SeT Series PrismaSeT Active- Wireless Panel Server – User Guide

DOCA0197EN-01

Security Capabilities

General Cybersecurity Recommendations

NOTICE

POTENTIAL COMPROMISE OF SYSTEM AVAILABILITY, INTEGRITY, AND CONFIDENTIALITY

Change default passwords at first use to help prevent unauthorized access to device settings, controls, and information.
Use cybersecurity best practices to help prevent unauthorized exposure, loss, modification of data and logs, or interruption of services.

Failure to follow these instructions can result in non-operational system where the Wireless Panel Server is installed.

Potential Risks and Compensation Controls

Area	Issue	Risk	Compensating controls
Bluetooth Low Energy wireless radio communication	If the mobile device (smartphone or tablet) where EcoStruxure Power Commission App is installed has a malicious mobile application installed and unknown to the user, this malicious application can eavesdrop on the communication between the Wireless Panel Server and EcoStruxure Power Commission App during connection to Bluetooth Low Energy wireless technology and login to the App.	If a malicious mobile application eavesdrops on the communication, the malicious mobile application can steal the credentials and gain access to the Wireless Panel Server .	Install antivirus program on your mobile device (smartphone or tablet) to help prevent installation from malicious mobile application.
Bluetooth Low Energy wireless radio communication	During the pairing window, unauthorized mobile device may try to connect to the Bluetooth Low Energy interface.	If a rogue mobile device gained access to the Wireless Panel Server , it can create a Denial of Service (DoS) and you would not be able to access the Wireless Panel Server .	Reduce pairing window to limit exposure. In addition, always ensure that the Wireless Panel Server LED is blinking blue when EcoStruxure Power Commission App is attempting to connect to Wireless Panel Server . If the LED is steady blue, it means that another mobile device (smartphone or tablet) is already connected to the Wireless Panel Server : Press the Wireless Panel Server button to terminate the unwished connection to Wireless Panel Server . Press the button again to open a new pairing session.
IEEE 802.15.4 wireless radio communication	During the pairing window, unauthorized radio devices may try to join the network.	If a rogue device gained access to your network, they could eavesdrop on the communication of your wireless network, create an integrity data breach (for example, by sending fake data), or create a Denial of Service.	Reduce commissioning window to limit exposure. Once the pairing is performed, verify the list of paired devices configured in the Wireless Panel Server using EcoStruxure Power Commission App and make sure that the list of devices contains no unexpected or rogue devices.
QR code	Someone may tamper with the Schneider Electric QR code of the Wireless Panel Server .	If the QR code has been tampered with, it can redirect to a fake site and the user credential be stolen or robbed.	Check that the QR code has not been tampered with (no rips, tears, punctures, or scratches) and check that the URL redirects you to a Schneider Electric web site (domain).

Show QR code for this page

QR Code is a registered trademark of DENSO WAVE INCORPORATED in Japan and other countries.

Was this helpful?

Contact Information

Legal Information

Change your cookie settings