English dropdown-ico

Manual Siemens Version: 1.2

18 pages 0.16 mb
Download

Go to site of 18

Summary
  • Siemens Version: 1.2 - page 1

    LISE-M EITNER-ALLEE 4 D - 44801 Boc hum TELEFON +49 (0) 234/43 87 02-09 TELE FAX +49 (0) 234/43 87 02-11 E-Mail info@e scrypt.com INTE RN ET www.e scrypt com Security Evaluation of the Siemens Scalance S 612/613 Security Module escrypt GmbH – Embedded Security http://www.escrypt.com Version: 1.2 Date: 19-Aug-05 █ escrypt GmbH GESCHÄFTSFÜHRER: ...

  • Siemens Version: 1.2 - page 2

    Index Index 1 Introducti on........................................................................................................ 4 2 Security Se rvices............................................................................................... 6 2.1 Assumptions .................................................................................. ...

  • Siemens Version: 1.2 - page 3

    Executive Summary Executive Summary The Scalance S 612/S 613 is a security module to protect the communication between automation networks and to avoid a ttacks to the networks. The security module provides the functionality of a fire wall and a virtual priv ate network (VPN). The system is based on the operating syst em VxWorks and the firewall an ...

  • Siemens Version: 1.2 - page 4

    1. Introduction 1 Introduction The Siemens Scalance S 613 is a security module which protects the communication between automat ion networks. It provides authentication, data integrity and confidentiality and protects against data theft and data manipulation. In automation engineering more and more components are being connected. The connection wit ...

  • Siemens Version: 1.2 - page 5

    1. Introduction Automation networks demand fo r a variety of security goals such that only basic default-rules are preset. Nonetheless, these default rules provide a secure configuration. The security modules are supposed to be easy to configure and handle, also by non IT-experts. The security module can still be pr ecisely configured according to ...

  • Siemens Version: 1.2 - page 6

    2. Security Services 2 Security Services The security module has two Ethernet inte rfaces, one to the internal network which is protected, and the other one to the external network. The interfaces are easily recognizable by a color marker in green an d red color. The processor is an Intel IXP425, it supports AES, SHA-1, MD5, DES and 3DES in hardwar ...

  • Siemens Version: 1.2 - page 7

    2. Security Services and 3 on the security module. The packe t filter controls the communication between the internal network and the external network (see Figure 2 ). Figure 2: Firewall function of the security module The firewall offers a packet filter adapt ed from OpenBSD for IP-packets with stateful packet inspection. Another packe t filter fo ...

  • Siemens Version: 1.2 - page 8

    2. Security Services Figure 3: VPN-function of the Security -module For the communication over a VPN the se curity modules are collected in groups. For each VPN there is a so called network certificate with corresponding private key that identifies the VPN. Each security module that belongs to the VPN holds a certificate which is signed wit h the p ...

  • Siemens Version: 1.2 - page 9

    2. Security Services 2.2.4 Firmware Update The firmware of the security device can be updated. For this purpose, Siemens supplies an encrypted and digitally signed firmware. The user has to authenticate to the security module before loadin g new firmware. The new firmware is transferred to the security module via HTTP s. The signature of the firmwa ...

  • Siemens Version: 1.2 - page 10

    2. Security Services 2.3.1 First Initiation At first initialization an IP address is as signed to the Scalance S moduls. After the IP configuration the modules can also be configured over the network. The first user to take the module in operation ent ers a user name and pass word which puts him in the position of administrator. After the security ...

  • Siemens Version: 1.2 - page 11

    2. Security Services • Exchange of addresses of the internal networks between security modules • Signalizing that a packet was reject ed because it was not received via an IPsec tunnel. The learning is always initiated if a node wants to communicate with another node and devices located in the same subnet actively scan by ICMP messages. The exc ...

  • Siemens Version: 1.2 - page 12

    3. Security Analysis 3 Security Analysis The security module is designed for the use in automation networks. For automation networks availability and robust ness are of first priority since the network must be protected against any failure so that the production never stops. For instance, in the chemical indus try this is extremely important. Of co ...

  • Siemens Version: 1.2 - page 13

    3. Security Analysis The implementation of the IKE protocol does not show any known security weaknesses. No known security weak nesses of the OpenBSD-Isakmpd daemon were found. Additionally, the system in corporates a VPN bridge to transport non- IP-packets through the IPsec-tunnel Bro adcast and multicast packets can be transported and also ISO-pr ...

  • Siemens Version: 1.2 - page 14

    3. Security Analysis The pf-packet filter of O penBSD does not include any know n weaknesses. A test of the filter rules set by t he configuration tool does not identify any implement ation failures. Also a test of the Layer-2 filt er e2f revealed no security weaknesses. 3.1.3 Firmware Update A new firmware version is provided in an encrypted way a ...

  • Siemens Version: 1.2 - page 15

    3. Security Analysis The MiniWeb server is well implemented. The SSL implementation does not show any failures. The only security weakness is the long life span of the certificate and the use of MD5 for the generat ion of the certificates. The key length of 1024 bits is sufficient for the next three to five years. 3.1.6 Time Synchronization and Log ...

  • Siemens Version: 1.2 - page 16

    3. Security Analysis 3.2.1 Configuration Files The configuration tool transfers t he configuration data via SSL. Hence, eavesdropping of the connecti on and determination of the data is not possible. The analysis of the configurat ion files gives only information about the default settings of the firewall. The rules defi ned in the configuration fi ...

  • Siemens Version: 1.2 - page 17

    4. Summary 4 Summary The security module is designed for using it in an automation network in order to protect the network from data theft and m anipulation as well as attacks from the external network. The reliabili ty of the network is of first priority, the aspect of security follows right after. Furthermore, the device needs to be easy to confi ...

  • Siemens Version: 1.2 - page 18

    5. References 5 References Functional Specification, Version 1.0, 7.10.2003 Security Target, Version 0.2, 31.10.2003 Instruction Handbook, 1/2005 Design Specification, 19.1.2004 19-Aug-05 escrypt GmbH 18 ...

Manufacturer Siemens Category Network Router

Documents that we receive from a manufacturer of a Siemens Version: 1.2 can be divided into several groups. They are, among others:
- Siemens technical drawings
- Version: 1.2 manuals
- Siemens product data sheets
- information booklets
- or energy labels Siemens Version: 1.2
All of them are important, but the most important information from the point of view of use of the device are in the user manual Siemens Version: 1.2.

A group of documents referred to as user manuals is also divided into more specific types, such as: Installation manuals Siemens Version: 1.2, service manual, brief instructions and user manuals Siemens Version: 1.2. Depending on your needs, you should look for the document you need. In our website you can view the most popular manual of the product Siemens Version: 1.2.

Similar manuals

A complete manual for the device Siemens Version: 1.2, how should it look like?
A manual, also referred to as a user manual, or simply "instructions" is a technical document designed to assist in the use Siemens Version: 1.2 by users. Manuals are usually written by a technical writer, but in a language understandable to all users of Siemens Version: 1.2.

A complete Siemens manual, should contain several basic components. Some of them are less important, such as: cover / title page or copyright page. However, the remaining part should provide us with information that is important from the point of view of the user.

1. Preface and tips on how to use the manual Siemens Version: 1.2 - At the beginning of each manual we should find clues about how to use the guidelines. It should include information about the location of the Contents of the Siemens Version: 1.2, FAQ or common problems, i.e. places that are most often searched by users in each manual
2. Contents - index of all tips concerning the Siemens Version: 1.2, that we can find in the current document
3. Tips how to use the basic functions of the device Siemens Version: 1.2 - which should help us in our first steps of using Siemens Version: 1.2
4. Troubleshooting - systematic sequence of activities that will help us diagnose and subsequently solve the most important problems with Siemens Version: 1.2
5. FAQ - Frequently Asked Questions
6. Contact detailsInformation about where to look for contact to the manufacturer/service of Siemens Version: 1.2 in a specific country, if it was not possible to solve the problem on our own.

Do you have a question concerning Siemens Version: 1.2?

Use the form below

If you did not solve your problem by using a manual Siemens Version: 1.2, ask a question using the form below. If a user had a similar problem with Siemens Version: 1.2 it is likely that he will want to share the way to solve it.

Copy the text from the picture

Captcha
New picture

Comments (0)