User Authorization - ABB RELION REX640 Technical Manual
Hide thumbs
Also See for RELION REX640:
- Technical manual (1960 pages) ,
- Operation manual (164 pages) ,
- Engineering manual (156 pages)
Table of Contents
Advertisement
1MRS759142 C
2.5
REX640
Technical Manual
User authorization
The user management for the protection relay can be handled in two possible ways.
Only one user management way can be enabled in the protection relay at a time. This
can be done with the Device CAM mode parameter in Account Management in
PCM600.
Table 7:
Device CAM mode values
Parameter
Device CAM mode
For more information, see the cyber security deployment guideline.
Local user account management
Four factory default user accounts (VIEWER, OPERATOR, ENGINEER and
ADMINISTRATOR) have been predefined for the LHMI and the WHMI, each with
different rights and default passwords. The roles for these user accounts are the same
as the username. Additional user accounts can be added for the protection relay.
IED Users in PCM600 is used to manage the user accounts. Each protection relay
supports eight fixed roles and 50 user accounts belonging to any one of these roles.
Each user account can be mapped to a maximum of eight roles.
The factory default passwords can be changed with Administrator user rights or by the
users themselves. Relay user passwords can be changed using the LHMI, IED Users
in PCM600 or the WHMI. Only Administrator can create user accounts and update the
roles-to-rights mapping. Administrator can also reset the passwords of the users.
User authorization is disabled by default for the LHMI and can be enabled with the
Local override parameter via the menu path Configuration/Authorization/
Passwords. WHMI always requires authentication. Changes in user management
settings do not cause the protection relay to reboot. The changes are taken into use
immediately after committing the changed settings.
Central account management
The user accounts and roles can be created and authenticated centrally in a CAM
server. CAM needs to be activated in the protection relay from Account Management
in PCM600.
A CAM server can be a tool such as SDM600 or it can be an Active Directory server
such as Windows AD. There can also be a secondary or redundant CAM server
Values
Enabled
Disabled (Default)
Section 2
REX640 overview
Description
Authentication done from the
CAM server
Authentication done from the
local user account management
database
69
- Quick Links:
- Section 14 Technical Data
Hide quick links:
Advertisement
Chapters
Table of Contents
