Siemens FEC920 User Manual page 14

Flow energy calculator

Hide thumbs Also See for FEC920:

Quick start manual (10 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

page of 247

/ 247
Contents
Table of Contents
Bookmarks

Table of Contents

2.6

FIRMWARE

From time to time, to provide new functionality or address known issues, Siemens may make new versions of the

FEC920 firmware available.

This firmware may be downloaded from the Siemens website, and transferred to a FEC920 instrument in the field,

via a USB memory stick (or FTP server).

Caution: Non-Schneider Electric firmware

2.7

SUPPORTED PROTOCOLS AND THREAT MITIGATIONS

The FEC920 supports the following protocols on Ethernet. For each protocol, a list of mitigations are provided.

As a general comment, the firewall is configured to block all ports except those required for installed/enabled

options.

2.7.1 FTP Client

An external FTP client can access the FTP server on the instrument. This FTP server has default remote

username & password for each of the default users, passwords can be modified. Additional users can be added

with configurable remote username and passwords.

To mitigate threats:

Physically protect access to subnet(s) in use.

Firewall to block TCP port 21.

It is recommended that user's should change their passwords regularly, this could be done manually or by

using the password expiry feature.

2.7.2 FTP Server

Up to two external FTP servers can be configured. The FEC920 will then connect to these servers as an FTP

client and push archive files to the servers.

Threat mitigation as for FTP Client.

2.7.3 ICMP (ping)

The FEC920 will respond to a ping to aid network diagnostics.

To mitigate threats:

Physically protect access to subnet(s) in use.

Use a firewall to block ICMP / ping.

2.7.4 DHCP

The FEC920 can allocate its IP address using DHCP; however this is typically set to fixed IP address allocation

by configuration. The DHCP server could be spoofed allocating an invalid IP address to the instrument.

To mitigate threats:

Use fixed IP address allocation.

Physically protect access to subnet(s) in use.

Page 6

FEC920: USER GUIDE

There is a potential risk that an attacker could upgrade a FEC920 with non-

genuine firmware that contains malicious code. To mitigate this potential risk,

genuine FEC920 firmware upgrade utility executables are always supplied digitally

signed with the publisher as Schneider Electric. Do not use a firmware upgrade

utility if it has not been signed by Schneider Electric.

Failure to follow these instructions can result in injury or equipment damage.

A5E45696052A Rev-AA

September 18

Table of Contents

Siemens FEC920 User Manual page 14

Related Manuals for Siemens FEC920

Related Products for Siemens FEC920

Table of Contents