 Introduction

1.1 This manual

The cyber security deployment guideline describes the process for handling cyber

security when communicating with the protection relay. The cyber security

deployment guideline provides information on how to secure the system on which

the protection relay is installed. The guideline can be used as a technical reference

during the engineering phase, installation and commissioning phase, and during

normal service.

1.2 Intended audience

This guideline is intended for the system engineering, commissioning, operation

and maintenance personnel handling cybersecurity during the product lifecycle.

The personnel is expected to have general knowledge about topics related to

cybersecurity.

• Protection and control devices, gateways and workstations

• Networking, including Ethernet and TCP/IP with its concept of ports and

services

• Security policies

• Firewalls

• Antivirus protection

• Application whitelisting

• Secure remote communication

2NGA000818 A Section 1

Introduction

REX610 3

Cyber Security Deployment Guideline

1.3 Product documentation

1.3.1 Product documentation set

Communication protocol manual

Cyber security deployment guideline

Planning &

purchase

Engineering

Installation

Commissioning

Operation

Maintenance

Decommissioning,

deinstallation & disposal

Quick start guide

Quick installation guide

Brochure

Product guide

Operation manual

Installation manual

Connection diagram

Engineering manual

Technical manual

IEC 61850 engineering guide

GUID-36243071-4B06-48B2-B2D9-3CE41B04C031 V1 EN-US

Figure 1: The intended use of documents during the product life cycle

1.3.2 Document revision history

Document revision/date Product version History

A/2022-04-21 1.0 First release

1.3.3 Related documentation

Download the latest documents from the ABB Web site abb.com/mediumvoltage.

1.4 Symbols and conventions

1.4.1 Symbols

The caution icon indicates important information or warning related

to the concept discussed in the text. It might indicate the presence

of a hazard which could result in corruption of software or damage

to equipment or property.

Section 1 2NGA000818 A

Introduction

4REX610

Cyber Security Deployment Guideline

Other manuals for Relion REX610

Table of contents

Popular Industrial Equipment manuals by other brands

G.B.C

G.B.C BASIC EDGE 50 instruction manual

Tronair

Tronair Batpak 11-6602-1000 Operation & service manual

Pilz

Pilz PNOZ mi2p Operation manual

Clemco

Clemco Zero BNP 6012 manual

Erskine Attachments

Erskine Attachments V-Plow Operator's manual

Morra

Morra MH 540 user manual

Eaton

Eaton S090ST manual

GRIGGIO

GRIGGIO G 240 P4 instructions

Nexen

Nexen AIR CHAMP HT45 user manual

WTE

WTE V5 installation manual

SMC Networks

SMC Networks CJP Series Operation manual

JohnDow Industries

JohnDow Industries JDI-AFT58 Operator's manual

IMB

IMB MB9016A instruction manual

Clarke

Clarke CUMB1 Assembly & operating instructions

amiad

amiad Arkal Spin Klin 2 user guide

Maxima

Maxima GIUNTOMAX Use and maintenance manual

Grizzly

Grizzly T32428 owner's manual

Siemens

Siemens 8MF1 Series operating instructions

ABB Relion REX610 User manual

Popular Industrial Equipment manuals by other brands