Schneider Electric’s RFC-2350

1. Document information

This document contains a description of Schneider Electric’s CERT and CPCERT in accordance with RFC 2350 specification.

It provides basic information about Schneider Electric’s CERT and CPCERT, describes its responsibilities and services offered.

1.1 Date of the last update 

Version 1, created on 10/27/2022

1.2 Distribution List for Notifications 

There is no distribution list for notifications. 

1.3 Locations where this Document May Be Found 

The current and latest version of this document is available at Schneider Electric’s website.

1.4 Document identification 

Title: ‘Schneider Electric’s RFC-2350’

Version: 1  

Document Date: 11/10/2022 

Expiration: this document is valid until superseded by a later version

2. Contact information 

2.1 Name of the team 

Team Name: CERT Schneider Electric 

• Short Team Name: SE-CERT 
• Email: cert@se.com 

Team Name: CPCERT Schneider Electric 

• Short Team Name: CPCERT 
• Email: cpcert@se.com 

2.2 Address 

Schneider Electric 

35 rue Joseph Monier, 92500, Rueil Malmaison, France 

2.3 Time zone 

SE-CERT operates 24/7 

CPCERT operates – Monday to Friday 8:00 -17:00 EST 

2.4 Telephone Number 

None available. 

2.5 Facsimile Number 

None available. 

2.6 Electronic Mail Address 

If you need to notify us about an information security incident or a cyber-threat targeting or involving Schneider Electric, please contact us at: cert@se.com. If you need to notify us about vulnerabilities on Schneider Electric’s product, please contact us at: cpcert@se.com. 

2.7 Other Telecommunication 

None available. 

2.8 Public Keys and Encryption Information 

SE-CERT (cert@se.com) 

• User ID: cert@se.com 
• Key ID - 0x1532593F 
• Finger Print - 920C 07B4 A1C5 85C7 8698 8659 9918 81ED 1532 593F 
• Public PGP key for SE-CERT 

CPCERT (cpcert@se.com) 

• User ID: cpcert@se.com 
• Key ID - 0xCF9F652C 
• Finger Print - E38F 0E4A 8541 8B53 20A7 D84F 8233 2C33 CF9F 652C 
• Public PGP key for CPCERT 

2.9 Team Members 

The operational CERT stands for Computer/Cyber Emergency Response Team. This document references to two separate teams: 

SE-CERT = Schneider Electric – Computer/Cyber Emergency Response Team 

CPCERT = Corporate Product Cyber Emergency Response Team 

SE-CERT and CPCERT Teams are comprised of technical and governance analysts, which are committed in delivering high-quality CERT services to their constituency. 

2.10 Other Information 

Vulnerability management policy for SE-CERT and CPCERT can be accessed on our website. 

2.11 Points of Customer Contact 

SE-CERT’s preferred method of contact is email to: cert@se.com 

CPCERT’s preferred method of contact is email to cpcert@se.com 

Note: sender’s email domain will be checked against SPF/DMARC, and DKIM prior to delivery into the CERT mailbox.

3. Charter

3.1 Mission Statement 

SE-CERT (cert@se.com) is part of the Schneider Electric’s Cyber Defense and Incident Response team within Schneider Electric’s Governance. SE-CERT (cert@se.com) is responsible for providing alerts and warnings, intrusion detection services, incident handling for Schneider Electric, protecting our customers and environment. 

CPCERT (cpcert@se.com) is part of Schneider Electric’s Product & System Security Office within Schneider Electric’s Governance. CPCERT (cpcert@se.com) addresses cybersecurity vulnerabilities to support the security of our products, installed solutions, protecting our customers and environment. 

3.2 Constituency 

SE-CERT’s (cert@se.com) constituency is composed of all the elements of Schneider Electric group’s information system: its users, its systems, its applications, and its networks. 

CPCERT’s (cpcert@se.com) constituency is composed of all the products of Schneider Electric’s group. 

3.3 Affiliation 

SE-CERT and CPCERT are affiliated with Schneider Electric. 

3.4 Authority 

SE-CERT (cert@se.com) services are operating in compliance with Schneider Electric’s security governance framework and is also under the authority of Schneider Electric Global Chief Information Security Officer. CPCERT (cpcert@se.com) services are operating in compliance with Schneider Electric’s security governance framework and is also under the authority of Schneider Electric Global Chief Product Security Officer.

4. Policies

4.1 Types of Incidents and Level of Support 

SE-CERT (cert@se.com) is authorized to handle all types of cyberattacks that would target Schneider Electric and subsidiaries. 

Support given by SE-CERT (cert@se.com) will be adapted based on the severity of the security incident or issue, its potential, or assessed impact.

CPCERT (cpcert@se.com) is authorized to handle all types of vulnerabilities that would target Schneider Electric’s products. 

Support given by CPCERT (cpcert@se.com) will be adapted based on the severity of the vulnerability, its potential, or assessed impact. 

4.2 Co-operation, Interaction and Disclosure of Information 

SE-CERT is committed to open and transparent collaboration with our trusted partners including the international CERT community in accordance with Schneider Electric policies. 

For this reason, all worldwide CERT teams are welcome to get in touch with SE-CERT (cert@se.com) to establish co-operation agreements, as questions, or information sharing initiatives as appropriate. 

4.3 Communication and Authentication 

The preferred method of communication is email. For the exchange of sensitive information and authenticated communication SE-CERT and CPCERT uses several encryption solutions. 

By default, all sensitive communication to SE-CERT and CPCERT should be encrypted with our public PGP key.

5. Services

SE-CERT (cert@se.com) provides incident response services including but limited not to: 

• Alerts and Warning 
• Triage  
• Art 
• Handling 

CPCERT (cpcert@se.com) provides Product Vulnerability Handling including but limited not to:

• Intake 
• Evaluation 
• Resolution 
• Disclosure 

5.1 Incident response   

SE-CERT (cert@se.com), collect information from sensors, after triage, will contact relevant stakeholder to handle the incident and artifact. Then the stakeholder will respond the incident defining containment and remediation. 

6. Incident Reporting Forms   

In case of emergency or crisis, please provide SE-CERT (cert@se.com) at least the following information:    

• Contact details and organizational information – name of person and organization name and address    
• Scanning results (if any) - an extract from the log showing the problem,   
• IP address(es), FQDN(s), and any other relevant technical element with associated observation    
• Regards email issues, in case you wish to forward any emails to cert@se.com, please include all email headers, body and any attachments if possible and as permitted by the regulations, policies and legislation under which you operate    
• Telephone number and email address.

7. Disclaimers 

While every precaution will be taken in the preparation of information, notifications, and alerts, SE-CERT assumes no responsibility for errors or omissions, or for damages resulting from the use of the information contained herein.