GE Multilin
F35 Multiple Feeder Protection System
2-3
2 PRODUCT DESCRIPTION
2.1 INTRODUCTION
2
a) ENERVISTA SECURITY
The EnerVista security management system is a role-based access control (RBAC) system that allows an administrator to
manage the privileges of multiple users. This allows for access control of UR devices by multiple personnel within a substa-
tion and conforms to the principles of RBAC as defined in ANSI INCITS 359-2004. The EnerVista security management
system is disabled by default to allow the administrator direct access to the EnerVista software after installation. It is recom-
mended that security be enabled before placing the device in service.
Basic password or enhanced CyberSentry security applies, depending on purchase.
b) PASSWORD SECURITY
Password security is a basic security feature present in the default offering of the product.
Two levels of password security are provided: command and setting.
The following operations are under command password supervision:
•
Changing the state of virtual inputs
•
Clearing the event records
•
Clearing the oscillography records
•
Changing the date and time
•
Clearing energy records
•
Clearing the data logger
•
Clearing the user-programmable pushbutton states
The following operations are under setting password supervision:
•
Changing any setting
•
Test mode operation
The F35 supports password entry from a local or remote connection. Local access is defined as any access to settings or
commands via the faceplate interface. This includes both keypad entry and the through the faceplate RS232 port. Remote
access is defined as any access to settings or commands via any rear communications port. This includes both Ethernet
and RS485 connections. Any changes to the local or remote passwords enables this functionality.
When entering a settings or command password via EnerVista or any serial interface, the user must enter the correspond-
ing connection password. If the connection is to the back of the F35, the remote password must be used. If the connection
is to the RS232 port of the faceplate, the local password applies.
Password access events are logged in the Event Recorder.
c) CYBERSENTRY SECURITY
CyberSentry Embedded Security is a software option that provides advanced security services. When this option is pur-
chased, the basic password security is disabled automatically.
CyberSentry provides security through the following features:
•
An Authentication, Authorization, Accounting (AAA) Remote Authentication Dial-In User Service (RADIUS) client that
is centrally managed, enables user attribution, provides accounting of all user activities, and uses secure standards-
based strong cryptography for authentication and credential protection.
•
A Role-Based Access Control (RBAC) system that provides a permission model that allows access to UR device oper-
ations and configurations based on specific roles and individual user accounts configured on the AAA server (that is,
Administrator, Supervisor, Engineer, Operator, Observer).
•
Security event reporting through the Syslog protocol for supporting Security Information Event Management (SIEM)
systems for centralized cybersecurity monitoring.
•
Strong encryption of all access and configuration network messages between the EnerVista software and UR devices
using the Secure Shell (SSH) protocol, the Advanced Encryption Standard (AES), and 128-bit keys in Galois Counter
Mode (GCM) as specified in the U.S. National Security Agency Suite B extension for SSH and approved by the
National Institute of Standards and Technology (NIST) FIPS-140-2 standards for cryptographic systems.
Summary of Contents for UR F35 Series
Page 10: ...x F35 Multiple Feeder Protection System GE Multilin TABLE OF CONTENTS ...
Page 366: ...5 238 F35 Multiple Feeder Protection System GE Multilin 5 10 TESTING 5 SETTINGS 5 ...
Page 426: ...10 12 F35 Multiple Feeder Protection System GE Multilin 10 6 DISPOSAL 10 MAINTENANCE 10 ...
Page 454: ...A 28 F35 Multiple Feeder Protection System GE Multilin A 1 PARAMETER LISTS APPENDIX A A ...
Page 620: ...F 12 F35 Multiple Feeder Protection System GE Multilin F 2 DNP POINT LISTS APPENDIX F F ...
Page 630: ...H 8 F35 Multiple Feeder Protection System GE Multilin H 3 WARRANTY APPENDIX H H ...
Page 640: ...x F35 Multiple Feeder Protection System GE Multilin INDEX ...