Cybersecurity Recommendations - EasyPact MVS TS Trip System User Guide

Overview

The EasyPact MVS circuit breaker with its TS trip system is a key component of your installation. It offers multiple communication features that bring greater efficiency and flexibility in managing your installation. However the features also make it potentially vulnerable to cyber attacks.

This section lists some of the elementary precautions that you must take to protect the communications paths that give access to information about your installation, and control over it.

The communication paths to protect include:

Local access communication paths
- Wireless NFC communication
- The 5-pin plug

For more detailed information about cybersecurity for the EasyPact MVS circuit breakers, refer to DOCA0122EN MasterPact, ComPacT, PowerPacT - Cybersecurity Guide.

General Cybersecurity Recommendations

WARNING
POTENTIAL COMPROMISE OF SYSTEM AVAILABILITY, INTEGRITY, AND CONFIDENTIALITY Change default passwords at first use to help prevent unauthorized access to device settings, controls, and information. Disable unused ports/services and default accounts to help minimize pathways for malicious attackers. Place networked devices behind multiple layers of cyber defenses (such as firewalls, network segmentation, and network intrusion detection and protection). Use cybersecurity best practices (for example, least privilege, separation of duties) to help prevent unauthorized exposure, loss, modification of data and logs, or interruption of services. Failure to follow these instructions can result in death, serious injury, or equipment damage.

WARNING

POTENTIAL COMPROMISE OF SYSTEM AVAILABILITY, INTEGRITY, AND CONFIDENTIALITY

Change default passwords at first use to help prevent unauthorized access to device settings, controls, and information.
Disable unused ports/services and default accounts to help minimize pathways for malicious attackers.
Place networked devices behind multiple layers of cyber defenses (such as firewalls, network segmentation, and network intrusion detection and protection).
Use cybersecurity best practices (for example, least privilege, separation of duties) to help prevent unauthorized exposure, loss, modification of data and logs, or interruption of services.

Failure to follow these instructions can result in death, serious injury, or equipment damage.

NOTICE
Interruption of power supply The TS trip system must be continuously powered by USB during the firmware update. Failure to follow these instructions can result in equipment damage.

Cybersecurity Recommendations for Local Access Communication Paths

To help protect local access communication paths, it is recommended to:

Keep locked the enclosure where the EasyPact MVS circuit breaker is located so that no unauthorized person can access the TS trip system.
For the HMI (if any), a lead seal shall be used to prevent unauthorized access to buttons or rotary switches.

Specific Cybersecurity Recommendations for Wireless NFC Communication

To protect access to data accessible through NFC, it is recommended to make sure that the smartphones running the EcoStruxure Power Device app are password-protected and for professional use only.

Specific Cybersecurity Recommendations for USB Connection

To protect access to functions accessible through a USB connection on the TS trip system, it is recommended that:

The PCs running the monitoring software are hardened following the guidelines provided in MasterPact, ComPacT, PowerPacT - Cybersecurity Guide.
The most up-to-date hardening methods for the operating system are running on your PCs.