PacT Series TransferPacT Active Automatic (LCD)TransferPacT Automatic (Rotary) – Cybersecurity Guide PDF
DOCA0215EN-01

Device Features

Overview

The TranferPacT ATSE (Automatic Transfer Switching Equipment) is designed with security-enabling features, and these features are in a preset state and can be modified to meet your installation needs. The device must only be configured and set by qualified personnel, because disabling or changing settings will affect the overall security robustness of the device and communication network.

Use this guide in conjunction with the user guide DOCA0214EN–01 for detailed configuration of features and settings of the device.

Communication Characteristics

The communication with TransferPacT ATSE is through the following interface types:

  • Wired communication through:

    • Modbus-RTU

    • CANopen

  • Human Machine Interaction (HMI) through:

    • LCD screen with buttons for display and operating.

    • Rotary and dip switches with LED for operating.

Supported Protocols

  • Modbus-RTU for communication with the Operational Technology (OT) devices/systems.

  • CANopen for internal communication between the main controller and accessories (e.g. DI/DO module, Modbus communication module)

NOTE: The Modbus-RTU and CANopen are legacy protocols, which have inherent deficiencies in security and need to be compensated with additional physical security in your application.

Security Features

The following security features are supported:

  • Firmware can be securely updated through the firmware which is digitally signed by Schneider Public Key Infrastructure (PKI).

  • Verifies the integrity of the data stored in the device to prevent configurations, business data and any other data from being tampered.

  • Robust input validation to prevent against remote attacks from Modbus-RTU and/or CANopen.

  • Any configuration modification is password-protected.

  • The password is stored as a salted hash and can be reset. For password reset, refer to user guide DOCA0214EN–01.

  • The communication control feature is disabled by default and can only be used after it’s enabled locally. Disable it in time when it’s not needed.

    NOTE: The communication control feature is supported on TransferPact Active Automatic only. For more information, refer to user guide DOCA0214EN–01.

  • The device will be locked for 10 minutes after 3 failed password attempts, which used to prevent brute force attacks.

  • Generates audit logs to record important operations and business logics for analysis and prediction, post-event tracking, investigation and evidence collection.

  • Plastic cover with hole to support users to put on lead sealing to prevent unauthorized physical access to the buttons (for TransferPact Active Automatic) or rotary switches (for TransferPact Automatic).

QR Code is a registered trademark of DENSO WAVE INCORPORATED in Japan and other countries.

Was this helpful?

Contact Information
Legal Information
Privacy Policy
Change your cookie settings