System Integrity - Siemens SINAMICS Configuration Manual

Industrial security, medium-voltage converter

Hide thumbs Also See for SINAMICS:

Equipment manual (104 pages)

Quick install manual (2 pages)

List manual (1976 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

page of 236

/ 236
Contents
Table of Contents
Bookmarks

Table of Contents

General security measures

4.3 System integrity

4.3

System integrity

System integrity encompasses all of the measures to protect automation and drive systems –

along with control components, SCADA and HMI systems – that have to be protected against

unauthorized access and malware.

4.3.1

System hardening

4.3.1.1

Reduction of attack points

Services and ports

Activated services and ports represent a risk. Activate only the necessary services for all of

the automation components to minimize the risk. Ensure that all activated services are taken

into account in the security concept, especially web servers, FTP, remote maintenance, etc.

A description of all of the ports used can be found in chapter "Security Measures for

SINAMICS (Page 31)" or in the operating instructions and Function Manuals of the respective

products.

User accounts

Any active user account that allows access to the system is thus a potential risk. Therefore,

take the following security measures:

● Reduce the number of configured/activated user accounts to the actually needed minimum

● Use secure access data for existing accounts. This also involves assigning a secure

password.

● Regularly check the locally configured user accounts in particular.

● Regularly change the passwords.

PC in the industrial environment

PCs used in the industrial environment must comply with the generally valid security

recommendations. Therefore, take the following measures:

● Have the selected PC set up and administered by appropriate departments. Have the PC

checked regularly and kept up to date via patches. Thus it is ensured that software and

operating systems which are supported and maintained by the manufacturer are installed.

● Regularly install security updates and patches for the installed operating system. For more

information, refer to the Section "Patch management (Page 29)".

● Regularly install and update a current virus scanner on the PC that is used.

Alternatively, you can apply whitelisting (Page 29) and network segmentation (Page 21)

techniques.

● Configure the PC without administrator rights if possible.

Configuration Manual, 08/2017, A5E36912609A

Industrial Security

Table of Contents

Show Quick Links

Hide quick links:

Table of Contents

System Integrity - Siemens SINAMICS Configuration Manual

4.3 System integrity

Hide quick links:

Related Manuals for Siemens SINAMICS

Related Content for Siemens SINAMICS

Table of Contents