Chapter 17 - Cyber-Security
A similar response occurs if you try to enter the password through a communications port.
The parameters can then be configured using the Attempts Limit, Attempts Timer and Blocking Timer settings in
the SECURITY CONFIG column.
Password blocking configuration
Setting
Attempts Limit
Attempts Timer
Blocking Timer
4.4
PASSWORD RECOVERY
If you mislay a device's password, they can be recovered. To obtain the recovery password you must contact the
Contact Centre and supply the Serial Number and its Security Code. The Contact Centre will use these items to
generate a Recovery Password.
The security code is a 16-character string of upper case characters. It is a read-only parameter. The device
generates its own security code randomly. A new code is generated under the following conditions:
●
On power up
Whenever settings are set back to default
●
On expiry of validity timer (see below)
●
When the recovery password is entered
●
As soon as the security code is displayed on the LCD, a validity timer is started. This validity timer is set to 72 hours
and is not configurable. This provides enough time for the contact centre to manually generate and send a
recovery password. The Service Level Agreement (SLA) for recovery password generation is one working day, so 72
hours is sufficient time, even allowing for closure of the contact centre over weekends and bank holidays.
To prevent accidental reading of the IED security code, the cell will initially display a warning message:
The security code is displayed on confirmation. The validity timer is then started. The security code can only be
read from the front panel.
4.4.1
PASSWORD RECOVERY
The recovery password is intended for recovery only. It is not a replacement password that can be used
continually. It can only be used once – for password recovery.
Entry of the recovery password causes the IED to reset all passwords back to default. This is all it is designed to do.
After the passwords have been set back to default, it is up to the user to enter new passwords. Each password
should be appropriate for its intended function, ensuring NERC compliance, if required.
On this action, the following message is displayed:
386
Cell
Units
col row
25 02
25 03
Minutes
25 04
Minutes
PRESS ENTER TO
READ SEC. CODE
PASSWORDS HAVE
BEEN SET TO
DEFAULT
Default Setting
3
2
5
Available Setting
0 to 3 step 1
1 to 3 step 1
1 to 30 step 1
P64x-TM-EN-1.3
P64x