Role based access control
User Authentication in System 800xA is based on Windows Authentication through active directory or workgroups. The user access control is based on user, role and location and can be made on object and attribute level. Controlling “Who is allowed to do what actions from where, with which object”
The log over function enables a fast and temporary switch between users in the Operator environment, primarily to allow temporary usage for a user with more user rights than the logged in user. Thanks to this, access rights for the regular operator can be restricted to only the necessary functions but still allowing easy temporary access for more privileged users.
IPSec
The Internet Protocol Security (IPsec) is a protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. A tool, IPSec Configuration Tool, assists in configuring IPSec to protect the communication between clients and servers that are members of the Active Directory Domain in the 800xA system. It also offers the possibility to allow system nodes to communicate without using IPSec towards explicitly defined nodes that do not support IPSec.
Back-up and restore
Larger losses due to incidents are avoided through efficient disaster recovery. Total and selective backup and restores are possible through system administration features.
System configuration & maintenance
ABB projects follow strict security guidelines during engineering and commissioning. ABB maintenance work also follow stringent processes. The guidelines used been developed based on best practices, standards, and frameworks. Here are some of the areas covered:
- Secure Default Settings & Hardening
- Antivirus Software
- Patch Management
- Access & Account Management
- Backup & Recovery
- Plant Network Topology
- Secure Remote Access