Global site

ABB's website uses cookies. By staying here you are agreeing to our use of cookies. Learn more

The nightmare of unmanaged user accounts in digitalized industrial environments


cyber-article-banner

Today cyber security has become an essential part in all industrial installations. Many devices in these installations, such as Remote Terminal Unit’s (RTU’s), Intelligent Electronic Device’s (IED’s) and Network Equipment have either local Human-Machine Interface’s (HMI’s) on the device, a command line interface or a web/cloud based interface that requires user authentication. The user accounts used in these devices are typically unmanaged and in many cases the factory default user accounts and passwords remain unchanged. If the default passwords are changed there is the risk that some of these will be forgotten, especially when they differ from device to device. Also problematic is the usage of very weak passwords which are shared by many users in an organization.

From a cyber security perspective, in today’s digitally connected world, both factory default accounts and shared accounts represent a huge cyber security risk and are unacceptable nowadays. Besides cyber security concerns, both factory default and shared accounts can make control system management a nightmare for the control system owner. Consider the case in which a power outage has occurred as a result of a changed configuration, but it cannot be determined which employee actually changed the configuration, because a shared account, or a factory default account was used to access the devices. Or the case when a single employee leaves the organization, and because that employee knows a password that is shared by several employees, a huge effort is required to change the shared password in many devices, in many locations, in order to ensure that the departing employee can no longer access the system. Last but not least, the remaining employees must be informed of the new password, so that they can continue to perform their work.

Five challenges faced by security managers of industrial installations.

  • Managing user accounts easily.
  • Administering new employees’ access and permissions in your company from a central point.
  • Quickly removing or disabling user credentials from a single central location when an employee leaves your company.
  • Implementing centrally configured changes on all products from different vendors, throughout your organization.
  • Removing the concern regarding default user accounts that remain active on unmanaged local devices.

See the unseen from a new perspective

Control systems need to managing to ensure sustainable infrastructures. Managing a system means to continually keep its devices up to date. The management of a cyber security policy can become complex, therefore to be efficient, security managers need support from a Role Based Access Control System (RBAC) software applications such as ABB’s System Data Management software – SDM600. SDM600 allows the responsible persons to be able to manage users and their roles consistently from a central point - even for multiple control systems in different locations.

Three steps to smarter protection for your system

ABB’s Grid Automation service team utilizes a three-stepped approach to smarter system protection, based on international standards such as IEC62351-8, to recommend solutions to challenges faced by industrial and utility customers that enable efficient RBAC management of user accounts in multi-vendor control systems. ABB’s SDM600 software can also provide utilities with state of the art cyber security via real-time visibility of the security relevant user activity within their systems.















Frank Hohlbaum


Today I am a Product Manager for Cyber security within ABB Substation Automation, but I’ve spent 20 years at ABB working across R&D and Product Management within Substation Automation. I’m passionate about developing cyber security awareness and simple-to-understand processes and programs that ensure our customers have a smarter system protection.
Register for updates
For the latest news, articles and Network content delivered straight to your inbox, simply enter your name and email address below:

Comment on this article

comments powered by Disqus

Contact information

What would you like to do?

Submit your inquiry

Please select country from the list below
Country
Location
For this country please use ABB's partner contact details
Name
Company
E-Mail
Phone
Zip code
Your message
Cancel

Thank you for your inquiry and interest in ABB.
We will get back to you as soon as possible.

Back

An error occurred and your inquiry could not be sent.
Please try again later.

Back

Your local ABB Sales Team

Your local ABB's partner contact

Your local ABB Sales Team

Your local ABB's partner contact

Name
Address
 
Phone
 
Fax
 
E-Mail
 
 

Please select country from the list

Close

Submit your inquiry

Please select country from the list below
Country
Location
For this country please use ABB's partner contact details
Name
Company
E-Mail
Phone
Zip code
Your message
Cancel

Thank you for your inquiry and interest in ABB.
We will get back to you as soon as possible.

Back

An error occurred and your inquiry could not be sent.
Please try again later.

Back

Your local ABB Service Team

Your local ABB's partner contact

Your local ABB Service Team

Your local ABB's partner contact

Name
Address
 
Phone
 
Fax
 
E-Mail
 
 

Please select country from the list

Close

Submit your inquiry

Please select country from the list below
Country
Location
For this country please use ABB's partner contact details
Name
Company
E-Mail
Phone
Zip code
Your message
Cancel

Thank you for your inquiry and interest in ABB.
We will get back to you as soon as possible.

Back

An error occurred and your inquiry could not be sent.
Please try again later.

Back

Your local ABB Emergency Team

Your local ABB's partner contact

Your local ABB Emergency Team

Your local ABB's partner contact

Name
Address
 
Phone
 
Fax
 
E-Mail
 
 

Please select country from the list

Close

Authorized Value Providers

Close
Contact Service unavailable