English dropdown-ico

Siemens Version: 1.2 manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18

Go to page of

Similar user manuals

A good user manual

The rules should oblige the seller to give the purchaser an operating instrucion of Siemens Version: 1.2, along with an item. The lack of an instruction or false information given to customer shall constitute grounds to apply for a complaint because of nonconformity of goods with the contract. In accordance with the law, a customer can receive an instruction in non-paper form; lately graphic and electronic forms of the manuals, as well as instructional videos have been majorly used. A necessary precondition for this is the unmistakable, legible character of an instruction.

What is an instruction?

The term originates from the Latin word „instructio”, which means organizing. Therefore, in an instruction of Siemens Version: 1.2 one could find a process description. An instruction's purpose is to teach, to ease the start-up and an item's use or performance of certain activities. An instruction is a compilation of information about an item/a service, it is a clue.

Unfortunately, only a few customers devote their time to read an instruction of Siemens Version: 1.2. A good user manual introduces us to a number of additional functionalities of the purchased item, and also helps us to avoid the formation of most of the defects.

What should a perfect user manual contain?

First and foremost, an user manual of Siemens Version: 1.2 should contain:
- informations concerning technical data of Siemens Version: 1.2
- name of the manufacturer and a year of construction of the Siemens Version: 1.2 item
- rules of operation, control and maintenance of the Siemens Version: 1.2 item
- safety signs and mark certificates which confirm compatibility with appropriate standards

Why don't we read the manuals?

Usually it results from the lack of time and certainty about functionalities of purchased items. Unfortunately, networking and start-up of Siemens Version: 1.2 alone are not enough. An instruction contains a number of clues concerning respective functionalities, safety rules, maintenance methods (what means should be used), eventual defects of Siemens Version: 1.2, and methods of problem resolution. Eventually, when one still can't find the answer to his problems, he will be directed to the Siemens service. Lately animated manuals and instructional videos are quite popular among customers. These kinds of user manuals are effective; they assure that a customer will familiarize himself with the whole material, and won't skip complicated, technical information of Siemens Version: 1.2.

Why one should read the manuals?

It is mostly in the manuals where we will find the details concerning construction and possibility of the Siemens Version: 1.2 item, and its use of respective accessory, as well as information concerning all the functions and facilities.

After a successful purchase of an item one should find a moment and get to know with every part of an instruction. Currently the manuals are carefully prearranged and translated, so they could be fully understood by its users. The manuals will serve as an informational aid.

Table of contents for the manual

  • Page 1

    LISE-M EITNER-ALLEE 4 D - 44801 Boc hum TELEFON +49 (0) 234/43 87 02-09 TELE FAX +49 (0) 234/43 87 02-11 E-Mail info@e scrypt.com INTE RN ET www.e scrypt com Security Evaluation of the Siemens Scalance S 612/613 Security Module escrypt GmbH – Embedded Security http://www.escrypt.com Version: 1.2 Date: 19-Aug-05 █ escrypt GmbH GESCHÄFTSFÜHRER:[...]

  • Page 2

    Index Index 1 Introducti on........................................................................................................ 4 2 Security Se rvices............................................................................................... 6 2.1 Assumptions ..................................................................................[...]

  • Page 3

    Executive Summary Executive Summary The Scalance S 612/S 613 is a security module to protect the communication between automation networks and to avoid a ttacks to the networks. The security module provides the functionality of a fire wall and a virtual priv ate network (VPN). The system is based on the operating syst em VxWorks and the firewall an[...]

  • Page 4

    1. Introduction 1 Introduction The Siemens Scalance S 613 is a security module which protects the communication between automat ion networks. It provides authentication, data integrity and confidentiality and protects against data theft and data manipulation. In automation engineering more and more components are being connected. The connection wit[...]

  • Page 5

    1. Introduction Automation networks demand fo r a variety of security goals such that only basic default-rules are preset. Nonetheless, these default rules provide a secure configuration. The security modules are supposed to be easy to configure and handle, also by non IT-experts. The security module can still be pr ecisely configured according to [...]

  • Page 6

    2. Security Services 2 Security Services The security module has two Ethernet inte rfaces, one to the internal network which is protected, and the other one to the external network. The interfaces are easily recognizable by a color marker in green an d red color. The processor is an Intel IXP425, it supports AES, SHA-1, MD5, DES and 3DES in hardwar[...]

  • Page 7

    2. Security Services and 3 on the security module. The packe t filter controls the communication between the internal network and the external network (see Figure 2 ). Figure 2: Firewall function of the security module The firewall offers a packet filter adapt ed from OpenBSD for IP-packets with stateful packet inspection. Another packe t filter fo[...]

  • Page 8

    2. Security Services Figure 3: VPN-function of the Security -module For the communication over a VPN the se curity modules are collected in groups. For each VPN there is a so called network certificate with corresponding private key that identifies the VPN. Each security module that belongs to the VPN holds a certificate which is signed wit h the p[...]

  • Page 9

    2. Security Services 2.2.4 Firmware Update The firmware of the security device can be updated. For this purpose, Siemens supplies an encrypted and digitally signed firmware. The user has to authenticate to the security module before loadin g new firmware. The new firmware is transferred to the security module via HTTP s. The signature of the firmwa[...]

  • Page 10

    2. Security Services 2.3.1 First Initiation At first initialization an IP address is as signed to the Scalance S moduls. After the IP configuration the modules can also be configured over the network. The first user to take the module in operation ent ers a user name and pass word which puts him in the position of administrator. After the security [...]

  • Page 11

    2. Security Services • Exchange of addresses of the internal networks between security modules • Signalizing that a packet was reject ed because it was not received via an IPsec tunnel. The learning is always initiated if a node wants to communicate with another node and devices located in the same subnet actively scan by ICMP messages. The exc[...]

  • Page 12

    3. Security Analysis 3 Security Analysis The security module is designed for the use in automation networks. For automation networks availability and robust ness are of first priority since the network must be protected against any failure so that the production never stops. For instance, in the chemical indus try this is extremely important. Of co[...]

  • Page 13

    3. Security Analysis The implementation of the IKE protocol does not show any known security weaknesses. No known security weak nesses of the OpenBSD-Isakmpd daemon were found. Additionally, the system in corporates a VPN bridge to transport non- IP-packets through the IPsec-tunnel Bro adcast and multicast packets can be transported and also ISO-pr[...]

  • Page 14

    3. Security Analysis The pf-packet filter of O penBSD does not include any know n weaknesses. A test of the filter rules set by t he configuration tool does not identify any implement ation failures. Also a test of the Layer-2 filt er e2f revealed no security weaknesses. 3.1.3 Firmware Update A new firmware version is provided in an encrypted way a[...]

  • Page 15

    3. Security Analysis The MiniWeb server is well implemented. The SSL implementation does not show any failures. The only security weakness is the long life span of the certificate and the use of MD5 for the generat ion of the certificates. The key length of 1024 bits is sufficient for the next three to five years. 3.1.6 Time Synchronization and Log[...]

  • Page 16

    3. Security Analysis 3.2.1 Configuration Files The configuration tool transfers t he configuration data via SSL. Hence, eavesdropping of the connecti on and determination of the data is not possible. The analysis of the configurat ion files gives only information about the default settings of the firewall. The rules defi ned in the configuration fi[...]

  • Page 17

    4. Summary 4 Summary The security module is designed for using it in an automation network in order to protect the network from data theft and m anipulation as well as attacks from the external network. The reliabili ty of the network is of first priority, the aspect of security follows right after. Furthermore, the device needs to be easy to confi[...]

  • Page 18

    5. References 5 References Functional Specification, Version 1.0, 7.10.2003 Security Target, Version 0.2, 31.10.2003 Instruction Handbook, 1/2005 Design Specification, 19.1.2004 19-Aug-05 escrypt GmbH 18[...]