Issue:
What are some of the elementary precautions that you must take to protect the communications paths that give access to information about your installation, and control over it?
Product Line:
Circuit Breakers
Environment:
Micrologic X control unit
Resolution:
Overview
The Masterpact MTZ circuit breaker with its Micrologic X control unit is a key component of your installation. It offers multiple communication features that bring greater efficiency and flexibility in managing your installation. However the features also make it potentially vulnerable to cyber attacks. This section lists some of the elementary precautions that you must take to protect the communications paths that give access to information about your installation, and control over it.
The communication paths to protect include:
Local access communication paths
Wireless Bluetooth low energy communication
Wireless NFC communication
The mini USB port
Remote access communication paths
The Ethernet network when the IFE or EIFE interface is present
The Modbus-SL network when the IFM interface is present
For more detailed information on cybersecurity for the Masterpact MTZ circuit breakers, refer to
Masterpact MTZ - Cybersecurity Guide.
General Cybersecurity Recommendations
There are some general rules to follow to protect the availability, integrity, and confidentiality of your systems and network. For general guidelines on securing remote access to your network and for implementing a secure operating environment, refer to How Can I Reduce Vulnerability to Cyber Attacks?.
WARNING
POTENTIAL COMPROMISE OF SYSTEM AVAILABILITY, INTEGRITY, AND CONFIDENTIALITY
Change default passwords to help prevent unauthorized access to device settings and information.
Disable unused ports/services and default accounts to help minimize pathways for malicious attackers.
Place networked devices behind multiple layers of cyber defenses (such as firewalls, network segmentation, and network intrusion detection and protection).
Use cybersecurity best practices (for example, least privilege, separation of duties) to help prevent unauthorized exposure, loss, modification of data and logs, or interruption of services. Failure to follow these instructions can result in death, serious injury, or equipment damage.
Cybersecurity Recommendations for Local Access Communication Paths
To help protect local access communication paths, it is recommended to:
Keep locked the enclosure where the Masterpact MTZ circuit breaker is located so that no unauthorized person can access the Micrologic X control unit.
Specific Cybersecurity Recommendations for Wireless Bluetooth Low Energy Communication
Data transfers using BLE wireless communication are encrypted, therefore the risk of an unauthorized person gaining access to confidential information during transmission is limited.
To protect access to functions accessible through Bluetooth, it is recommended to:
Disable Bluetooth communications if you do not want to use Bluetooth.
Set the Bluetooth automatic disconnection timer to the minimum time (5 minutes).
Make sure that the smartphones running the Masterpact MTZ Mobile App are password-protected and for professional use only.
Do not give away information about the smartphone (telephone number, MAC address) if it is not necessary.
Disconnect the smartphone from the Internet during a Bluetooth connection with the Micrologic X control unit.
Do not store confidential or sensitive information on smartphones.
Specific Cybersecurity Recommendations for Wireless NFC Communication
To protect access to data accessible through NFC, it is recommended to make sure that the smartphones running the Masterpact MTZ Mobile App are password-protected and for professional use only.
Specific Cybersecurity Recommendations for USB Connection
To protect access to functions accessible through a USB connection on the Micrologic X control unit, it is recommended that:
The PCs running the monitoring software are hardened following the guidelines provided in Masterpact MTZ - Cybersecurity Guide
The most up-to-date hardening methods for the operating system are running on your PCs.
Specific Cybersecurity Recommendations for USB OTG Connection
To protect access to functions accessible through a USB OTG connection on the Micrologic X control unit, it is recommended that:
The smartphones running the Masterpact MTZ Mobile App are hardened following the guidelines provided in Masterpact MTZ - Cybersecurity Guide
The most up-to-date hardening methods for the operating system are running on your smartphones.
Cybersecurity Recommendations for Remote Access Communication Paths Through a Communication Network
When the Masterpact MTZ circuit breaker is connected to a communication network through the IFE, EIFE or IFM interface, it is recommended to:
Follow general security rules to protect your network.
Make sure that the PCs running the monitoring software are hardened following the guidelines provided in Masterpact MTZ - Cybersecurity Guide , and with the most up-to-date hardening methods for the operating system running on your PCs.
What are some of the elementary precautions that you must take to protect the communications paths that give access to information about your installation, and control over it?
Product Line:
Circuit Breakers
Environment:
Micrologic X control unit
Resolution:
Overview
The Masterpact MTZ circuit breaker with its Micrologic X control unit is a key component of your installation. It offers multiple communication features that bring greater efficiency and flexibility in managing your installation. However the features also make it potentially vulnerable to cyber attacks. This section lists some of the elementary precautions that you must take to protect the communications paths that give access to information about your installation, and control over it.
The communication paths to protect include:
Local access communication paths
Wireless Bluetooth low energy communication
Wireless NFC communication
The mini USB port
Remote access communication paths
The Ethernet network when the IFE or EIFE interface is present
The Modbus-SL network when the IFM interface is present
For more detailed information on cybersecurity for the Masterpact MTZ circuit breakers, refer to
Masterpact MTZ - Cybersecurity Guide.
General Cybersecurity Recommendations
There are some general rules to follow to protect the availability, integrity, and confidentiality of your systems and network. For general guidelines on securing remote access to your network and for implementing a secure operating environment, refer to How Can I Reduce Vulnerability to Cyber Attacks?.
WARNING
POTENTIAL COMPROMISE OF SYSTEM AVAILABILITY, INTEGRITY, AND CONFIDENTIALITY
Change default passwords to help prevent unauthorized access to device settings and information.
Disable unused ports/services and default accounts to help minimize pathways for malicious attackers.
Place networked devices behind multiple layers of cyber defenses (such as firewalls, network segmentation, and network intrusion detection and protection).
Use cybersecurity best practices (for example, least privilege, separation of duties) to help prevent unauthorized exposure, loss, modification of data and logs, or interruption of services. Failure to follow these instructions can result in death, serious injury, or equipment damage.
Cybersecurity Recommendations for Local Access Communication Paths
To help protect local access communication paths, it is recommended to:
Keep locked the enclosure where the Masterpact MTZ circuit breaker is located so that no unauthorized person can access the Micrologic X control unit.
Specific Cybersecurity Recommendations for Wireless Bluetooth Low Energy Communication
Data transfers using BLE wireless communication are encrypted, therefore the risk of an unauthorized person gaining access to confidential information during transmission is limited.
To protect access to functions accessible through Bluetooth, it is recommended to:
Disable Bluetooth communications if you do not want to use Bluetooth.
Set the Bluetooth automatic disconnection timer to the minimum time (5 minutes).
Make sure that the smartphones running the Masterpact MTZ Mobile App are password-protected and for professional use only.
Do not give away information about the smartphone (telephone number, MAC address) if it is not necessary.
Disconnect the smartphone from the Internet during a Bluetooth connection with the Micrologic X control unit.
Do not store confidential or sensitive information on smartphones.
Specific Cybersecurity Recommendations for Wireless NFC Communication
To protect access to data accessible through NFC, it is recommended to make sure that the smartphones running the Masterpact MTZ Mobile App are password-protected and for professional use only.
Specific Cybersecurity Recommendations for USB Connection
To protect access to functions accessible through a USB connection on the Micrologic X control unit, it is recommended that:
The PCs running the monitoring software are hardened following the guidelines provided in Masterpact MTZ - Cybersecurity Guide
The most up-to-date hardening methods for the operating system are running on your PCs.
Specific Cybersecurity Recommendations for USB OTG Connection
To protect access to functions accessible through a USB OTG connection on the Micrologic X control unit, it is recommended that:
The smartphones running the Masterpact MTZ Mobile App are hardened following the guidelines provided in Masterpact MTZ - Cybersecurity Guide
The most up-to-date hardening methods for the operating system are running on your smartphones.
Cybersecurity Recommendations for Remote Access Communication Paths Through a Communication Network
When the Masterpact MTZ circuit breaker is connected to a communication network through the IFE, EIFE or IFM interface, it is recommended to:
Follow general security rules to protect your network.
Make sure that the PCs running the monitoring software are hardened following the guidelines provided in Masterpact MTZ - Cybersecurity Guide , and with the most up-to-date hardening methods for the operating system running on your PCs.