Recorders, Data Loggers, and Control Products
Contents
1. External software uR10000 uR20000 Chart Record YS1000 Series UT32A UT35A UT52A UT55A UP35A UP55A UM33A Measurement management application Modbus server Modbus client External software ers YS1000 Series Single loop Controllers UTAdvanced Digital Indicating Controllers Program Controllers Digital Indicator with Alarms TI 04A02A01 00EN Aug 31 2015 00 4 Overview of the Products That This Document Applies To 1 1 0 FTP Protocol Paperless recorders data acquisition system and data acquisition units The file management application saves data residing in the main memory to files on an external storage medium Depending on how the instrument is configured the file management application generates daily weekly and other types of report files These files are saved to an external storage medium disk or memory card that is inserted into the instrument The FTP server feature can be used to manipulate the files and directories in the external storage medium The measurement and report files described above are stored in specified directories Authenticated users can retrieve and delete existing files and save new files If the FTP client feature is enabled files can be automatically transferred to registered FTP servers when the files are created or when specific events occur The FTP server has a user authentication feature When the server s login featu2. In principle users cannot add new program codes to or create new applications in these instruments As an exception some products do allow users to update the embedded software However only specific code can be embedded in a specific way so there is no threat of software updates leading to the introduction of malicious programs into these instruments Communication Protocols Ethernet and TCP IP Protocol Applicable products come with standard or optional 1OBASE T or 1OOBASE TX Ethernet ports Ethernet communication uses stable TCP and UDP protocols that are based on IPv4 The applicable products allow IP addresses subnet masks and default gateways to be specified In addition on applicable products equipped with client features destination devices can be specified by their IP address or by their DNS Domain Name System host name The port numbers in the following table are factory default port numbers that have been allotted for the purpose of connecting to the server features of the applicable products The port numbers of some products are fixed Fixed port numbers are indicated as fixed in the table Server Features of GX10 GX20 GP10 GP20 Paperless Recorders and GM Data Acquisition System Port Number Maximum Protocol Simultaneous Connections 502 tcp Multi vendor connection Modbus server 21 tcp File transfer FTP server 123 udp 34434 tcp fixed SNTP Time synchronization SNTP server Yokogawa proprietary Gene
3. Overview of the Products That This Document Applies To Server Feature of UTAdvanced Digital Indicating Controllers Program Controllers Digital Indicator with Alarms Port Number Maximum Protocol Simultaneous Connections 502 tcp Multi vendor connection Modbus server The following figure summarizes the client and server features of each instrument An overview of each protocol is given in the later pages GX10 GX20 GP10 GP20 GM Time F File operation Recording and measurement ati synchroni application application Management application zation SNTP FTP Modbus eneral purpose server server bee server communication ae client client client server A A A A A Y y Y y PAU a WEB Moapa Utility software SMTP server saner browser SONO by YOKOGAWA etc server External software GX10 GX20 GP10 GP20 Paperless Recorders and GM Data Acquisition System MW100 Time File operation Recording and measurement icati synchronization application application Management application SNTP FTP Modbus Setup and Maintenance server server INED k server measurement and test SMTP client client client server server A A A A A A Yy y y y SNTP FTP Modbus Utility client client RA client software Sv ja serve
4. in operating systems and communication protocols are also being adopted in control systems This trend is accelerating the close interaction between information systems and control systems In this type of environment control systems can become targets for attackers and are subject to security threats from computer viruses and other malicious programs Ensuring the safety of measuring systems and control systems is vital to protecting important assets TI 04A02A01 00EN Aug 31 2015 00 1 Introduction 1 2 Applicable Products This document applies to the following products e Chart recorders yUR10000 R20000 e Paperless recorders GX10 GX20 GP10 GP20 DX1000T DX2000T DX1000 DX2000 DX1000N FX1000 DX100P DX200P CX1000 CX2000 e Data acquisition system GM e Data acquisition units MW100 Single loop controllers YS1000 Series e Digital indicating controllers Program controllers Digital indicator with alarms UTAdvanced Trademarks e Ethernet is a registered trademark of Fuji Xerox Corporation e Modbus is a registered trademark of Schneider Automation Inc in the United States e Other company and product names are registered trademarks or trademarks of their respective holders e In this document the TM and symbols do not accompany their respective registered trademark or trademark names TI 04A02A01 00EN Aug 31 2015 00 2 Assets That Should Be Protected 1 3 2 Assets That Should Be Protected You need to ma
5. level C Low probability that the threat will occur Identifying and Evaluating Vulnerabilities Determine the vulnerability of each asset or the vulnerability of the device that contains the asset Vulnerabilities are conditions that allow security threats to adversely affect assets Examples of vulnerabilities are listed below e Flaws in the planning of security measures e Flaws in the execution of security measures e Flaws in the supervision or improvement of security measures e Lack of physical protection e Flaws in the configuration of firewalls e Failure to exterminate viruses and flaws in the application of security patches e Flaws in backing up data system is not being backed up e Insufficient understanding of production control systems and their operation and environment e Lack of system designer and operator awareness about security TI 04A02A01 00EN Aug 31 2015 00 3 Identifying and Evaluating Threats 1 5 Risk Assessment Assess the security risk for each asset or the device containing the asset Risk is assumed to be expressible using the following formula Risk threat x vulnerability x expected loss Risk assessment enables you to prioritize various security measures Risk assessment includes assessing the business loss incurred due to the halting of system functionality the expenses required to repair the damage to the production control system and so on Determine the priority of each security measu
6. Specific Security Features 1 14 DX100P DX200P Paperless Recorders Login Feature The login feature allows only registered users to access the paperless recorders There are two user levels privileges Administrator privileges All features can be used User privileges Writing to external media via FTP and other features are restricted Measured data report data log information status information etc can be retrieved Measurement range adjustments require administrator privileges By enabling the login feature and assigning administrator and user privileges you can control who is able to access the paperless recorders and view measured data and who is able to access the paperless recorders and change their measurement setups Assign appropriate login privileges to users to ensure security Up to 3 administrators and 90 users can be registered in these paperless recorders Audit Trail Feature The audit trail feature saves operation logs configuration change logs and the setup files that were in use Up to 2000 operation log entries can be recorded in the internal memory You can review the operation log to verify what kinds of operations have been performed in the past Sign Record Feature The sign record feature adds batch processing results pass or fail comments the names of users who added information and the date and time that the information was added to the display data and event data files that are stored to ex
7. Technical Recorders Data Loggers and Information Control Products Security Standard TI 04A02A01 O0EN i oa Contents 1 Lice 3 LY 04 1 2 o eeheerer tener nen seeer eer ine y erneee ese an Perens t te ene nel nanne nnne nnmnnn 1 1 Why Security Is Essential c c c cn isin iicoviicceaiieniedieoinieeiedneeneese 1 1 Applicable Product sscecsiea scan thavecensech casa a A 1 2 TRACI ssoi aus crates ancy cua tutasacevastuaedunceia gan dead sales A AE 1 2 2 Assets That Should Be Protected ccccccsseeeseeeeeeeeeeeseeeeeneeeeeseeneseees 1 3 3 Identifying and Evaluating Threats ssssssssnnsnunsunnnnunnnunnnnnnnnunnnnnnnnnnnnn 1 4 Identifying and Evaluating Vulnerabilities 2 0 0 ee eeeeeeeeeseeeteeeeeteeeeneeeneeenes 1 4 RISKASSESSIMEMM croon aaa aiaa aaa Aa aE 1 5 4 Overview of the Products That This Document Applies To 1 6 Comm nication ProtoGol issescoseieas sade sexs isvediars Giana aieiaa adedi edade iidel iir ENEA 1 6 5 Security Threats iii csc inaenea eian ea aa erae saanane i Raspa EAEra kiea 1 11 6 Product Specific Security Features s sssssssunssennrnnnnnunnnnnnnnnnnnnnnnnnnnn 1 12 GX10 GX20 GP10 GP20 Paperless Recorders and GM Data Acquisition System 1 12 MW100 Data Acquisition Units iissa e e a 1 12 DX1000T DX2000T DX1000 DX2000 DX1000N FX1000 Paperless Recorders 1 13 CX1000 CX2000 Paperless RECOrdels c ccececeeeeeeeeeeeeeeeeeeeeeeeeeeeeseeetsaee
8. asured data and who is able to access the instruments and change their measurement setups Assign appropriate login privileges to users to ensure security Up to 50 administrators and normal users can be registered in these instruments SSL Communication Function Communication that sends and receives information encrypted by the SSL Secure Socket Layer protocol is possible Public key encryption and certificate are used to encrypt communication and secure the connection HTTP server and FTP server are supported Log Information By referring to communication logs operation logs FTP logs etc you can determine how the instruments have been operated IP Access Limitation Function Only Modbus access from a registered IP address is allowed Access from an unregistered IP address is rejected This feature prevents unauthorized access and enhances security MW100 Data Acquisition Units Login Feature The login feature allows only registered users to access the MW100 There are two user levels privileges Administrator privileges All features can be used User privileges Writing to external media via FTP and other features are restricted Measured data report data log information status information etc can be retrieved Measurement range adjustments require administrator privileges By enabling the login feature and assigning administrator and user privileges you can control who is able to access the MW100 and view measured d
9. ata and who is able to access the MW100 and change the measurement setup Assign appropriate login privileges to users to ensure security Up to 10 users can be registered in the MW100 Log Information By referring to communication logs operation logs FTP logs etc you can determine how the instruments have been operated TI 04A02A01 00EN Aug 31 2015 00 6 Product Specific Security Features 1 13 DX1000T DX2000T DX1000 DX2000 DX1000N FX1000 Paperless Recorders Login Feature The login feature allows only registered users to access the paperless recorders There are two user levels privileges Administrator privileges All features can be used Administrators can specify which features to make available to normal users Normal user privileges Writing to external media via FTP and other features are restricted Measured data report data log information status information etc can be retrieved Measurement range adjustments require administrator privileges By enabling the login feature and assigning administrator and user privileges you can control who is able to access the paperless recorders and view measured data and who is able to access the paperless recorders and change their measurement setups Assign appropriate login privileges to users to ensure security Up to 5 administrators and 30 normal users can be registered in these paperless recorders Log Information By referring to communication logs ope
10. ation The purpose of education is to ensure that staff members develop knowledge and skills about security and are able to carry out daily operations in accordance with security guidelines Education should include the following objectives e Staff members deepen their understanding about security e Staff members recognize threats and influences on production control systems e Staff members can carry out appropriate security measures and improvements e Staff members understand the proper operation and management of production control systems For example staff members should learn how to check logs to determine whether a system has been attacked Education should be provided at the following occasions Atthe time of employment When the staff members that access the applicable instruments change because of personnel changes or other reasons TI 04A02A01 00EN Aug 31 2015 00 Revision Information Title Recorders Data Loggers and Control Products Security Standard Manual number TI 04A02A01 O0EN June 2012 1st Edition Newly published October 2012 2nd Edition Addition of the models SGMARTDAC GX GP August 2015 3rd Edition Addition of the models SGMARTDAC GM Ota Written by Yokogawa Electric Corporation Published by Yokogawa Electric Corporation 2 9 32 Nakacho Musashino shi Tokyo 180 8750 JAPAN BEE TI 04A02A01 00EN Blank Page
11. confidential information equipment information access rights and software All officers and all employees company wide in Yokogawa Group are required to comply with these In order to ensure compliance with the provisions of these regulations we have to conduct internal audits and regular education Antivirus to information devices and storage media used in the security section are set forth in the administrative rules In the management rules anti virus is stated that it should be performed appropriately It also stated that portable media should be properly managed the handling and management of access rights management Virus protections for products and distributions have been established both development and manufacturing phase in each business divisions and performed by the standards This document contains security guidelines for products that Yokogawa s Network Solutions Business Division provides This document provides generalized risk assessment and security measures for the network Ethernet connections of applicable products and uses standard models as a basis for explaining how to manage applicable products Because new measures are always being taken to counter today s ever changing security threats the contents of this document are subject to change without prior notice Why Security Is Essential In recent years with the advancement of network and information technology open information technologies used
12. data is returned The syntax and operations of commands and responses are defined in the user s manual of each instrument The Yokogawa proprietary protocol has a user authentication feature When the protocol s login feature described later is enabled users can use the protocol only when they enter the appropriate user name and password TI 04A02A01 00EN Aug 31 2015 00 5 Security Threats 1 11 5 Security Threats Notable security threats are listed below Virus Infection Threats There is no threat of the applicable instruments being infected with viruses The operating system used in the instruments is a unique OS for embedded applications In addition off the shelf office applications email clients and browsers which are often targets of viruses and macros are not embedded in the instruments so there is no worry about being compromised by viruses or macros through such programs However the DX MW and other instruments that use external storage may be used as storage stepping stones for files that contain viruses Intrusion Threats The applicable instruments have multiple server features and users can log into them However users cannot start other clients from the instruments so the instruments cannot be used to intrude into other systems or to send obscure emails Network access to instruments measured values and settings can be protected with passwords To use a password to protect an instrument enabl
13. e the login feature in advance Access to instruments is not possible unless the password is known However when you log into an FTP server the user name and password are transmitted in plain text If the network is wiretapped it is possible for the password to be stolen There is always a possibility that a password may be leaked by a person who is not careful There is a possibility of direct intrusion into the instruments when the instruments are installed at remote sites and connected via telephone lines Damages that might occur are data leaks destruction of settings and damage to production facilities and products as a result of improper operation Threats of Information Leaks and Sabotage Chart recorders single loop controllers and digital indicating controllers hold very limited information about networks IP addresses subnet masks default gateways products host and domain names and DNS server addresses Damages that may be incurred due to leaks of these pieces of information are equivalent to or less than damages that may be incurred due to leaks from personal computers On the other hand paperless recorders and data acquisition units have FTP client and SMTP features Therefore these instruments have access information for external FTP servers and SMTP servers Once a user is able to log into these instruments it is possible for the user to obtain such information If the access information is stolen as a result of a leak or
14. eavesdropping of the login password this may allow unauthorized intrusion into relevant servers If intrusion is allowed into instruments measured values may be retrieved settings may be destroyed and output control signals may be operated inappropriately For example if a setting is changed externally and the controlled temperature is raised abnormally produced goods may be damaged Also recorded data may be erased or tampered with TI 04A02A01 00EN Aug 31 2015 00 6 Product Specific Security Features 1 12 6 Product Specific Security Features This chapter explains the security features of each system product They should be assessed when security measures are put in place Each product has features that enhance security GX10 GX20 GP10 GP20 Paperless Recorders and GM Data Acquisition System Login Feature The login feature allows only registered users to access the instruments There are two user levels privileges Administrator privileges All features can be used Administrators can specify which features to make available to normal users Normal user privileges Writing to external media via FTP and other features are restricted Measured data report data log information status information etc can be retrieved Operation setting authority can be set up individually By enabling the login feature and assigning administrator and user privileges you can control who is able to access the instruments and view me
15. ed 4 When an alarm occurs due to measurement errors or other reasons For each situation you can set 1 whether to send an email 2 the subject 3 the destinations whether to send email to each of two groups 3 the body message and 4 whether to include the Web address URL and measured values of each instrument Modbus protocol YS1000 Series UTAdvanced MW100 GM GX10 GX20 GP10 GP20 DX1000T DX2000T DX1000 DX2000 DX1000N and FX1000 The Modbus protocol is widely used in communications between industrial devices The protocol is also used to connect these devices to DCSs PLCs SCADAs etc For the GX10 GX20 GP10 GP20 GM DX1000T DX2000T DX1000 DX2000 DX1000N and FX1000 the Modus protocol can be used to output measured data and to start and stop measurements For the YS1000 Series and UTAdvanced the Modbus protocol can be used to change an instrument s settings such as the SP through the access and modification for the instrument s register values Yokogawa Proprietary Protocol Chart recorders paperless recorders and data acquisition units The server feature in the recording application and management application uses a command response protocol This protocol makes it possible to read measured values setup and measurement information maintenance and test information and instrument information Commands and responses are primarily exchanged using ASCII character strings but for some commands binary response
16. ke a list of assets that should be protected clarify their owners and evaluate their values The higher the value of the asset the greater the need to take security measures The following are examples of assets that should be protected Data Assets e Production schedule information e System configuration information e Application configuration information e Control parameter information e Recipe information e History information Device Assets Engineering workstations EWSs e Operator consoles OITs e Process controllers DCSs and PLCs e Field devices e Network devices Human and Environmental Assets e Employees e Factories and plant facilities e Natural environment When theses assets are exposed to security threats the following may result e Disturbance or halting of production activities e Leakage of recipes and other confidential information that relates to production activities e Personal injury e Damage to factories and plant facilities Environmental damage These events can inflict tremendous losses on an organization The objective of taking security measures is to protect these assets from threats and reduce opportunity losses incurred by the organization Priority Classification Example Below is an example of how asset priorities can be classified e Priority A Extremely high e Priority B High e Priority C Low e Priority D Extremely low NOTE This document is based on ISA 99 00 01 2007 Security for Indu
17. r server server by YOKOGAWA etc External software MW100 Data Acquisition Units DX1000T DX2000T DX1000 DX2000 DX1000N FX1000 Time i synchroni Pory h o i Management application zation SNTP FTP Modbus Setup and Maintenance Instrument server server S server measurement and test information ed client client client server server server pial ae WEB Modbus Utility software SMTP earver servor browser sorer by YOKOGAWA etc server External software DX1000T DX2000T DX1000 DX2000 DX1000N FX1000 Paperless Recorders TI 04A02A01 00EN Aug 31 2015 00 4 Overview of the Products That This Document Applies To DX100P DX200P CX1000 CX2000 Fil ti ati ati application Recording application Management application FTP Setup and Maintenance Instrument server Nise measurement and test information sid client server server server A A A A A Yy y belie WEB Utility software SMTP servor browser by YOKOGAWA etc server External software DX100P DX200P and CX1000 CX2000 Paperless Recorders uR10000 uR20000 Recordin aii aplication Management application Setup and Maintenance Instrument measurement and test information server server server A A Utility software by YOKOGAWA etc
18. ral purpose communication services 80 tcp or 443 tcp when HTTP or HTTPS when www HTTP server Encryption is On Encryption is On TI 04A02A01 00EN Aug 31 2015 00 4 Overview of the Products That This Document Applies To 1 7 Server Features of MW100 Data Acquisition Units 502 tcp 14 ss Modbus sd Multi vendor connection Modbus server me Je e S S d leaner FTP serve C a a Czw eme Time syncronization SNTP serve sero 4 Yokogawa proprietary Generar purpose communication services Server Features of DX1000T DX2000T DX1000 DX2000 DX1000N FX1000 Paperless Recorders Multi vendor connection Modbus server DX1000T DX2000T DX1000 DX2000 only faites dt G anton FTP semen am o e e Gawa o Tee Timesynchronization NTP sone Taa2eauap me Yokogawa proprietary Instrumentinformation service Server Features of DX100P DX200P and CX1000 CX2000 Paperless Recorders enome f ae id HTTP serve 3426aiudp ined Yokogawa proprietary instumentinformation sevice Server Features of R10000 uR20000 Chart Recorders 34260 tcp fixed Yokogawa proprietary Setup and measurement services 3426 1 tcp fixed Yokogawa proprietary Maintenance and test services 34264 udp fixed P Yokogawa proprietary Instrument information service YS1000 Series Single loop Controllers Server features 502 tcp Multi vendor connection Modbus server TI 04A02A01 00EN Aug 31 2015 00 1 8 4
19. ration logs FTP logs etc you can determine how the instruments have been operated IP Access Limitation Function Available on the DX1000T DX2000T DX1000 DX2000 DX1000N Release 3 and later restricts access to Modbus server Only Modbus access from a registered IP address is allowed Access from an unregistered IP address is rejected This feature prevents unauthorized access and enhances security CX1000 CX2000 Paperless Recorders Login Feature The login feature allows only registered users to access the paperless recorders There are two user levels privileges Administrator privileges All features can be used User privileges Writing to external media via FTP and other features are restricted Measured data report data log information status information etc can be retrieved Measurement range adjustments require administrator privileges By enabling the login feature and assigning administrator and user privileges you can control who is able to access the paperless recorders and view measured data and who is able to access the paperless recorders and change their measurement setups Assign appropriate login privileges to users to ensure security One administrator and up to six users can be registered in these paperless recorders Log Information By referring to communication logs operation logs FTP logs etc you can determine how the instruments have been operated TI 04A02A01 00EN Aug 31 2015 00 6 Product
20. re described later is enabled users can use the FTP server only when they enter the appropriate user name and password Up to two connection destination servers primary and secondary can be specified For each the user sets the server name host name or IP address user name password and initial directory Under normal conditions the instrument attempts to transfer files to the primary server If the transfer fails the instrument attempts to transfer files to the secondary server HTTP Protocol Paperless recorders data acquisition system and data acquisition units The recording application displays recording screens and messages on a remote Web browser It also allows the instrument to be controlled remotely only when the user logs in as an operator via a Web browser Microsoft Internet Explorer has been tested for operational compatibility The HTTP server has a user authentication feature When the server s login feature described later is enabled users can use the HTTP server only when they enter the appropriate user name and password SMTP Protocol Paperless recorders data acquisition system and data acquisition units The management application transmits emails to an SMTP server in accordance with how the instrument has been set up On the applicable products emails are transmitted 1 Periodically 2 When a hardware malfunction or other system error occurs 3 When an hourly daily monthly or other report is creat
21. re in accordance with the level of quantitative loss Doing so will enable you to determine which risks require countermeasures which risks can be tolerated and so on Note that in some cases losses are difficult to assess as business losses because they include factors such as environmental contamination personal injury and loss of public confidence in the organization TI 04A02A01 00EN Aug 31 2015 00 4 Overview of the Products That This Document Applies To 1 6 4 Overview of the Products That This Document Applies To Applicable Products This document applies to the following products e Chart recorders yUR10000 R20000 e Paperless recorders GX10 GX20 GP 10 GP20 DX1000T DX2000T DX1000 DX2000 DX1000N FX1000 DX100P DX200P CX1000 CX2000 e Data acquisition system GM e Data acquisition units MW100 Single loop controllers YS1000 Series e Digital indicating controllers Program controllers Digital indicator with alarms UTAdvanced The communication features implemented on the applicable products vary depending on the product series This chapter describes the communication features that are implemented on each series of products and the security measures that should be considered Features of Applicable Products All the products covered in this document use microprocessors and real time OSs to run communication applications At the factory different communication applications are embedded in each product series
22. s 1 13 DX100P DX200P Paperless Recorders 2 ccccccceeceeeeeeeeeeeeeeteeseneeeseneessnees 1 14 UTAdvanced Digital Indicating Controllers Program Controllers Digital Indicator with Alarms 1 14 YS1000 Series Single loop Controllers 0 0 eeceeeeeeeeeeeeeeeeeeeneeenreseeesieesneees 1 14 7 bois geo oil eee eee en eM oS ere ne nee Se oe et eer ea Rene en epee aaa 1 15 Revision Information cccceeseeeeeeeeeeeeeeeeneeeeeeeeneeeseseeeeeesseneeseesnaneeeseseeeeeesseeeeeeees i The contents of this document are subject to change without notice Yokogawa Electric Corporation TI 04A02A01 00EN YOKOGAWA 2 9 32 Nakacho Musashino shi Tokyo 180 8750 Japan Copyright June 2012 3rd Edition August 2015 1 Introduction 1 1 1 Introduction Information Security in Yokogawa Electric Corporation and its group companies Yokogawa is committed to company wide security measures to protect information assets as an important business asset against threats such as leakage and destruction to fulfill its social responsibility as a company that is trusted by customers and suppliers In order to protect information assets from threats Yokogawa has established management rules to comply with the management regulations In the management rules it is clearly stated responsible management system and responsible person In the management rules they are stated that how to respond to appropriate management and accident handling
23. strial Automation and Control Systems Part 1 Terminology Concepts and Models This document refers to this standard as ISA 99 00 01 ISA 99 00 01 defines activity based criteria for determining security measures and asset based criteria for determining the assets that need to be protected This document is based on these criteria TI 04A02A01 00EN Aug 31 2015 00 3 Identifying and Evaluating Threats 1 4 3 Identifying and Evaluating Threats Determine all possible security threats to the assets that are on your list of assets that need to be protected Possible threats need to be considered from the following viewpoints Unauthorized Access to Assets by Individuals with Malicious Intent e Insider e Outsider e Via network e Direct access to assets direct operation of instruments that contain assets Unauthorized Access to Assets by Malicious Software e Via network e Via removable media Inappropriate Access by Valid Users through Operation Errors and Careless Unintended Acts e Via network e Via removable media e Direct access to assets direct operation of instruments that contain assets For each security threat that you have identified evaluate the probability of occurrence Below is an example of how the probabilities of occurrence can be classified e Probability level A High probability that the threat will occur e Probability level B Moderate probability that the threat will occur e Probability
24. ternal storage media The information is embedded in files along with tampering detection data and can thus be used as digital signatures Log Information DX100P DX200P operations configuration changes error messages file transfers using the FTP client feature email transmissions Web interface operations SNTP server access logs etc are logged UTAdvanced Digital Indicating Controllers Program Controllers Digital Indicator with Alarms Write Access to Modbus Registers Writing to Modbus registers over communication lines can be enabled or disabled Disabling the feature will prevent outsiders with malicious intent from changing the controller settings When the feature is disabled settings must be changed manually onsite IP Access Limitation Function Only Modbus access from a registered IP address is allowed Access from an unregistered IP address is rejected This feature prevents unauthorized access and enhances security YS1000 Series Single loop Controllers Write Access over Ethernet Writing to Modbus registers over Ethernet can be enabled or disabled Disabling the feature will prevent outsiders with malicious intent from changing the controller settings When the feature is disabled settings must be changed manually onsite TI 04A02A01 00EN Aug 31 2015 00 7 Staff Security 1 1 5 7 Staff Security One of the most important security threats is people Human error can pose major security threats Educ
Download Pdf Manuals
Related Search