SIGUARD PDP Phasor Data Processing

SIGUARD PDPPhasor Data Processing

V06.20

Administrator Guide

E50417-H1076-C496-B5

Open Source Software

Preface

Table of Contents

Overview 1Network Security 2System Configurations 3SIGUARD PDP System Installation 4OPC 5ICCP 6Time Synchronization 7Security Settings 8Index

ii NOTEFor your own safety, observe the warnings and safety instructions contained in this document, if available.

Disclaimer of LiabilitySubject to changes and errors. The information given inthis document only contains general descriptions and/orperformance features which may not always specificallyreflect those described, or which may undergo modifica-tion in the course of further development of the products.The requested performance features are binding only whenthey are expressly agreed upon in the concluded contract.Document version: E50417-H1076-C496-B5.01Edition: 09.2020Version of the product described: V06.20

CopyrightCopyright © Siemens 2020. All rights reserved.The disclosure, duplication, distribution and editing of thisdocument, or utilization and communication of the contentare not permitted, unless authorized in writing. All rights,including rights created by patent grant or registration of autility model or a design, are reserved.

TrademarksSIPROTEC, DIGSI, SIGRA, SIGUARD, SIMEAS SAFIR, SICAM,and MindSphere are trademarks of Siemens. Any unauthor-ized use is prohibited.

Open Source Software

The product contains, among other things, Open Source Software developed by third parties. The OpenSource Software used in the product and the license agreements concerning this software can be found in theReadme_OSS. These Open Source Software files are protected by copyright. Your compliance with thoselicense conditions will entitle you to use the Open Source Software as foreseen in the relevant license. In theevent of conflicts between Siemens license conditions and the Open Source Software license conditions, theOpen Source Software conditions shall prevail with respect to the Open Source Software portions of the soft-ware. The Open Source Software is licensed royalty-free. Insofar as the applicable Open Source SoftwareLicense Conditions provide for it you can order the source code of the Open Source Software from yourSiemens sales contact – against payment of the shipping and handling charges – for a period of at least3 years after purchase of the product. We are liable for the product including the Open Source Softwarecontained in it pursuant to the license conditions applicable to the product. Any liability for the Open SourceSoftware beyond the program flow intended for the product is explicitly excluded. Furthermore any liabilityfor defects resulting from modifications to the Open Source Software by you or third parties is excluded. Wedo not provide any technical support for the product if it has been modified.

SIGUARD PDP, Phasor Data Processing, Administrator Guide 3E50417-H1076-C496-B5, Edition 09.2020

4 SIGUARD PDP, Phasor Data Processing, Administrator GuideE50417-H1076-C496-B5, Edition 09.2020

Preface

Purpose of the ManualThis manual is a reference for the SIGUARD PDP software. It provides an overview of use and configurationoptions.

Target AudienceThis manual is addressed mainly to the operational crew, commisioning engineers, and quality managers whoare responsible for the configuration, parameterization, and monitoring of power systems and their compo-nents.

ScopeThis manual is valid for SIGUARD PDP.

Additional SupportFor questions about the system, contact your Siemens sales partner.

Customer Support CenterOur Customer Support Center provides a 24-hour service.Siemens AGCustomer Support CenterHumboldtstraße 5990459 NurembergGermanyPhone: +49 911 6505 6505E-mail: [email protected]

Training CoursesInquiries regarding individual training courses should be addressed to our Training Center:Siemens AG Phone: +49 (911) 433-7415Siemens Power Academy TD Fax: +49 (911) 433-7929Humboldtstrasse 59 E-mail: [email protected] Nuremberg Internet: www.siemens.com/poweracademyGermany

Notes on SafetyThis document is not a complete index of all safety measures required for operation of the equipment (moduleor device). However, it comprises important information that must be followed for personal safety, as well asto avoid material damage. Information is highlighted and illustrated as follows according to the degree ofdanger:


mailto:[email protected]

mailto:[email protected]

http://www.siemens.com/poweracademy

! DANGERDANGER means that death or severe injury will result if the measures specified are not taken.

² Comply with all instructions, in order to avoid death or severe injuries.

! WARNINGWARNING means that death or severe injury may result if the measures specified are not taken.

² Comply with all instructions, in order to avoid death or severe injuries.

! CAUTIONCAUTION means that medium-severe or slight injuries can occur if the specified measures are not taken.

² Comply with all instructions, in order to avoid moderate or minor injuries.

NOTICENOTICE means that property damage can result if the measures specified are not taken.

² Comply with all instructions, in order to avoid property damage.

ii NOTEImportant information about the product, product handling or a certain section of the documentationwhich must be given attention.

Preface


Table of Contents

Open Source Software..................................................................................................................................3

Preface..........................................................................................................................................................5

1 Overview.................................................................................................................................................... 111.1 General.............................................................................................................................121.2 Recommended Actions that Make Your System More Secure..............................................131.3 Recommended Rules for Improving the Security Process.................................................... 14

2 Network Security........................................................................................................................................ 152.1 Overview.......................................................................................................................... 162.2 SIGUARD PDP Ports Used................................................................................................... 172.3 Network Configuration with IPSec..................................................................................... 18

3 System Configurations............................................................................................................................... 193.1 Redundancy Versions........................................................................................................ 203.2 System Configuration without Communication Redundancy.............................................. 213.3 System Configuration with Communication Redundancy................................................... 223.4 System Configuration with Server Redundancy ................................................................. 233.5 System Configuration with Communication and Server Redundancy.................................. 253.6 Offline Archiving...............................................................................................................263.6.1 Overview.....................................................................................................................263.6.2 Configuration of the Offline Archive with the Administrator UI..................................... 273.6.3 Using the Administrator UI to Restore Data from the Ring Archive Stored on the Tape...28

4 SIGUARD PDP System Installation.............................................................................................................. 314.1 Installation Requirements..................................................................................................324.1.1 Hardware.................................................................................................................... 324.1.2 Software..................................................................................................................... 334.2 Installing the Software...................................................................................................... 344.2.1 Overview.....................................................................................................................344.2.2 Installation.................................................................................................................. 344.2.3 Other Manual Steps before the Initial Starting.............................................................. 354.2.3.1 User Management..................................................................................................354.2.3.2 Users and User Groups .......................................................................................... 374.2.3.3 Necessary Released Folders for SIGUARD PDP..........................................................384.2.3.4 Setting up Access Rights to the Released Folders of SIGUARD PDP ...........................394.2.3.5 Set Windows Firewall ............................................................................................ 394.2.4 Licensing SIGUARD PDP................................................................................................404.2.4.1 Prepare Licensing .................................................................................................. 404.2.4.2 Executing Licensing............................................................................................... 414.2.5 Assign Parameters of SIGUARD PDP.............................................................................. 41


4.2.6 Launching SIGUARD PDP.............................................................................................. 414.2.6.1 Overview............................................................................................................... 414.2.6.2 Specify the Communication and Archive Configuration with the Administrator UI... 424.2.6.3 Managing User Rights............................................................................................ 454.2.6.4 Initialization of the Ring Archive............................................................................. 464.2.6.5 Service Control Tab................................................................................................ 464.2.6.6 Tab Status..............................................................................................................494.2.6.7 Service & Process Settings Tab................................................................................534.2.7 Other Functions of the Administrator UI.......................................................................534.2.7.1 Checking the Configuration....................................................................................534.2.7.2 Validating and Activating....................................................................................... 554.2.8 Procedure Descriptions................................................................................................ 594.2.8.1 Installing a New Version of SIGUARD PDP................................................................594.2.8.2 Adding a Redundant Server to a System..................................................................594.2.8.3 Removing a Defective Server from a System........................................................... 614.2.8.4 Reducing the Archive............................................................................................. 624.2.8.5 Enlarging the Archive............................................................................................. 624.2.9 Diagnostic Tool Communication UI.............................................................................. 634.3 Uninstalling the Software..................................................................................................734.3.1 Uninstalling SIGUARD PDP............................................................................................734.3.2 Removing the SIGUARD PDP License.............................................................................74

5 OPC............................................................................................................................................................. 755.1 Overview.......................................................................................................................... 765.2 OPC Server Installation...................................................................................................... 775.3 Configuring the OPC Server............................................................................................... 785.3.1 General....................................................................................................................... 785.3.2 Local Basic Security Settings........................................................................................ 785.3.3 Configuring DCOM...................................................................................................... 805.3.4 OPC DA Server Configuration....................................................................................... 845.3.5 OPC Enum Server Configuration...................................................................................915.3.6 OPC Firewall Settings...................................................................................................93

6 ICCP...........................................................................................................................................................1016.1 General...........................................................................................................................1026.2 Installation of the ICCP Driver.......................................................................................... 1036.2.1 Installation Preparation..............................................................................................1036.2.2 Installation................................................................................................................ 1036.3 Licensing the ICCP Driver ................................................................................................ 1046.4 Editing the Configuration File..........................................................................................106

7 Time Synchronization...............................................................................................................................1117.1 Overview ....................................................................................................................... 1127.2 Configuration of Time Synchronization with the Administrator UI.................................... 1147.3 Hopf Time Server Installation...........................................................................................1167.4 Uninstalling NTPD of the Hopf Card................................................................................. 1177.5 NTP Daemon...................................................................................................................1187.6 Configuration File for the NTPD....................................................................................... 1197.7 Driver for the Hopf6039 Card.......................................................................................... 122

Table of Contents


7.8 Sample Configurations.................................................................................................... 1247.8.1 Overview...................................................................................................................1247.8.2 PCI Card as Timer.......................................................................................................1247.8.3 PCI Card Configuration Files....................................................................................... 1257.8.3.1 Configuration File - Server.................................................................................... 1257.8.3.2 Configuration File - Clients................................................................................... 1257.8.4 External Radio Clock or NTP Time Server as Timer.......................................................1257.8.5 NTP Configuration File............................................................................................... 1267.8.5.1 Configuration File - Clients................................................................................... 1267.8.6 Finishing Configuration............................................................................................. 127

8 Security Settings.......................................................................................................................................1298.1 Overview........................................................................................................................ 1308.2 The Desktop Firewall.......................................................................................................1318.3 Logging.......................................................................................................................... 1348.3.1 General..................................................................................................................... 1348.3.2 Logging with the Event Viewer for Windows 10 (Local Computer) and Windows

Server 2016 (Remote Computer)............................................................................... 1358.4 User Management.......................................................................................................... 1428.4.1 Set Local Access Rights.............................................................................................. 1428.5 IPSec Tunneling.............................................................................................................. 1448.5.1 IPSec Tunnel between SIGUARD PDP Server and Local Computer................................ 1448.5.1.1 General ...............................................................................................................1448.5.1.2 IPSec Configuration..............................................................................................1448.5.2 IPSec Tunnel between PMU and SIGUARD PDP Server................................................. 1588.5.2.1 General................................................................................................................1588.5.2.2 IPSec Configuration..............................................................................................1588.6 Protection Against Malware.............................................................................................1598.6.1 General..................................................................................................................... 1598.6.2 Virus Scanning System...............................................................................................1598.7 Patch and Update Information.........................................................................................161

Index.........................................................................................................................................................163

Table of Contents


Overview

1.1 General 121.2 Recommended Actions that Make Your System More Secure 131.3 Recommended Rules for Improving the Security Process 14

1


GeneralThis manual is intended for the system administrator for the operator of the SIGUARD PDP system. It describesthe network structure and gives instructions for improving the security in the network.The manual consists of the following main parts:

• General rules for system security

• Instructions for network topology

• Installation of the SIGUARD PDP components

• Time synchronization

• Details on security settings

• Hints about the OPC and ICCP communication components

1.1

Overview1.1 General


Recommended Actions that Make Your System More SecureIn order to make your SIGUARD system more secure, observe the following points:

• Create a list of services (ports and protocols) that are used in the IT system. You can use this list toconfigure the firewall in your system.

• Follow the recommendation to activate the Windows Desktop firewall and comply with the description ofwhich ports must be opened for incoming data traffic.

• Deactivate all unnecessary services, for example, File and Printer sharing for Microsoft networks.

• Create a special Windows user group Users for your installed program. Only this user group may have theauthorization to launch the corresponding program and to navigate to the folders. This user group maybe granted only read access to the shared folder of the SIGUARD PDP Server.

• Create users who are members of the Windows user group Users and the defined user group, forexample, SIGUARD PDP Engineer.Do not use an Administrator user account for normal work with the computer.Only the defined users may be authorized to use the installed program, but not normal Windows users.This procedure ensures a high degree of security and prevents intrusion of malware, such as foreign DLLor EXE files.

• If there is direct access to the Internet, always activate the automatic update function in Windows andupdate all software products from third parties, such as Adobe Acrobat Reader, for example, or the OracleJava runtime environment. Many other programs offer an automatic update service. If there is no directaccess to the Internet, you can update the software manually or run WSUS (Windows Server UpdateService).If updates through WSUS require a reboot, gaps occur in the archive in a non-redundant configuration.

• In order to prevent intrusion of malware via storage media (CD-ROM, USB stick, among others) or viashared data usage, install an approved virus scanner on your system with the setting on access.If there is direct access to the Internet, then take note that only virus software updated daily with virussignatures ensures a high degree of security. For all systems, the virus signatures must be made availableautomatically or manually.

• To guarantee the completeness and the discretion of the data transmitted between the user interfaceand the SIGUARD PDP Server, the data can be encrypted. For this, the IPSec function implemented inWindows is used to make the data transmission more secure.You can find more information in chapter 8.5.1 IPSec Tunnel between SIGUARD PDP Server and LocalComputer.

• In order to communicate with other partners, use the IPSec solution integrated in Windows for a secureand authenticated data connection, using simple text protocols. If you use a firewall, enable the IPSecprotocol (ESP/UDP Port 500 or UDP Port 4500/UDP Port 500).Further information on this can be found in chapters 8.5.1 IPSec Tunnel between SIGUARD PDP Serverand Local Computer and 8.5.2 IPSec Tunnel between PMU and SIGUARD PDP Server.

• Use the Windows Task Scheduler to back up the engineering data to an external drive or a shared folderon a regular basis. This ensures that the engineering data can be restored without or with only little datalost in case of a system failure.

• Collect and store the protocol files within a certain timeframe. Remote access to the protocol files of theSIGUARD PDP Server occurs via the Remote Registry Service available in Windows. The Event Viewer, astandard program by Microsoft, is used.

1.2

Overview1.2 Recommended Actions that Make Your System More Secure


Recommended Rules for Improving the Security ProcessTo ensure the security process for your SIGUARD system, adhere to the following rules:

• Never use the Windows user account Guest. Always deactivate this user account!

• Allow access only if absolutely necessary and only for the appropriate user groups. Delete the group forthese access rights and add the correct user group. Set the read and write rights with the Security Func-tion.

• Do not use any account that belongs to the administrator group for normal work on your computer.

• Do not use any simple passwords for the user account. Adhere to the rules for passwords that apply inyour company.

• If possible, change your password at regular intervals.

• Do not work in Windows without activating the Desktop Firewall, unless you have a reliable, limitedsecurity zone installed on your system.

• Furthermore, work only with Windows updated with patches if your system is not installed within a reli-able and limited security zone.

• Do not work in Windows without a current virus scanner, unless your system is installed within a reliable,limited security zone.

• Whenever possible, do not use third-party software with known security gaps. If required, set up a reli-able, limited security zone.

• Do not install any unreliable software on the system with which you are working.

1.3

Overview1.3 Recommended Rules for Improving the Security Process


Network Security

2.1 Overview 162.2 SIGUARD PDP Ports Used 172.3 Network Configuration with IPSec 18

2


OverviewIn this chapter, you find an overview of the security configuration of the SIGUARD network. The SIGUARDnetwork is not a standalone network, but rather a distributed system. The system is connected to differentnetwork zones that must satisfy different security requirements.For this reason, Siemens recommends implementing the concept for secured networks described here. If youhave defined your own, limited security zones with strict security conditions, one or 2 security tunnels ormechanisms can be dispensed with, as necessary.

2.1

Network Security2.1 Overview


SIGUARD PDP Ports UsedSIGUARD PDP uses the following ports for the various functions of the listed programs:

• SIGUARD service interface (communication between server and UI):– Program PDPx64.exe, Port 4714 (Read from PDP), Port 4715 (Write to PDP)

Configurable in Administrator UI– Program SPWx64.exe, Port 4716

Configurable in Administrator UIYou can find more information in chapter 4.2.6.2 Specify the Communication and Archive Configurationwith the Administrator UI.

• PMU communication:Program PDPx64.exe; for TCP: port assigned by the operating system; for UDP: 4713Configurable in Engineer

• PDC communication:Program PDCServer.exe, port 4712 for TCP and 4713 for UDPConfigurable in Engineer

• ICCP:Program osill2d.exe, port: 102 (only TCP)

• IEC 60870-5-104:Standard port: 2404 for TCPConfigurable in Engineer

• OPC:Program DAServer.exe, port: assigned by operating system

• OPC:Program opcenum.exe, port: assigned by operating system

• NTP daemon (if used as NTP server):Program ntpd-sag.exe, Port: 123 (only UDP)

Set up the firewall so that communication for the previously listed programs and/or ports is possible.

2.2

Network Security2.2 SIGUARD PDP Ports Used


Network Configuration with IPSecWith this configuration, you can achieve completely encrypted data traffic:

• Between the programs SIGUARD PDP UI, SIGUARD PDP Engineer, and SIGUARD PDP Server

• Between the PMU and the SIGUARD PDP ServerIn many PMUs, IPSec is not supported directly in device communication. For this reason, additional hardware,the Siemens Scalance S Security Module, is required. Configuration and operation of the Scalance S SecurityModule is simple. The other security tunnels can be configured via a Windows-native application.You can find more information on configuration in chapter 8.5.1.2 IPSec Configuration.

[dwipsect-corrected, 2, en_US]

Figure 2-1 Network with Windows-Native IPSec Tunnel and Security Module Scalance S

ii NOTEFor network configuration with IPSec, you can also configure a LAN redundancy. In this case, however, aseparate Scalance S security module must be used at the interface to the WAN. You can also configure theserver redundancy.

2.3

Network Security2.3 Network Configuration with IPSec


System Configurations

3.1 Redundancy Versions 203.2 System Configuration without Communication Redundancy 213.3 System Configuration with Communication Redundancy 223.4 System Configuration with Server Redundancy 233.5 System Configuration with Communication and Server Redundancy 253.6 Offline Archiving 26

3


Redundancy VersionsSIGUARD PDP supports various redundancy versions:

• Server redundancyFor this redundancy, 2 identical SIGUARD PDP servers are installed. There is no data loss if one of the 2servers fails. By using server redundancy, configuration changes can also be made without data loss. Forserver-redundancy operation, a file server with high availability and sufficient hard-disk capacity isneeded.

• Communication redundancyWith communication redundancy, SIGUARD PDP has the ability to provide communication connections toPMUs and other PDCs via 2 separate LAN/WAN connections. In the case of interrupted communicationresulting from failure of a communication device (LAN adaptor, switch, router, etc.), the data from thePMU continue to be received and data continues to be sent to the other PDC; there is no data loss.

This results in the following system configurations:

• Complete system (server and UI on one computer) without communication redundancy

• Complete system (server and UI on one computer) with communication redundancy

• Distributed system (1 server on one computer, one or more UI computers) without communicationredundancyYou can find more information in chapter 3.2 System Configuration without Communication Redun-dancy.

• Distributed system (1 server on one computer, one or more UI computers) with communication redun-dancyYou can find more information in chapter 3.3 System Configuration with Communication Redundancy.

• Distributed redundant system (2 redundant servers, one or more UI computers) without communicationredundancyYou can find more information in chapter 3.4 System Configuration with Server Redundancy .

• Distributed redundant system (2 redundant servers, one or more UI computers) with communicationredundancyYou can find more information in chapter 3.5 System Configuration with Communication and ServerRedundancy.

3.1

System Configurations3.1 Redundancy Versions


System Configuration without Communication RedundancyThe following figure shows an example of a system configuration for the SIGUARD system without communi-cation redundancy. Normally, the PMUs are distributed at station level statewide. The SIGUARD PDP Server,SIGUARD PDP UI computer, and SIGUARD PDP Engineer computer can be separated. Alternatively, the configu-ration can consist of a system at office level with a joint UI and Engineer environment.

[dw system configuration wo redundancy 240314, 2, en_US]

Figure 3-1 System Configuration without Communication Redundancy (Example)

3.2

System Configurations3.2 System Configuration without Communication Redundancy


System Configuration with Communication RedundancyTo increase transmission security, you can configure the SIGUARD network with 2 LANs (LAN A and LAN B).Each PC is connected to both LANs. Each LAN is connected via separate router with the Wide Area Network(WAN). The following figure shows an example of a system configuration for the SIGUARD system with LANredundancy.

[dw system configuration w communication redundancy 240314, 2, en_US]

Figure 3-2 System Configuration with Communication Redundancy (Example)

The figure shows the communication via PRP (Parallel Redundancy Protocol). You can find information oncommunication via HSR (High-Availability Seamless Redundancy Protocol) in the SIPROTEC 5 CommunicationProtocols manual.

3.3

System Configurations3.3 System Configuration with Communication Redundancy


System Configuration with Server Redundancy To increase the security when archiving measured data, you can configure the SIGUARD network with 2SIGUARD PDP servers (server 1 and server 2) and a highly available and satisfactorily performing networkshare. This network share can be established from a redundant File Server 1 and File Server 2 with an SAS(Serial Attached Storage).The SAS should be equipped as follows:

• Redundant power supplies

• Redundant SAS network interface cards

• Redundant hard disks (RAID 10)The following figure shows an example of a system configuration for the SIGUARD system with server redun-dancy.

[dw server wo communication redundancy, 3, en_US]

Figure 3-3 System Configuration with Server Redundancy (Example)

Storing Archive DataUninterrupted storage of archive data must be guaranteed in the event of redundancy switching due to a faulton a SIGUARD PDP Server. To ensure this, you must set the DurableHandleV2TimeoutInSecond value to 29on the Cluster Nodes in the Server Message Block (SMB) in the Registry Key. Proceed as follows:

• Start Windows Powershell on the currently active cluster computer.

• Enter the Powershell command Set-SmbServerConfiguration –DurableHandleV2TimeoutInSecond 29.This sets the value of the Registry Key to 29 seconds.

3.4

System Configurations3.4 System Configuration with Server Redundancy


• Press the Return key to confirm the safety prompt. The preset response to the safety prompt is Yes.

• Restart the cluster computer.

• Check the new setting in Powershell with the command Get-SmbServerConfiguration.

• Repeat these steps for the 2nd cluster server.

System Configurations3.4 System Configuration with Server Redundancy


System Configuration with Communication and ServerRedundancyYou can combine communication and server redundancy:

[dw server and communication redundancy, 3, en_US]

Figure 3-4 System Configuration with Communication and Server Redundancy

The figure shows the communication via PRP (Parallel Redundancy Protocol). You can find information oncommunication via HSR (High-Availability Seamless Redundancy Protocol) in the SIPROTEC 5 CommunicationProtocols manual.

3.5

System Configurations3.5 System Configuration with Communication and Server Redundancy


Offline Archiving

Overview

To be able to store WAMS data cost-efficiently for several years, SIGUARD PDP offers functions for offlinearchiving. The concept of offline archiving stipulates that data is stored on an LTO (Linear Tape Open) tape.To be able to provide the data with sufficiently high speed for the LTO tape, a separate server with a StagingArea is used. This Staging Area must be reachable as a network share by the SIGUARD PDP server. The StagingArea is subdivided into 2 parts:

• Store to tape:Parts of the ring archive are copied into this directory regularly and automatically by SIGUARD PDP, forexample 1 x per day, in order to be copied to the LTO tape from there.

• Restore from tape:The parts of the ring archive stored on the tape must be restored into this directory. The part of the ringarchive is restored from this directory as a permanent archive via an operation in the Administrator UI.After successful restoration, these parts can be displayed as a permanent archive in the UI, see SIGUARDPDP Manual, chapter 3.5.

Siemens recommends using a separate server with a RAID for the network share of the Staging Area and theconnection to an LTO tape drive.The archiving and reconstruction process takes place in several steps, some of which run automatically:

• The data of the last part of the ring archive is automatically copied into a directory of the Store to tapesection in the Staging Area regularly, for example 1 x per day. At the end of the copying process, anempty semaphore file StagingArea.sema is created.

• If the semaphore file exists, the corresponding directory must be copied to the tape using the LTO soft-ware. Siemens recommends deleting the directory in the Staging Area after the copying process usingthe LTO software has been completed successfully. This process should be automated using the LTO soft-ware.

• If data from the offline archive is to be reused in SIGUARD PDP again, the corresponding part (or also thecorresponding parts) must be copied from the LTO tape into the Restore from tape section of theStaging Area using the LTO software.

• After complete restoration of the data from the LTO tape, the data must be copied into the permanentarchive using the Administrator UI.

3.6

3.6.1

System Configurations3.6 Offline Archiving


[dw_server and com redundancy archive, 1, --_--]

Figure 3-5 Extension of the SIGUARD PDP Architecture for Offline Archiving

The use of the offline archiving functionality in a project is limited by:

• The size of the project

• The bandwidth of the network

• The transmission rate of the hard disks (ring archive and Staging Area)

Configuration of the Offline Archive with the Administrator UI

To modify the configuration of the offline archive, SIGUARD PDP must be stopped completely by stopping theSPW service. Otherwise, the configuration is only displayed and cannot be modified.Regarding the modifications of the offline-archive configuration described in the following sections, see alsoFigure 3-6.If you use SIGUARD PDP as a data concentrator without archive function, the functionality Offline Archive isnot possible.

Procedure

² Start the Administrator UI.

² Select Configuration →Edit.² Change to the Archive tab.

² Using the Active check box, select whether the offline archiving function is to be active or not.

² Define the storage location of the Store to tape part of the Staging Area.

² Define the storage location of the Restore from tape part of the Staging Area.

3.6.2



² In case of large projects, performance problems of the system can occur due to the generation of apermanent archive from the Restore from tape section of the Staging Area. The performance problemsof the system can lead to a loss of the current PMU data. If these performance problems occur, you canuse the Data-flow control to restrict the data flow to the permanent archive, for example to 50 % of themaximum speed.

The maximum transmission rate limits the writing from the Staging Area to a permanent archive. Limiting thetransmission rate protects the writing of the online data into the ring buffer.

[sc_Config_Editor_Archive, 2, --_--]

Figure 3-6 Configuration of the Offline Archive

Using the Administrator UI to Restore Data from the Ring Archive Stored onthe Tape

The data from the ring archive that was stored on the tape can be read back into the Staging Area of theoffline archive. The parts of the ring archive which are then available there can be displayed in the Adminis-trator UI (see the following figure). From there, you can select these parts individually or in groups so that

3.6.3



they can be transferred into the permanent archive. Then, the selected data can be displayed in the SIGUARDPDP UI.

Procedure


² Change to the Offline Archive tab.

[sc_Offline_Archive, 1, --_--]

Figure 3-7 Parts Available in the Offline Archive for Restoration in the Permanent Archive, with Start Timeand Status.

The Offline archive function icon indicates the status of the offline archiving function:



Icon MeaningThe function is not active.

The function is active, restore jobs can be assigned.

There is no connection to the PDP server, restore jobs cannot be assigned. Check whetherSIGUARD PDP is running (tabs Service control and Status).

The list displays all the directories that have been copied from the LTO tape into the Restore from tapesection of the Staging Area.

• The column Restore part name shows the directory name.

• The column Part starts at shows the starting point converted to local time.

• The column Status shows the status of the part:– New: The part has been copied from the LTO tape, but the restore job has not been created yet.– Restoring: A restore job has been assigned and is being processed. This process can take up to

several hours depending on the size of the project.– Restored: The restore job has been carried out successfully; the part is available in the UI as a

permanent archive.– Error: An error has occurred. Open the Windows event display using Tools → Start local Windows

event log to display details of the error message in the PDP Application log.– Unknown: The connection to the PDP server has been interrupted, for example when a configura-

tion change has been activated. It is no longer possible to say whether a restore job was successful.If the restore job has been carried out successfully, then the entry is automatically deleted from thelist.

With the Remove restored parts from list button, you can delete successfully performed restore jobs fromthe list.With the Refresh available parts list button, you can force a comparison of the displayed list with thecontents of the Restore from tape directory manually. This comparison is normally carried out automatically.To copy one or more parts from the Restore from tape section into the permanent archive, select the nameand click the Restore button.

ii NOTEFor a given part of the ring archive, the respective dataset time ranges do not exactly match for thedifferent rates and can vary by a few seconds. It is therefore possible that not all data are displayed asexpected in the SIGUARD PDP UI. However, it is ensured that no data is lost, that is, data that is notdisplayed in the current part is present in the preceding or subsequent part. In this case, also restore thepreceding or subsequent part from the tape to make the data visible in the SIGUARD PDP UI.



SIGUARD PDP System Installation

4.1 Installation Requirements 324.2 Installing the Software 344.3 Uninstalling the Software 73

4


Installation Requirements

Hardware

ComputerThe following hardware requirements apply to the SIGUARD system:

Table 4-1 Hardware Requirements for SIGUARD

Hardware Minimum Requirements Recommended Require-ments

SIGUARD PDP Server Processor Intel processor,at least Intel Core i5

Intel processor(s),for example, 4x XeonE5-4617 0

Clock frequency 2.0 GHz 2.9 GHzPrimary storage (64-bitoperating system)

8 GB 32 GB

Free hard disk space 4 GB (operating system)Archive, see below

Graphics card Standard graphics card DirectX V9.0c compatibleUSB port USB 2.0Network interface 100 Mbit/s 1 Gbit/s

SIGUARD UI computer Processor Dual Core i3 Quad CoreClock frequency 2.0 GHz ≥ 2.5 GHzPrimary storage (64-bitoperating system)

4 GB 8 GB

Free hard disk space 4 GB (UI)Graphics card DirectX V9.0c compatible

SIGUARD PDP Engineercomputer

seeSIGUARD UI computer

Disk Space for the ArchiveFor quick processing of the archive (saving, opening), the permanent archive and the ring archive should beplaced on 2 separate, physical hard disks.The disk space requirement must be made available in accordance with the following conditions:

Table 4-2 Requirements for the SIGUARD Hardware - Storage Capacity

Hardware Minimum Requirements Recommended Require-ments

Ring archive With the following boundary conditionsPMUs/with 8 channelseach

8 14

Channels 64 112Repetition rate (values/second)

10 10

Storage period 7 days 7 daysFree hard disk space Approx. 14 GB Approx. 25 GB

For storage of events, alarms and time ranges, additional free hard disk space is required.

4.1

4.1.1

SIGUARD PDP System Installation4.1 Installation Requirements


ii NOTEThe hard disk drive on which the SIGUARD PDP Archive is set up must be formatted for the NTFS (NewTechnology File System) file system.

Software

Operating Systems

Table 4-3 Supported Operating Systems

Operating System SIGUARD ComputerSIGUARD PDP Server SIGUARD PDP UI

Computer:SIGUARD PDP EngineerComputer

Windows 10 Pro, version1909 (64-bit)

X X

Windows Server 2016,LTSC version 1607 (64-bit)

X

ii NOTENote the following when working with Windows 10:Some sections of this manual describe the procedure with previous Windows versions. Use the corre-sponding functions when working with Windows 10.Always switch off the hibernation mode in Windows 10 before starting SIGUARD PDP: Select the menuControl Panel > Power options. Select Show Additional Power Saving Plans. Mark Highest Perform-ance.

4.1.2

SIGUARD PDP System Installation4.1 Installation Requirements


Installing the Software

Overview

You set up SIGUARD PDP on your computer via an installer. During installation, you transfer all the necessarydata onto your computer:

• SIGUARD PDP

• Automation License ManagerIn order to be able to use SIGUARD PDP, license SIGUARD PDP after installation using the Automation LicenseManager (see the Automation License Manager manual).The installation of the OPC and ICCP software components is performed during setup of SIGUARD PDP and forICCP with an additional software add-on.

ii NOTEIf SIGUARD PDP is installed without ICCP/OPC, SIGUARD PDP has to be uninstalled, the computer restarted,and SIGUARD PDP including ICCP/OPC installed.

Licensing is performed separately for each software component.Notes on the installation of the software components can be found in the corresponding chapters of theAdministrator Manual.

ii NOTEYou can install SIGUARD PDP and ICCP Add-on in whatever sequence you select.

Installation

You can find information on how you proceed if you have already installed a version of SIGUARD PDP andwant to install a newer version in chapter 4.2.8.1 Installing a New Version of SIGUARD PDP.

Boundary Conditions for the Installation of a Redundant SystemYou must keep some boundary conditions in mind for installation of a redundant system:

• Both servers must be installed identically:– The same SIGUARD PDP version must be installed on both servers.– The storage locations for the programs and the configuration files must be set up identically.– OPC must be installed or not on both servers.– ICCP must be installed or not on both servers.

• At least one highly available and satisfactorily performing network share must be available for thearchive.

• A runtime user is needed for the SIGUARD PDP SPW service.You can find more information in chapter 4.2.3.2 Users and User Groups .

• Use of SIGUARD PDP Engineer and the SIGUARD PDP UI on the server computers in a redundant system isnot supported and may possibly result in data loss.

Installation TypeDuring installation, you must specify the Installation type (Server or UI client).

4.2

4.2.1

4.2.2

SIGUARD PDP System Installation4.2 Installing the Software


ii NOTEThere must always be at least 1 server present in a SIGUARD PDP system. More than 8 SIGUARD PDP UIs canbe operated by this server. An unlimited license is required to operate more than 8 SIGUARD PDP UIs.

ii NOTEThe SIGUARD PDP Engineer is installed along with SIGUARD PDP UI. There is no separate installation optionwith SIGUARD PDP Engineer.

✧ When you install a SIGUARD PDP System which is composed of several computers, first install theSIGUARD PDP Server.

✧ Select between the installation types Server and UI Client.✧ When you wish to put a redundant system into service, install the 2nd SIGUARD PDP Server next and

then the SIGUARD PDP UI.

When installing SIGUARD PDP UI, enter the computer name on which the SIGUARD PDP Server is installed.

Starting InstallationTo install SIGUARD PDP, proceed as follows:✧ Insert the DVD with SIGUARD PDP into your DVD drive.✧ Open the file manager and double click the file Setup.exe in the root directory of the DVD.✧ Follow the instructions of the installation routine.✧ When you install SIGUARD PDP Server, select the software components OPC and/or ICCP if you want to

install them as well.✧ Specify the path for the 32-bit programs.✧ Specify the path for the 64-bit programs.

This path is queried only during the installation of the server.✧ Specify the path for the configuration files.

This path is queried only during the installation of the server.✧ Enter the name(s) of the server(s) (only for UI client).

Restart the Computer

✧ Restart the computer after installation.

ii NOTEDue to DOTNETFRAMEWORK_V4.7.1, 2 restarts may be necessary:

• During installation:Following this restart, Setup starts again automatically.

• After installation

Other Manual Steps before the Initial Starting

User ManagementSIGUARD PDP can be installed in various configurations:

• All-in-one:SIGUARD PDP Server, SIGUARD PDP UI, and SIGUARD PDP Engineer run on a single computer.

4.2.3

4.2.3.1



• Non-redundant server system:SIGUARD PDP Server runs on one server, the components SIGUARD UI and SIGUARD PDP Engineer onone or more workstation(s).

• Redundant server system:SIGUARD PDP Server runs simultaneously on 2 identical servers, the components SIGUARD PDP Engineerand SIGUARD PDP UI on one or more workstation(s)

For the last 2 configurations, you need authorization on the SIGUARD PDP Server for remote access toSIGUARD PDP Engineering and SIGUARD PDP UI.² Switch on the function File and Printer Sharing for Microsoft networks in the configuration of your

network card of your SIGUARD PDP system.- or -

² Permit incoming data traffic via the Desktop Firewall from Microsoft by selecting the function File andPrinter Sharing.

[agussha2-170611-09.tif, 1, --_--]

Figure 4-1 Configuration of the Network Card



[agussh02-120811-12.tif, 1, --_--]

Figure 4-2 Configuration via Windows Firewall Settings

When all systems are installed on a computer, no File and Printer Sharing is necessary.Then deactivate the function File and Printer Sharing in the configuration of your network of your SIGUARDPDP systems or in the window Windows Firewall Settings on the tab Exceptions.In the configuration described in the following, SIGUARD PDP Engineer and SIGUARD PDP UI are installed onthe same computer. However, they have rights which enable SIGUARD PDP Engineer and SIGUARD PDP UI tobe used by various users.

ii NOTEFor simpler administration and a secure password strategy, Siemens recommends using the MicrosoftDomain Controller concept.For Windows Server 2016, see Technet Microsoft.

Users and User Groups SIGUARD PDP supports up to 4 user roles:

• AdministratorsUser group AdministratorsThe users who are responsible for the installation and operation of SIGUARD PDP on the servers and UIcomputers must be assigned to the Administrators Windows user group.

• Data Engineer:User group, for example, SIGUARD PDP EngineersThis group is created for users who are responsible for the data engineering of SIGUARD PDP.

4.2.3.2



http://technet.microsoft.com/library/hh831484

• Users with write accessUser group, for example, SIGUARD PDP UsersThis group is created for users who are allowed to use the SIGUARD PDP UI and are allowed to executethe following actions:– Create an export– Create, rename, and delete time ranges in the permanent archive– Change limiting values– Save connections defined in the UI in a permanent way

• Users with restricted rightsUser group, for example, SIGUARD PDP GuestsYou can create multiple user groups that do not have all the permissions of the group Users with writeaccess. With the Administrator UI, you can determine which of the following functions are not allowed:– Create an export– Create, rename, and delete time ranges in the permanent archive– Change limiting values– Save connections defined in the UI in a permanent wayIf a user belongs to the SIGUARD PDP Guests user group, the addition Restricted Mode is displayed inthe title bar.You can find more information on assigning rights to user groups in chapter 4.2.6.3 Managing UserRights.

For a system that uses network shares for archiving and/or storing exports, you need a SIGUARD PDP Runtimeuser, for example, SGRuntime, for access to the archive share.The corresponding access restrictions are established only via the authorization mechanisms of the Windowsoperating system used.

Establishing AuthorizationsTo establish authorizations, proceed as follows:² Create a SIGUARD PDP User user group.

² Assign all Windows users who are supposed to use the SIGUARD PDP UI to this user group.For this purpose, you can also create a function user, for example, SGUser.

For administrators, you can use the users present in Windows or create a separate group.

ii NOTEIf you use ICCP and/or OPC, the SIGUARD PDP Runtime user needs administrator rights, since SIGUARD PDPservice programs must be started for these functions.

Necessary Released Folders for SIGUARD PDPFor correct operation of SIGUARD PDP, you must create several released folders:

• SIGUARD_ConfigAll the configuration files of SIGUARD PDP are saved in this folder. This folder is specified during installa-tion. The default path is C:\ProgramData\Siemens Energy\SIGUARD PDP\Config. Note that the releasename (share) must be SIGUARD_Config.

• ExportAll CSV or COMTRADE export files of SIGUARD PDP are saved in this folder. In order to further process theexport files on a UI computer, set up this folder as a released folder with any release name.

4.2.3.3



• Archive2 different folders must be created for the ring archive and the permanent archive.In a server-redundant system, these folders must also be created as released folders with any releasenames. For the archive configuration from SIGUARD with the Administrator UI, you must enter theserelease names (redundant system) or folder names (non-redundant system). You can find more informa-tion in chapter 4.2.6.2 Specify the Communication and Archive Configuration with the Administrator UI.Note that these release folders for a redundant system must be on a highly available and sufficientlyperforming network share.

Sample Configuration

Function Path Name Release NameConfiguration files C:\ProgramData\Siemens Energy

\SIGUARD PDP\Config\\<server1>\SIGUARD_Config(cannot be changed)

Export files D:\SIGUARD PDP\Export \\<fileserver>\Export(freely selectable)

Ring archive E:\SIGUARD PDP\Ring Archive \\<fileserver>\RingArchive(freely selectable)

Permanent archive F:\SIGUARD PDP\Permanent Archive \\<fileserver>\PermanentArchive(freely selectable)

ii NOTEIn a non-redundant system, <server1> and <fileserver> are identical.In a redundant system, there must also be a released folder \\<server2>\SIGUARD_Config.In a non-redundant system, it is not necessary to release the ring archive and the permanent archive.

Setting up Access Rights to the Released Folders of SIGUARD PDP

² Set up the access rights for the SIGUARD PDP users and user groups in accordance with the followingtable:

Group Group Name User Released FoldersSIGUARD_Config Export Archive

Administrators Administrators – Full access Full access Full accessData Engineer For example SIGUARD

PDP Engineers– Write access No access No access

User For example SIGUARDPDP Users

– Read access Read access No access

For example SIGUARDPDP Guests

– Read access Read access No access

Runtime Write access Write access Write access

ii NOTEIf you want to further restrict the use of the programs SIGUARD PDP Engineer and SIGUARD PDP UI, followthe instructions in chapter 8.4.1 Set Local Access Rights.

Set Windows FirewallIf you use Windows Firewall, enable the release of the communication ports.You can find further information and instructions on this in the chapters 2.2 SIGUARD PDP Ports Used and8.2 The Desktop Firewall.

4.2.3.4

4.2.3.5



Licensing SIGUARD PDP

Prepare Licensing You license the SIGUARD PDP product by transferring the license from one or more license USB stick(s) to yourcomputer with the aid of the Automation License Manager (ALM) (see Automation License Manager manual).Individual licenses are required for all SIGUARD PDP components or applications. The license keys are adminis-tered exclusively on the SIGUARD PDP Server, that is, the ALM must be installed there, and it is there that thelicenses are queried by the SIGUARD PDP Server.During the runtime, the SIGUARD PDP Server queries the licenses and creates a connection to the SIGUARDPDP UI computer only if the corresponding licensing is present. Licensing is also used to check how manySIGUARD PDP UI computers may be operated on the SIGUARD PDP Server.When you wish to put a redundant system into service, you need each license twice: One for each server.

ii NOTE3 unlimited licenses (super licenses) are available for SIGUARD PDP:

• For more than 8 SIGUARD PDP UIs

• For more than 5 PDCs

• For more than 4 000 measuring channelsHowever, if the unlimited license is used for SIGUARD PDP UI, it cannot be guaranteed that certain perform-ance parameters will be achieved.

ii NOTEOn a computer with licensing administration (SIGUARD PDP Server), you may not execute any programswhich change the partitioning or structure of the hard-disk drives.This includes programs for hard-disk drive maintenance, such as, for example, repair, defragmentation, orpartitioning.If you use such programs, you risk losing your license!To prevent this, you must temporarily transfer the license key back to the license USB stick (see also chapter4.3.2 Removing the SIGUARD PDP License).

ii NOTEIf it is not possible to access a USB interface on the SIGUARD PDP Server where the licenses have to becopied, then the licenses must first be installed on the SIGUARD PDP UI computer. To do this, install theAutomation License Manager (ALM) on the SIGUARD PDP UI computer. Use the ALM setup in the directory\SetupData\InstallationData\ALM32\Setup.exe or \SetupData\InstallationData\ALM64\Setup.exe, dependingon whether you are using a 32-bit or 64-bit operating system.If the licenses are installed on the SIGUARD PDP UI computer and there is a network connection to theSIGUARD PDP Server, they can be transferred with the ALM from the SIGUARD PDP UI computer to theSIGUARD PDP Server.Access by the ALM that is installed on a SIGUARD PDP Server to a USB stick of a computer connected via aterminal session is no longer possible.

4.2.4

4.2.4.1



NOTICEThe C:\AX NF ZZ folder includes hidden files. You may not delete, move, or copy these files and folders.They contain data that are necessary for licensing your software!

Otherwise, you might lose the license irretrievably. To prevent irretrievable loss of your license,observe the following instructions:

² If you use an optimization program (for example, Scandisk/Defrag) that offers the possibility ofmoving fixed blocks of data, then you may only use this option only after you retransfer the licensesfrom the hard-disk drive back to the license USB stick.

² The license creates a cluster on the destination drive that is marked as defective. Do not attempt torestore this cluster.

² If overwriting a system with stored licenses (usually that is the SIGUARD PDP Server, but may also beanother computer with licenses stored there) with a backup, you risk losing your license. Therefore,Siemens recommends removing all licenses or excluding the directory C:\AX NF ZZ before creating abackup copy.

ii NOTEThere is a risk that the license USB stick is infected by viruses on the hard disks. You should therefore run avirus check on your computer every time you install or remove a license.

Executing LicensingYou license SIGUARD PDP as follows:² Place the included license USB stick in the USB port of the SIGUARD PDP Server.

² Click Start > Programs > Siemens Automation > Automation License Manager.

² Transfer the license from the license USB stick to the hard disk of the SIGUARD PDP Server.

ii NOTEIf you have received multiple license USB sticks, then repeat these steps.

Assign Parameters of SIGUARD PDP

After the installation and licensing, create a new project with the tool SIGUARD PDP Engineer, parameterize,and activate it.You can also expand functionalities of an existing project.For instructions, see the manual SIGUARD PDP - SIGUARD PDP Engineer - performance properties.

Launching SIGUARD PDP

OverviewThe program Administrator UI supports you with the following administrative tasks:

• Configuration of the servers which form a redundant system together or configuration of the server for anon-redundant system, including the associated IP addresses and port numbers of the communicationconnections

• Configuration of the released folders for the ring archive, permanent archive, and export, as well asconfiguration of the duration of the ring archive

• Configuration of the offline-archive function

4.2.4.2

4.2.5

4.2.6

4.2.6.1



• Configuration of time synchronization

• Selecting the SIGUARD PDP processes to be started

• Defining the system behavior when a process exhibits an error

• Installing and starting the SIGUARD PDP SPW service

• Displaying the redundancy state of the server and the state of the SIGUARD PDP processesAfter SIGUARD PDP has been reinstalled, you must use the tool to set up and activate the basic configurationand to install and start the SIGUARD PDP SPW service.You can use the tool to view the redundancy state and the SIGUARD PDP processes.

ii NOTETo run the Administrator UI program, administrator rights on the SIGUARD PDP Server are required.

There are 4 tabs within the Administrator UI program:

• The Status tab displays the overall state of the SIGUARD Server and the individual SIGUARD processes. Inthis tab, you can start or stop all SIGUARD processes with one click and change the redundancy state(switching from master and standby).You can find more detailed information in chapter 4.2.6.6 Tab Status.

• In the Service control tab, you can install and start the SIGUARD monitoring service SPW (SIGUARDProcess Watcher).You can find more detailed information in chapter 4.2.6.5 Service Control Tab.

• In the Server & Process settings tab, you can select which SIGUARD process should be started andchange the entire state of the server (running/stopped).You can find more detailed information in chapter 4.2.6.7 Service & Process Settings Tab.

• In the Offline Archive tab, you can configure the configuration of the offline archive on tape.You can find more detailed information in chapter 3.6 Offline Archiving.

Specify the Communication and Archive Configuration with the Administrator UIAfter a new project is activated with the SIGUARD PDP Engineer, the communication and archive configurationmust be specified once.

Specify Configuration


ii NOTEWith the first start of the Administrator UI after the first activation of the Engineer project, the Configura-tion editor is opened automatically.If the Configuration editor does not open automatically, open it manually via the Configuration Edit...menu.

² Enter the following data in the Server communication tab:

Settings for Server 1

² Activate the Enable check box.

² Enter the Host names of Server 1.

² Click the Get IP addresses button.The list boxes for the IP addresses of Server 1 are filled with the IP addresses found for this server in DNS.

4.2.6.2



² For the PMU communication, select the IP address to use for LAN A in the PMU section.If you use communication redundancy: For the PMU communication, select the IP address to use forLAN B.

² For communication involving the SPW services, select the IP address to use for LAN A. This IP address canbe identical to the IP address used for the PMU communication.If you use communication redundancy: For communication involving the SPW services, select the IPaddress to use for LAN B. This IP address can be identical to the IP address used for the PMU communica-tion.

ii NOTEIf you want to use a separate LAN for the SPW communication, this must absolutely be redundant. In caseof a failure of the SPW LAN, the archive is damaged and cannot be repaired.

Settings for IP Ports

² Check the default settings for the Read from PDP, Write to PDP and SPW communication ports. Adaptthese ports if necessary.

Settings for Server 2

² Make the settings for Server 2 in the same way as those for Server 1.

Archive Settings

² Change to the Archive tab.

² Use the check box to activate or deactivate the archive function Active.If you want to use SIGUARD PDP strictly as a data concentrator, for example, if no archived data isrequired, deactivate the archive function.

² Specify the path for the ring archive.

² Specify the path for the permanent archive.

² Specify the path for the files.The Data concentrator mode is used to transfer the measured values via the PDC server to a superordinateSIGUARD PDP system. A data concentrator has no archive.In the Data concentrator mode, other applications cannot run correctly in addition to the PDC server becausethey require the alarm status from the archive during startup. When using the SIGUARD UI, only online datacan be displayed in the Data concentrator mode. Activations such as persisting formulas or limits as well assaving exports and permanent archives are not possible. The alarm list and the map in the SIGUARD UI cannotdisplay correct data without the alarm status.



[sc_Configuration Editor Archive, 3, --_--]

Figure 4-3 Example of Paths in the Archive Settings

ii NOTESiemens recommends saving the ring and the permanent archives on separate hard disks in a non-redun-dant configuration.

ii NOTEIf you install a non-redundant system, you can use a local drive for these paths, for example, D:\SIGUARD...If you install a redundant system, you must use one or more network shares on a highly available and suffi-ciently performing file server, for example, \\<FileServer>\SIGUARD... .When using a distributed system (server/personal computer), Siemens recommends creating the exportfolder on a network share so that the export files can be accessed from the personal computer.

² Define the record duration of your ring archive, for example, 30 days.

² Validate your settings by clicking the Validate button or the icon.If the validation fails, note the displayed validation results and correct the configuration accordingly.Revalidate.

² If the validation was successful, activate the configuration.

² If the activation was successful, close the Configuration editor.



Managing User RightsIn the Configuration editor, you can create user groups and assign certain rights to these user groups. Forexample, you can set when a user should only have restricted access rights.

[sc_restricted user groups, 2, --_--]

Figure 4-4 Example of Restricted User Groups

Creating a User Group

² Open the Configuration editor via the icon.

- or -

² Open the Configuration editor via the menu Configuration > Edit.....² Select the tab Restricted user groups.

² Click Create to create a new user group.The entry field for the name of the user groups is highlighted in red.² Enter a name for the user group.

ii NOTENo distinction is made between upper-case and lower-case letters in the user-group name. If there isalready a user group with this name, you get a message indicating that the name you selected is notunique.

Assigning Rights for User Groups

² Select the user group for which you wish to assign rights.

² Select the desired rights.




4.2.6.3



Deleting User Groups

² Select the user group you wish to delete.

ii NOTEIf you delete a user group, the users from this user group get unrestricted rights. A warning messageappears when deleting a user group.

² Click Delete.




Initialization of the Ring ArchiveTo enable the required data throughput of the archive system and to prevent fragmentation of the archive,you must initialize the ring archive at this point of time of the installation.² After closing the Configuration editor, you are requested to use the Resize archive utility. This utility

also handles the initialization of the ring archive.Confirm the dialog with Yes.- or -

² Start the Resize archive utility later via the Utilities > Run resize archive utility menu.- or -

² Click the icon.

When the Resize archive utility window closes, a dialog displays the result. If the utility was run successfully,the Service control tab is displayed automatically.

Service Control TabIn the Service control tab, you can install and start the SIGUARD monitoring service SPW (SIGUARD ProcessWatcher).

4.2.6.4

4.2.6.5



[sc_Service Control tab, 3, --_--]

Figure 4-5 Service Control Tab

Installing and Starting the SPW Service

ii NOTEIf you create the archive on a system share, a SIGUARD Runtime User must be used due to the accessrestrictions of the system user in Windows.You can find more information in chapter 4.2.3.1 User Management.

² Click the Install button of the Local server SPW service.Once you have clicked Install, the dialog SIGUARD Runtime user credentials appears.



[sc_Runtime user credentials-100214, 4, --_--]

Figure 4-6 SIGUARD Runtime User Credentials Dialog

ii NOTEIf SIGUARD PDP uses a network share for archiving and/or storing exports, the SYSTEM account cannot beused. Therefore, this option is deactivated. You must use a you need a SIGUARD Runtime user.With a redundant system, you must install and start the service on both servers.

² If you use the SIGUARD Runtime User, enter the User Domain, the User name, and the Password. ClickOK to confirm.To change the SIGUARD Runtime user credentials later, select the Tools > Change runtime usercredentials menu or press the keyboard shortcut <Alt> + U.

The status of the SPW service is displayed as stopped.The SPW service and the processes controlled by this service are set to start automatically when the SIGUARDPDP server is booted.² If you want to prevent SIGUARD PDP from starting automatically when the server is booted, deactivate

the Yes (Start at boot) check box.

² Start the SPW service by clicking the Start button.After a few seconds, the running status is displayed.² If you use a redundant system, repeat the steps as necessary for the remote server.

ii NOTEAlthough the SPW service is running, the SIGUARD processes may possibly have not yet started. To startthe SIGUARD processes, use the Status tab.

² If a service does not start, an error message appears:



[sc_spw starting service failed, 1, --_--]

Figure 4-7 Service Not Started

² Next, check in the Communication UI Diagnostic Tool whether all connections between the SIGUARDPDP server and the PMUs have been established correctly and whether errors have occurred.You can find more information in chapter 4.2.9 Diagnostic Tool Communication UI.

Tab StatusThe Status tab displays the overall state of the SIGUARD Server and the individual SIGUARD processes. In thistab, you can start or stop all SIGUARD processes with one click and change the redundancy state (switchingfrom master and standby).

4.2.6.6



[sc_spw service with installled and started processes, 1, --_--]

Figure 4-8 Administrator UI, Service with Processes Installed and Started

The data for the processes of the local server are displayed on the left part of the Status tab; the data for theprocesses of the remote server are on the right.The Status of the services is displayed in the left column:



Table 4-4 Status Displays of the Administrator UI

Status ExplanationThis status for the process indicates that this process has been installed and started. Allstartup procedures have been completed.This status for the server indicates that the server has started all processes and is the Master.You can switch the server manually to Standby.This status indicates that the service/process was started in the startup procedure, but has notyet been completed.This status indicates that the service/process received a stop command and all procedures arebeing stopped.This status indicates that this service/process was installed and has not been started, and anaction (uninstall service or start service) is expected, or an error message has been generatedfor this service.This status is available only for the service.The status indicates that the server is in Standby and ready to function as Master. You canswitch the server manually to Master.This status is available only for the service.This status indicates that the server has started all processes, but not all data are available forarchiving in the event of switchover (status Standby incomplete or Master incomplete). Aslong as the server is in the Incomplete state, manual switchovers from Master to Standbyand vice versa are not possible. Manual switchovers are possible if one server is in the Masterstate and the other server is in the Standby state. Depending on the configuration, this statecan last for up to 20 minutes. A server in the Standby incomplete status would enter theMaster state if the server that has the Master state fails. However, it is then possible thatdata is missing in the archive.

This status is available only for the service.This status indicates that at least one of the processes of the server has reported an error(status Standby error or Master error).

This status is available only for the service.This status is the combination of the Incomplete and Error states (status Standby incom-plete error or Master incomplete error).

This status indicates that the server or process has entered the Stopped state.



The following example presents numerous processes in various states:

[sc_spw serv control different modes, 2, --_--]

Figure 4-9 Example: Administrator UI with Services/Processes in Different States

Start SIGUARD Processes

² To start the SIGUARD processes, click the Start button and confirm the confirmation box.The determined target status of the server and the current state are displayed.² If you use redundancy: To start the SIGUARD processes on the remote server, click the Start button and

confirm the confirmation box.

Redundancy SwitchoverYou can change the master or standby status in a redundant system.² Click the Switch over button.



ii NOTETo warrant an archive without gaps after the switchover, the Switch over button is active only after bothservers have run a few minutes.

Service & Process Settings TabIn the Server & Process settings tab, you can select which SIGUARD process should be started and change theentire state of the server (running/stopped).

• With Keep state, the status of the process is retained unchanged in case of an error.

• With Stop All, all active processes are stopped in case of an error in this process.

• With Restart this process (default setting), the corresponding process is restarted in case of an error inthis process.

• With Restart all processes, all processes are restarted in case of an error in a process.

• With Reboot server, the operating system and the SIGUARD PDP server are restarted if an error occurs inthis process.

ii NOTESiemens recommends setting these settings identically for all SIGUARD processes as otherwise, this mightlead to an unwanted behavior in case of an error of a process.

ii NOTEIf Reboot server is set, the server is restarted only if at least 30 minutes have past since the last restart.Thus, you can change the Reboot server setting in case of a continuously present error, until this continu-ously present error is cleared.

ii NOTEKeep in mind that ICCP functions only if you have installed the associated additional software. The corre-sponding SIGUARD licenses must be available for all processes. The tool does not check whether the licenseis available. If no license is available, the process does not start.Services or servers that are not installed are dimmed, for example, OPC DA server in the previous figure.

Other Functions of the Administrator UI

Checking the ConfigurationYou cannot change the configuration while SIGUARD PDP is running, but you can check it.² For this, click the Configuration > View menu.

- or -

² Press the keyboard shortcut: Alt + V- or -

² Click the icon .

The Configuration editor opens in Read-Only mode.You can open the Event Display in the Windows Event Log or Windows Services directly from the Adminis-trator UI program.

4.2.6.7

4.2.7

4.2.7.1



[ScSPW_Tools_Menu-100214, 3, --_--]

Figure 4-10 Administrator UI - Tools Menu

² Select the Tools > Start local Windows event log menu.- or -

² Press the keyboard shortcut: Alt + W.

[scspwlog-100913-16.tif, 1, --_--]

Figure 4-11 Windows Event Viewer Program Window

The current events of the PDP Application are displayed here.Proceed as follows to open the Windows Services UI:² Select the Tools > Open Windows Services UI menu.

- or -

² Press the keyboard shortcut: Alt + S.



[sc_spw services UI, 1, --_--]

Figure 4-12 Windows Service SIGUARD PDP Process Watcher

The Log on as a service right can be given to the runtime user from the Properties window.² Right-click Siemens SIGUARD PDP process watcher and select the Properties context menu.

Validating and ActivatingFields in which entries are missing or in which an incorrect configuration was made are highlighted in red. Inaddition, notes are listed in the Validation result field.As long as the configuration is incorrect and the validity check reports errors, the configuration file cannot beactivated.

4.2.7.2



[sc_spw validation control failed, 1, --_--]

Figure 4-13 Example of a Validity Check with an Incorrect Input



[sc_spw validation control warning, 2, --_--]

Figure 4-14 Example of a Validity Check with a Warning – without Tooltip



[sc_spw validation control warning_with_tooltip, 1, --_--]

Figure 4-15 Example of a Validity Check with a Warning – with Tooltip

If a configuration is not optimal, for example, the server has stopped, the field is highlighted in yellow. Awarning is also output in the Validation result section. However, the configuration is still enabled for activa-tion.² If the validation is successful, activate the configuration by clicking the Activate button or the icon.

[sc_spw configuration activation.tif, 2, --_--]

Figure 4-16 Configuration is Activated

ii NOTEA syntactically correct but unavailable IP address is not recognized during the validity check. For thisreason, it can take a few minutes during the activation before an error message is issued.



Procedure Descriptions

Installing a New Version of SIGUARD PDPIf you already have an older SIGUARD PDP version installed, proceed as follows:✧ End SIGUARD UI on all UI computers.✧ End the SIGUARD PDP SPW service on all servers.✧ Uninstall the SIGUARD PDP SPW service on all servers.✧ Uninstall the old version of SIGUARD PDP on all computers (server and UI).✧ Install the new version of SIGUARD PDP on all computers (server and UI).

To be able to continue to use your previous configuration, make sure during the installation that youenter the directory for the configuration files correctly.

✧ Start the Engineer program on a UI computer.For this first start, the Engineer makes all changes required for the new version in your configuration.

ii NOTEThis process is supported only for sequential versions, for example, with an upgrade from V4.00 to V5.10. Ifyou have omitted a version, contact Siemens Customer Care for support.

✧ Validate the adapted configuration.It may be necessary for you to enter additional information for a new version.

✧ If the validation was successful, activate the new configuration.✧ Start the Administrator UI on one of the servers.✧ Check the settings in the Service & Process settings tab.✧ Validate and activate this configuration.✧ Change to the Service control tab and install the SIGUARD PDP SPW service on all servers.

Start the SIGUARD PDP SPW service first on the local server, then if necessary on the 2nd server.✧ Check the correct function of SIGUARD PDP with the Communication UI, the SIGUARD UI, and the

Windows event display on servers and UI computers.

Adding a Redundant Server to a System

ii NOTEFor this sequence, you must stop SIGUARD PDP completely.

² Stop and uninstall the SPW service in the Service Control tab.

² Open the Configuration editor via the Configuration > Edit... menu.- or -

² Open the Configuration editor via the icon.

² Click the Enable check box for Server 2.

² Enter the Host name.

² Click the Get IP addresses button.

² Enter the IP addresses for LAN A, LAN B, etc., as described in chapter 4.2.6.2 Specify the Communicationand Archive Configuration with the Administrator UI.

4.2.8

4.2.8.1

4.2.8.2



[sc_Configuration Editor Server Communication, 3, --_--]

Figure 4-17 Configuration Editor with IP Addresses

ii NOTENote that in a redundant system, a high performing File Share must be used. If necessary, correct the pathinformation for the archive directory. You can find more information on this in chapter 4.2.6.2 Specify theCommunication and Archive Configuration with the Administrator UI.

² Click the Validate button.

² Click the Activate button.You can find more information on validation and activation in chapter 4.2.7.2 Validating and Activating.

² Close the editor.

ii NOTEIf you have changed the archive configuration, you must start Resize archive utility.



² Open the Service control tab and install the SPW service on the local server.

² In any case, use the SIGUARD Runtime user.

² Enter the domain, user name, and password.

² Install the SPW service on the remote server.

² Start the local SPW service.

² Start the remote SPW service.

² Open the Status tab and check there whether the local server and the remote servers are started.If the servers are not started, click the respective Start button.

ii NOTETo make the 2nd server known to the UI computers, uninstall SIGUARD PDP on these computers and rein-stall it.

Removing a Defective Server from a System.

ii NOTEFor this sequence, you must stop SIGUARD PDP completely.Remove the server only if the repair of the defective server will take a longer time, for example, severaldays.

² Open the Administrator UI on the server that is not defective.

² If the defective (remote) server is still reachable, stop and uninstall the SPW service on the defectiveserver.

² Stop the SPW service on the local server.


² Open the Configuration editor via the icon

ii NOTEThe defective server can be Server 1 or Server 2 in the Configuration editor.

² Via the Host name, identify which server (1 or 2) is the defective server.

² Click the Enable check box of the defective server and confirm that the data (IP address, etc.) of theserver is completely deleted from the configuration.


² Click the Activate button.You can find more information on validation and activating in chapter 4.2.7.2 Validating and Activating.


² Start the SPW service on the local server.

² Change to the Status tab and check there whether the local server is started.If the server is not started, click the Start button.

² Once the defective server is repaired, you can put the server back into operation as described in chapter4.2.8.2 Adding a Redundant Server to a System.

4.2.8.3



Reducing the Archive


If you add more PMUs in your system, the needed storage capacity of the archive increases. If there is no morestorage capacity available on the logical drive of the ring archive, proceed as follows:² Stop all SPW services.




² Set a shorter archive duration.




ii NOTETo make this setting effective, you must start the Resize archive utility.

² If the Resize archive utility was run successfully, change to the Service control tab and start the SPWservice(s) there.

Enlarging the Archive


If enough storage capacity is available for the ring archive, you can extend the archive duration accordingly.Proceed as follows:² Stop all SPW services.




² Set a longer archive duration.




4.2.8.4

4.2.8.5



ii NOTETo make this setting effective, you must start the Resize archive utility.Due to the organization of the data in the ring archive, it can take a certain time until the set archive dura-tion is effective in the ring archive.Example: The ring archive is extended from 1 week to 2 weeks. Only after max. 1 week has elapsed, thedata from more than 1 week is stored.

² If the Resize archive utility was run successfully, change to the Service control tab and start the SPWservice(s) there.

Diagnostic Tool Communication UI

The SIGUARD PDP Communication UI is a diagnostic window that can be opened after the SIGUARD PDPstarts.All outward connections from SIGUARD are displayed in SIGUARD PDP Communication UI.The connections are displayed in the 4 tabs:

• PMU Devices tabThis tab shows the state of connections to the PMUs. It also shows the connections through which theSIGUARD PDP receives data from other PDC servers.

• PDC Servers tabThis tab shows the state of connections to other PDC servers. It shows the connections through which theSIGUARD PDP sends data to other PDC servers.

• ICCP Servers tabThis tab shows the state of connections to other ICCP servers.

• IEC104 Servers tabThis tab shows the state of connections to other IEC 60870-5-104 servers.

A Filter field is available in each tab.The list can be filtered using the following filter criteria:

• Name (complete or one letter only)

• ID number

• Status

• IP address

• Port number

[sc_CommUI_Filter_function, 1, --_--]

Figure 4-18 Filter Function for Diagnostic Data

4.2.9



When you enter the first letter, matching names are listed and the entire list can be filtered by these names.Only the data of the filtered name is displayed.In each tab, the list can be sorted in ascending or descending order by clicking in the header of the corre-sponding column. Sorting is possible for each column.When the SIGUARD PDP Communication UI is started before or during the SIGUARD PDP server startup, thefollowing diagnostic window is opened:

[sc_CommUI_Server_not_started, 1, --_--]

Figure 4-19 Diagnostic Window without SIGUARD PDP Server Started

As there is still no connection between PMU and the SIGUARD PDP Server, no diagnostic data can be displayed(status bar: Offline - No PMU Devices, no PDC Server, no ICCP Server, no IEC104 Server).

ii NOTEIf you do not have administrator rights, the SIGUARD PDP Communication UI is opened in RestrictedMode. In this mode, you can read settings but you cannot change them.If you have administrator rights, the SIGUARD PDP Communication UI is opened in Administrator Mode.In this mode, you can make changes.

Once the connection has been established between the PMU and the SIGUARD PDP server, diagnostic data isdisplayed (status bar, for example: 9 PMUs - 2 PDP Server(s) - 1 ICCP Server - no IEC104 Server).

MenuYou can call up the following functions via the menu:

• File > ExitCloses the SIGUARD PDP Communication UI program window.

• View > PMU reference date and timeShows or hides the reference date and reference time of the reference time source.

• View > Extended columnsShows or hides additional columns in the PMU Devices tab.

PMU DevicesThe following reference data is displayed in the PMU devices tab:



[sc_CommUI_reference_time, 1, --_--]

Figure 4-20 Reference Data

• Reference date and reference time

• Source of the reference time, for example, NTP

• Status of the source of the reference time, for example, failure (if the source returns no reference time)or Time Sync unknown (if the source is not available)

With the SIGUARD PDP server started, the diagnostic window with all configured PMU connections isdisplayed:

[sc_CommUI_Server_Started, 1, --_--]

Figure 4-21 Diagnostic Window with Started SIGUARD PDP Server

All configured PMU connections to the SIGUARD PDP server are established (status bar, for example: 11 PMUDevices - 5 PDP Server(s) - 3 ICCP Server(s) - 23 IEC104 Server(s))In the diagnostic window, a row is created for each PMU device that was created in the configuration. In eachrow, the following parameters are applied from the configuration:

• PMU name

• PMU IDThe next field shows the status of the connection between the PMU and the SIGUARD PDP Server.

• Status Connection A indicates the status of the connection between the PMU and the SIGUARD PDPserver.

• Status Connection B indicates the status of the redundant connection between the PMU and the SIGUARDPDP server.

Table 4-5 Status Displays of the Communication UI PMU Devices

Status ExplanationThe status offline indicates that the diagnostic window was opened withoutthe SIGUARD PDP server being started.

The status online indicates that a correct connection between PMU andSIGUARD PDP server exists by way of which data is exchanged.



Status ExplanationThe status stopped indicates that the user has stopped any information evalu-ation of this physical PMU in SIGUARD, for example, via the Stop button, sinceit is not running optimally, for example.Only a stopped PMU can be activated using the Start button.The status failure indicates that the connection between PMU and SIGUARDPDP server has failed or could not be established.

The status timestamp err indicates that the time stamps of the telegramsreceived from this PMU are invalid (too old, in the future, or in incorrect grid).

The status config fail indicates that the native PMU configuration does notconform with the configuration from SIGUARD PDP Engineer.

The status redundancy mismatch indicates that there is a redundancy error.Data from the PMU via LAN A to the SIGUARD PDP server and data from thePMU via LAN B to the SIGUARD PDP server are not identical.The status pdp error indicates that the SIGUARD PDP server has detected amajor program error. SIGUARD PDP must be restarted.

The status iccp error indicates that the SIGUARD ICCP server has detected amajor problem or is starting.

The status IEC104 error indicates that the SIGUARD IEC104 server has detecteda major problem or is starting.

The status pdc error indicates that the SIGUARD PDC Server has detected amajor problem.

Using the Stop button in the PMU Start/Stop section, you can stop communication to a device. Siemensrecommends stopping communication if the device is delivering incorrect data. Once you have stoppedcommunication, the Start button appears instead of the Stop button. Use this button to reestablish communi-cation.The latency time is displayed in ms in the Latency field. The diagnostic data for connections A and B areoutput separately.In the Receiver Errors field, the telegram errors (for example, CRC errors) since the start of the SIGUARD PDPserver are counted. Thus, a rough indication concerning the quality of the connection is possible. These errorsincrement until the device is restarted. They cannot be reset. The diagnostic data for connections A and B areoutput separately.



[sc_CommUI_Server_Started, 1, --_--]

Figure 4-22 Example: Diagnostic Window with Various Status Displays

ii NOTEAdditional information on the Latency and Receiver Errors diagnostic data is available in the UI in theStatistics section.

To show additional data columns in the diagnostic window, select the View > Extended Columns menu.

[sc_CommUI_diagnostics_extended_columns, 1, --_--]

Figure 4-23 Example: Diagnostic Window with Displayed Columns

You can show/hide the following columns:

• Remote IP connection A

• Remote Port connection A

• Remote IP connection B

• Remote Port connection B



PDC ServersThe PDC servers tab shows the state of connections to other PDC servers. This tab is configured similarly toPMU devices.

[sc_CommUI_PDC-servers, 2, --_--]

Figure 4-24 Communication UI - PDC Servers Tab

A row is created in the diagnostic window for each PDC server. In each row, the following parameters areapplied from the configuration:

• PDC server name

• PDC server IDUsing the Stop button in the Server Start/Stop section, you can stop communication to a server. Oncecommunication has been stopped, the Start button appears instead of the Stop button. Use this button toreestablish communication.The latency time is displayed in ms in the Latency field. The diagnostic data are issued separately for connec-tions A and B.

[dw_latency_time, 1, --_--]

Figure 4-25 Latency Time in PMU Devices and PDC Servers

The Status connection field shows the status of the connection between the PMU and the SIGUARD PDCServer.



Table 4-6 Status Displays of the Communication UI PDC Server

Status ExplanationThe status online indicates that a correct connection exists between SIGUARDPDC Server and another PDC server allowing the exchange of data.

The status stopped indicates that the SIGUARD PDC Server was stopped by theuser, for example, using the Stop button.Only a stopped PDC connection can be reactivated using the Start button.The status failure indicates that no client is available for the SIGUARD PDCServer.

The status pdc error indicates that the SIGUARD PDC Server has detected amajor problem.



[sc_CommUI_PDC_servers_extended_columns, 2, --_--]

Figure 4-26 Communication UI - PDC Servers Tab with Displayed Columns

You can show/hide the following columns:

• PDC server IP

• PDC server port (number)



ICCP ServersThe ICCP servers tab shows the state of connections to other ICCP servers. This tab is configured similarly tothe PDC servers tab.

[sc_CommUI_ICCP_servers, 1, --_--]

Figure 4-27 Communication UI - ICCP Servers Tab

A row is created in the diagnostic window for each ICCP server. In each row, the following parameters areapplied from the configuration:

• ICCP server nameThe next field displays the status of the connection between the SIGUARD ICCP server and other ICCP servers.

Table 4-7 Status Displays of the Communication UI - ICCP Servers

Status ExplanationThe status online indicates that a correct connection exists between theSIGUARD ICCP server and other ICCP servers allowing the exchange of data.

The status stopped indicates that the SIGUARD ICCP server was stopped by theuser, for example, using the Stop button.Only a stopped ICCP connection can also be reactivated using the Start button.The status failure indicates that no client is available for the SIGUARD ICCPserver.

The status iccp error indicates that the SIGUARD ICCP server has detected amajor problem or is starting.



IEC104 ServersThe IEC104 servers tab shows the state of connections to other IEC104 servers. This tab is configured similarlyto the PDC servers tab.

[sc_CommUI_IEC104_servers, 2, --_--]

Figure 4-28 Communication UI – IEC104 Servers Tab

A row is created in the diagnostic window for each IEC 60870-5-104 server interface. In each row, thefollowing parameters are applied from the configuration:

• IEC104 server nameThe next field shows the status of all IEC 60870-5-104 server interfaces.

Table 4-8 Status Displays of the Communication UI - IEC 60870-5-104 Server Interfaces

Status ExplanationThe status online indicates that a correct connection exists between theIEC 60870-5-104 server and another IEC 60870-5-104 server allowing theexchange of data.The status stopped indicates that the IEC 60870-5-104 server was stopped bythe user, for example, using the Stop button.Only a stopped IEC 60870-5-104 connection can also be reactivated using theStart button.The status failure indicates that no other server has opened theIEC 60870-5-104 connection.





[sc_CommUI_IEC104_servers_extended_columns, 2, --_--]

Figure 4-29 Communication UI - IEC104 Servers Tab with Displayed Columns



Uninstalling the Software

Uninstalling SIGUARD PDP

You remove SIGUARD PDP from your computer via the uninstaller in the operating system. When doing so, youdelete all data installed by the installer for SIGUARD PDP.

ii NOTEIf you want to uninstall SIGUARD PDP from a Windows 10 computer, do not use Apps and Features, butaccess Programs and Features from the link in Apps and Features.

The Automation License Manager is not removed when uninstalling SIGUARD PDP. These programs must beuninstalled separately. Do not uninstall these programs if they are still needed by other software.

Uninstalling ServicesTo uninstall the services for SIGUARD PDP, proceed as follows:² Open the Administrator UI tool.

Select the menu Start > Siemens Energy > SIGUARD PDP > Administrator UI.

ii NOTENote that SIGUARD PDP Setup creates all required SIGUARD Start icons in the App view. You can find infor-mation on the App view here: Windows App View.Select the desired SIGUARD icon and then to where this icon should be copied from the lower edge of thescreen (Start menu, taskbar)

² Stop the SPW service.

² Uninstall the SPW service.

² Close the Administrator UI tool.

Uninstalling SIGUARD PDPYou uninstall SIGUARD PDP as follows:² Click Start > Settings > Control Panel.² Open the list of the installed software programs.

² Select the Siemens SIGUARD PDP Vx.xx program and click Remove. The uninstallation process starts.

² Follow the instructions of the uninstaller.

ii NOTEIf uninstallation fails, stop the Network Time Protocol service manually and repeat the uninstallationprocedure.You can end the Network Time Protocol (NTP) service as follows:

• End using Start > Settings > Control Panel > Administration > Services > Network Time Protocol:end

• End using a CMD command: net stop ntpA restart of the computer is necessary after uninstallation.

4.3

4.3.1

SIGUARD PDP System Installation4.3 Uninstalling the Software


http://blogs.windows.com/international/b/windowsexperience_de/archive/2013/10/17/windows-8-1-erste-schritte-mit-startseite-desktop-und-apps.aspx

Removing the SIGUARD PDP License

ii NOTEIf the same software version of SIGUARD PDP is installed with a new software component, the license ofSIGUARD PDP does not need to be removed.

You remove the license by transferring the license from your computer to the license USB stick.

ii NOTEThe license can also be transferred to another removable storage medium, for example, third-party USBstick.

Remove the licensing of SIGUARD PDP as follows:² Place the included USB stick in the USB port.

² Click Start > Programs > Siemens Automation > Automation License Manager.

² Transfer the license or licenses from the hard disk to the license USB stick.

4.3.2

SIGUARD PDP System Installation4.3 Uninstalling the Software


OPC

5.1 Overview 765.2 OPC Server Installation 775.3 Configuring the OPC Server 78

5


OverviewOPC is an open interface standard based on COM and DCOM technology (Distributed Component ObjectModel). This standard makes simple, standardized data exchange possible between automation/control appli-cations, bay devices, and office applications.In this way, you can send measured values from SIGUARD PDP to a SICAM PAS substation automation systemand then have automation functions run there that are controlled by the phasor measured values.First install the OPC Server and then configure the server according to your needs.

[dwsysopc-corrected, 2, en_US]

Figure 5-1 System Overview with OPC Server

5.1

OPC5.1 Overview


OPC Server InstallationTo install the OPC server, proceed as follows:² Uninstall SIGUARD PDP if it is already on your computer.

² Reinstall SIGUARD PDP with the OPC option.

Licensing the OPC ServerThe OPC option must be licensed.² Transfer the licenses from the license USB stick via the ALM.

5.2

OPC5.2 OPC Server Installation


Configuring the OPC Server

General

ii NOTEAdministrator rights are required to configure the OPC server.

Local Basic Security Settings

Set the local security settings when you start configuring the OPC server.To do this, proceed as follows:² Select the Windows menu Start > Control Panel .² Click Administrative Tools.

² Double-click Local Security Policy.

² Double-click Local Policies.

² Select the directory Security Options.All available security settings are displayed.

[sclocpol-290813-06.tif, 1, --_--]

Figure 5-2 Local Security Policy Dialog

² Check the DCOM: Machine Access Restrictions in Security Descriptor Definition ... security setting.

5.3

5.3.1

5.3.2

OPC5.3 Configuring the OPC Server


[sclocps1-290813-07.tif, 1, --_--]

Figure 5-3 Local Security Policy - DCOM Dialog

The security setting must be set to Not Defined.² Check the security setting Network access: Let Everyone permissions apply to anonymous users.

[sclocps2-290813-08.tif, 1, --_--]

Figure 5-4 Local Security Policy - Network Access Dialog

The security setting must be set to Enabled.



Configuring DCOM

ii NOTEInstead of the OPC_client_user mentioned in the following, you can also use the SIGUARD Runtime user.You can find more information in chapter 4.2.3.2 Users and User Groups .

When using the OPC Server function, you must perform the settings for DCOM (Distributed ComponentObject Model).DCOM is configured using the Microsoft tool dcomcnfg.exe.To configure DCOM, proceed as follows:² Open the window Run via Windows key +R .

² Enter dcomcnfg and confirm with OK.The Component Services window opens.² Navigate to the My Computer folder.

² Right-click My Computer.

[scdcompr-290813-09.tif, 1, --_--]

Figure 5-5 Component Services Dialog

² Select the Properties context menu.The My Computer Properties window opens.

Default Properties Tab

² Select the Default Properties tab.

5.3.3



[scdefpro-290813-11.tif, 1, --_--]

Figure 5-6 Default Properties

² Activate Enable Distributed COM on this computer.

² Under Default Authentication Level, select the Connect setting.

² Under Default Impersonation Level, select the Identify setting.

COM Security Tab

² Select the COM Security tab.

[sccomsec-290813-12.tif, 1, --_--]

Figure 5-7 COM Security

² At Launch and Activation Permissions, click the Edit Limits... button.



The following dialog opens:

[scseclim-290813-13.tif, 1, --_--]

Figure 5-8 Launch and Activation Permission

² Click the Add... button to add an OPC Client user.The following dialog opens:

[scsecuse-290813-14.tif, 1, --_--]

Figure 5-9 Select Users or Groups

² Enter an OPC Client user, for example OPC_Client_user.

² Check the user name by clicking the Check Names button.The user name is unique and is OK.² To confirm the new user name, click OK.Now, set the authorizations for the new user.² At Permissions for OPC_Client_user, select the check boxes as shown in the following figure.



[scuseper-290813-16.tif, 2, --_--]


No settings need to be made in the other tabs.² Close the Launch and Activation Permission dialog with OK.

² Close the COM Security dialog with OK.The following confirmation box can be opened:

[scdcomok-290813-17.tif, 1, --_--]

Figure 5-11 Confirmation Box for DCOM Machine Wide Settings

² Confirm your settings with the Yes button to apply them.- or -

² Click No to correct the settings and apply them later.



OPC DA Server Configuration

ii NOTEInstead of the OPC_client_user mentioned in the following, you can also use the SIGUARD Runtime user.You can find more information in chapter 4.2.3.2 Users and User Groups .

To configure the OPC DA server, proceed as follows:² In the Component Services window under My Computer, select the DCOM Config entry.

[scdaserv-290813-21.tif, 1, --_--]

Figure 5-12 Opening the Properties of the SIGUARD PDP OPC DA Server

² Right-click SIGUARD PDP OPC DA Server and select the context menu Properties.The entry SIGUARD PDP OPC DA Server is present only after you have started the OPC server once in theSPW Configurator.

The SIEMENS SIGUARD PDP OPC DA Server Properties dialog opens.

General Tab

² Select the General tab.

5.3.4



[scdagene-290813-23.tif, 1, --_--]

Figure 5-13 General

² Under Authentication Level select the setting None.

Location Tab

² Select the Location tab.

[scdaloca-290813-28.tif, 1, --_--]

Figure 5-14 Location

² Select Run application on this computer.

Security TabFor DCOM, start, access and configuration rights additionally have to be assigned for users who log on to theOPC Client and want to access the OPC Server via a network connection.² Select the Security tab.



[scdasecu-290813-29.tif, 1, --_--]

Figure 5-15 Security

Launch and Activation Permissions Group

² In the Launch and Activation Permissions group, activate the Customize option.

² Click Edit....The Launch and Activation Permission dialog opens.

[scdasec2-290813-30.tif, 1, --_--]


² Click Add... to add the user planning to use the OPC Server/Client. To do this, you can also create a newuser.

² At Permissions for OPC_Client_user, select all the check boxes in the Allow column.



[sc_dasec3-180815, 1, --_--]

Figure 5-17 Launch and Activation Permission - Permissions for OPC_Client_user

² Close the dialog with OK.

Access Permissions Group

² Under Access Permissions, select the Customize option.

² Click Edit....The Access Permission dialog opens.



[scdasec4-290813-32.tif, 1, --_--]

Figure 5-18 Adding Users

² Click Add... to add the user planning to use the OPC-Server/OPC-Client.

² For the user, select at Permissions all the check boxes in the Allow column.

[scdasec5-290813-33.tif, 1, --_--]

Figure 5-19 Specifying Access Rights


Configuration Permissions Group

² Under Configuration Permissions, select the Customize option.

² Click Edit....The Change Configuration Permission dialog opens.



[scdasec6-290813-34.tif, 1, --_--]

Figure 5-20 Adding Users

² Click Add... to add the user planning to use the OPC-Server/OPC-Client.

² For the user, select at Permissions the Full Control and Read check boxes in the Allow column.

[scdasec7-290813-35.tif, 1, --_--]

Figure 5-21 Specifying the Configuration Permissions


Endpoints Tab

² Select the Endpoints tab.This tab includes a list of protocols and end points which may be used by the OPC Client. No settings arerequired.



[scdaendp-290813-36.tif, 1, --_--]

Identity Tab

² Select the Identity tab.

[scdaide1-290813-37.tif, 1, --_--]

Figure 5-22 Identity

² Select This user.

² Use Browse... to navigate to the folder containing the user.

² Define a password for this user and enter it once more in confirmation.



[scdaide2-290813-38.tif, 1, --_--]

Figure 5-23 Defining Identity for Users


² Close the Component Services window.

ii NOTEIf the Microsoft firewall is activated, additional settings must be made for the OPC server (see chapter5.3.6 OPC Firewall Settings).

OPC Enum Server Configuration

To configure the OPC Enum server, proceed as follows:² In the Component Services window under My Computer , select the DCOM Config entry.

5.3.5



[scopcenu-290813-39.tif, 1, --_--]

Figure 5-24 SIEMENS SIGUARD PDP OPC Enum Server

² Perform all settings – except the access rights settings – for the SIEMENS PDP OPC DA Server as well asfor the SIEMENS PDP OPC Enum Server .

ii NOTEThe SIEMENS PDP OPC Enum Server entry appears only after you have started the OPC Enum service once.See chapter 5.3.4 OPC DA Server Configuration.

Access Rights

² For the SIEMENS PDP OPC Enum Server , you must not set Deny in the user permissions as otherwise,requesting the data points does not function.Set the permissions as follows:



[sc_OPCEnum, 1, --_--]

Figure 5-25 Launch and Activation Permission - Permissions for the OPC_Client_user for the OPC EnumServer

OPC Firewall Settings

If the Windows firewall is activated, the following additional settings are required.² Select the menu Start > Control Panel.² Click Windows Administrative Tools.

² Double-click Windows Firewall.

5.3.6



[scfwsett-290813-40.tif, 1, --_--]

Figure 5-26 Windows Firewall with Advanced Security Dialog

² Select the Inbound Rules folder.



[scfwrule-290813-41.tif, 1, --_--]

Figure 5-27 Inbound Rules Folder

All existing rules are displayed.

Creating a Rule for the OPC DA Server

² Under Actions, click New Rule....The New Inbound Rule Wizzard opens.



[scfwwizz-290813-43.tif, 1, --_--]

Figure 5-28 New Inbound Rule Wizzard - Rule Type

The settings remain unchanged in the Step Rule Type.² Click Next >.

[scfwwiz2-290813-45.tif, 1, --_--]

Figure 5-29 New Inbound Rule Wizzard - Program

² Select This program path.

² Using Browse..., navigate to the SIGUARD installation folder and select the program file DAServer.exethat executes this rule.



[scfwwiz3-290813-46.tif, 1, --_--]

Figure 5-30 New Inbound Rule Wizzard - Program Path

² Click Next >.

[scfwwiz4-290813-47.tif, 1, --_--]

Figure 5-31 New Inbound Rule Wizzard - Action

² Select Allow the connection.

² Click Next >.



[scfwwiz5-290813-48.tif, 1, --_--]

Figure 5-32 New Inbound Rule Wizzard - Profile

² Select all profiles.

² Click Next >.

[scfwwiz6-290813-49.tif, 1, --_--]

Figure 5-33 New Inbound Rule Wizzard - Name

² Enter a name for the rule, for example, DAServer.

² Click Finish.The rule for the OPC DA server has been created.

Creating a Rule for the OPC Enum Server

² Create a 2nd rule that is linked to the program file OpcEnum.exe and stored under the name OPCEnum.



The 2 rules are available in the Inbound Rules folder.² Close the Windows Firewall with Advanced Security window.



ICCP

6.1 General 1026.2 Installation of the ICCP Driver 1036.3 Licensing the ICCP Driver 1046.4 Editing the Configuration File 106

6


GeneralThe ICCP Protocol

The ICCP protocol supports the exchange of network data via a network (WAN or LAN) between a local powerutility network control center and

• Other power utilities (EVUs)

• Power Pools

• Regional Network Control Centers

• Non-EVU Generating UnitsThe protocol was standardized in accordance with IEC 61870-6 (TASE.2).ICCP supports:

• Functions for the pre-processing of data

• A user interface for the display of error statistics with powerful testing and diagnostic functionsSIGUARD PDP uses the ICCP protocol to transfer measured values and events to a network control center.

IntroductionUsing SIGUARD PDP Engineer, a configuration file PDP_config.xml is created which contains all data for theICCP channels to control and parameterize the corresponding components. Every component of the networkreads this XML file when starting.

ProcedureIn order to be able to work with the ICCP, proceed as follows:

• Install the ICCP driver.

• License the ICCP driver.

• Edit the configuration file osill2.cfg of the ICCP driver.

6.1

ICCP6.1 General


Installation of the ICCP Driver

Installation Preparation

To install the ICCP driver, proceed as follows:² Uninstall SIGUARD PDP if it is already on your computer.

² Install SIGUARD PDP with the option ICCP.You can find more information in chapter 4.2.2 Installation.

Installation

Starting InstallationTo install the SIGUARD PDP ICCP Add-on, proceed as follows:² Insert the DVD with the ICCP Add-on into your DVD drive.

ii NOTEThe installation procedure does not start automatically.

² To start the installation procedure, double-click the setup.exe file from the root directory of the Add-onDVD.

² Follow the instructions of the installater.

Restart the Computer

² Restart the computer after installation.

ii NOTEAfter the ICCP driver has been installed, you can find a sample configuration file osill2.cfg in the directoryC:\Program Files(x86)\SISCO\osill2\. Information on editing the configuration file can be found in thecorresponding chapters in the Administrator Manual.

6.2

6.2.1

6.2.2

ICCP6.2 Installation of the ICCP Driver


Licensing the ICCP DriverActivating ICCP Driver

² Open the window SISCO MMS-EASE Activation via the menu Start > Programs > SISCO > MMS-EASE >Activate MMS-EASE.

[iccpact1-100811-01.tif, 1, --_--]

Figure 6-1 Licensing the ICCP Driver

² In order to activate the ICCP driver, click Activate.

[iccpact2-190711-07.tif, 1, --_--]

Figure 6-2 Licensing the ICCP Driver

You have various options to register the ICCP driver, for example:² Select the activation method Enter a License Code.

6.3

ICCP6.3 Licensing the ICCP Driver


[agacticc-020811-06.tif, 1, --_--]

Figure 6-3 Entry of License Key

² Enter the license key that you received with the product.

ii NOTEDo not enter the authorization code that is on the CD sleeve!

ICCP6.3 Licensing the ICCP Driver


Editing the Configuration FileThe fields Local AR Name, Primary Remote AR Name, Alternate Remote AR Name, Third Remote AR Nameand Fourth Remote AR Name are the aliases of the IP addresses for a connection between a local and aremote control center. These aliases are defined in a configuration file osill2.cfg in the path C:\ProgramFiles\SISCO\osill2\. In order to be able to connect a local with a remote control center, at least 4 fields within theconfiguration file must be defined for each connection:

• IP address (for TCP connections)

• P Selector (Local Presentation Selector)

• S Selector (Local Session Selector)

• T Selector (Local Transport Selector)

[iccpconf-corrected, 1, en_US]

Figure 6-4 Overview of the Configuration Files

6.4

ICCP6.4 Editing the Configuration File


Adapting Subnet Range

² Open the configuration file osill2.cfg.

² Enter the IP address of the local computer in the Subnet area.

[iccpco01-100811-03.tif, 1, --_--]

Figure 6-5 Setting the IP Address of the Local Computer

² Save the configuration file.

Adapting Local Names Section Area

² Adapt the parameter AR_Name in the area Local Names Section for every connection.The name can be assigned freely, for example, LocalToICCPREM (Local > ICCP-Remote).

ii NOTEThe parameter must be identical to the name that is assigned in the SIGUARD PDP Engineer.

² Assign values for the parameters Psel, Ssel, and Tsel that are unique in the SIGUARD system, forexample, 13 / 14 / 15 for connection 1 or 16 / 17 / 18 for connection 2.These values must be identical to the values for the corresponding parameters in the configuration file ofthe Remote Control Center in agreement with its administrator. Agreement of the identical values isrequired for all connections.You can find further information in the SISCO Installation Guide for MMS-EASE for Windows.



[iccpcon2-corrected, 1, en_US]

Figure 6-6 Local Names Section

Adapting Remote Names Section Area

² Adapt the parameter AR_Name in the area Remote Names Section for every connection.The name can be assigned freely, for example, ICCPBKUPAddress1.

² Assign values for the parameters Psel, Ssel, and Tsel that are unique in the SIGUARD system, forexample, 21 / 22 / 23 for connection 1 or 24 / 25 / 26 for connection 2.These values must be identical to the values for the corresponding parameters in the configuration file ofthe Remote Control Center in agreement with its administrator. Agreement of the identical values isrequired for all connections.You can find further information in the SISCO Installation Guide for MMS-EASE for Windows.



[iccpcon3-corrected, 1, en_US]

Figure 6-7 Remote Names Section



Time Synchronization

7.1 Overview 1127.2 Configuration of Time Synchronization with the Administrator UI 1147.3 Hopf Time Server Installation 1167.4 Uninstalling NTPD of the Hopf Card 1177.5 NTP Daemon 1187.6 Configuration File for the NTPD 1197.7 Driver for the Hopf6039 Card 1227.8 Sample Configurations 124

7


OverviewYou have 3 options for configuring time synchronization on the SIGUARD PDP Server:

• NTP daemon (recommended)The provided NTP daemon is used for the time synchronization of the SIGUARD PDP Server. During theinstallation of SIGUARD, this NTP daemon is set up as a Windows service. If you use this type of timesynchronization, the status of the time synchronization can also be displayed in the Communication UI.

• External time synchronizationThe provided NTP daemon is not used for the time synchronization of the SIGUARD PDP Server. Adifferent function is used instead. If this time synchronization fails, this failure is not detected bySIGUARD PDP. If the server time differs too much from real time due to the failure of the external timesynchronization, data may be lost as the received PMU telegrams are regarded as invalid.

• No time synchronization (not recommended)The PMU time stamp with the largest value is used to check the validity of PMU telegrams. If this timestamp is incorrect and is considered as invalid by the PMU, valid telegrams may be rejected under certaincircumstances. The latency display in the Communication UI is also imprecise. Error outputs may not beinterpretable under certain circumstances. Siemens therefore does not recommend this setting.

[sc_time synchronization settings, 1, --_--]

Figure 7-1 Setting Possibilities for Time Synchronization on the SIGUARD PDP Server

The time synchronization of SIGUARD PDP is based on the NTP (Network Time Protocol) and the correspondingservice NTPD (Network Time Protocol Daemon) software. This service runs in the background in Windows.During installation of SIGUARD PDP, this service is referred to as the Network Time Protocol Service. It isconfigured using the ntp.conf ASCII file.You can find more information on the configuration file in chapter 7.6 Configuration File for the NTPD.During the installation of SIGUARD PDP, NTPD is also installed. It is activated upon a restart of the computer.In a SIGUARD PDP system, several NTPDs can be active, for example, on the external radio clock and on theSIGUARD PDP server. An NTPD can be configured as a Server or as a Client. Upon the request of a client, theserver communicates its time information to the client.Based on NTP, a precision of approximately 0.1 ms can be achieved under a Windows operating system. Inorder to achieve this high precision, the NTPDs of the system must perform extensive calculations. Thisprocess can take several hours after the system starts. If the current timing master fails, the NTPDs use thedata received in an attempt to keep the time as accurate as possible for as long as possible.You can find more information on the NTP in the Internet under the following address http://www.ntp.org.

7.1

Time Synchronization7.1 Overview


http://www.ntp.org

You can find more information on displaying the reference time in chapter 4.2.9 Diagnostic Tool Communica-tion UI.

Time Synchronization7.1 Overview


Configuration of Time Synchronization with the Administrator UIYou can configure the time synchronization in the Administrator UI.

Configuration Steps

² Start the Administrator UI.²

Click the icon .

- or -

² Click the menu Utilities > Time synchronization settings.- or -

² Press the keyboard shortcut: Alt + T

ii NOTEYou can only change the configuration of the time synchronization if the SIGUARD PDP SPW service isstopped. If this service is not stopped, you can only display the NTPD status in read-only mode. The othersetting options are grayed out.

² Select the variant for the time synchronization.If you select the variant NTP daemon (recommended), you can make additional settings in the NTPdaemon settings area.If you select another variant for the time synchronization, the settings in the NTP daemon settings areaare grayed out.You can find more information on the variants for time synchronization in chapter 7.1 Overview .

Changing the Configuration of the NTP DaemonTo be able to change the configuration of the NTP daemon, you must stop the NTP daemon.² Under Status NTP daemon, click Stop to stop the NTP daemon.Now, you can either create a basic configuration or change an existing one.

Creating a Configuration

² In the field NTP server IP address, enter the IP address of the NTP server.

² Click Create.

Editing an Existing Configuration

² Click Edit.The configuration file opens in a Text Editor.² Enter the required changes.

² Under Status NTP daemon, click Start to start the NTP daemon.

² You can display the status using the Show button.As the result of the query, a line is displayed for each entered NTP time server. This line can contain thefollowing information:

7.2

Time Synchronization7.2 Configuration of Time Synchronization with the Administrator UI


Information Description* symbol This symbol indicates that this time server is currently in use.+ symbol This symbol indicates that there is a connection to these time servers and that an eval-

uation of their time is taking place.Parameter reach This parameter indicates the amount of successful queries that were made with the

time server. The value 377 should be reached. It can take several minutes to reach thisvalue

You can find more information under http://www.ntp.org/documentation.html.

Time Synchronization7.2 Configuration of Time Synchronization with the Administrator UI


http://www.ntp.org/documentation.html

Hopf Time Server InstallationFollowing the insertion of the Hopf6039 card, install the corresponding software first. Then you can initializethe Hopf6039 card.During the installation of SIGUARD PDP, an NTPD (Network Time Protocol Daemon) is also installed. This NTPDenables even more precise time synchronization than the NTPD provided by Hopf.To install a Hopf6039 card, proceed as follows:² Insert the Hopf6039 card in the computer.

² Next, install the software for your Hopf6039 card. The software is required for the initialization of theHopf6039 card.

² Uninstall the NTPD of the Hopf6039 card (see 7.4 Uninstalling NTPD of the Hopf Card).

² Install SIGUARD PDP. The NTPD delivered with SIGUARD PDP is automatically installed as well.

7.3

Time Synchronization7.3 Hopf Time Server Installation


Uninstalling NTPD of the Hopf CardTo uninstall the NTPD of the Hopf6039 card, proceed as follows:² Click Start > Settings >Control Panel.² Double-click Administrative Tools. The Administrative Tools window opens.

² Double-click Services. The Services window opens.

² Right-click Network Time Protocol and select End from the context menu to end the service.

² Select Start > Run.

² To uninstall the service, enter <Hopf installation path>\instsrv remove and click OK.

7.4

Time Synchronization7.4 Uninstalling NTPD of the Hopf Card


NTP DaemonTo configure the NTPD, knowledge about its main functions is required. Some NTPD functions and terms areillustrated below.

Server, Client, and PeerThe NTPD can be configured as a Server or as a Client. The server uses the current time information receivedfrom a clock. The clients poll the time information from the server.Besides this, an NTPD can be configured as a Peer. This is the case if several clocks with the same priority existin a distributed system. The roles (server/client) of the individual NTPDs are not specifically defined. The peerscommunicate among each other in order to determine the quality of their time signal. The NTPD of the peerwith the most precise time signal acts as the Server.

Stratum, Offset, and DispersionThe NTP time distribution is based on a hierarchical structure. Time information is distributed from the toplevel down to the lower levels. A level is referred to as a Stratum. The clock is the top level and is referred toas stratum 0. The time server, which receives its time information directly from the clock, is assigned stratum1. The server that acts as a client of this server is assigned stratum 2. Numbering is continued according to thispattern.The Offset is the difference between the client clock and the server clock. The NTPD tries to keep the offset assmall as possible. The offset is the most important criterion for the determination of the quality of time infor-mation.The Dispersion is another criterion used for quality determination. The dispersion defines the upper limit forthe deviation of the system time from the 'real' clock time. The smaller the dispersion, the higher is the qualityof the time information.

Quality of Time InformationWhen determining the system time within the SIGUARD runtime, the time stamp received is assigned aQuality. The following 4 quality levels can be assigned:

• High means that the system time deviates from the 'real' clock time by less than 10 ms and that thequality of the time sources is sufficient for this determination. A dispersion of less than 10 ms is sufficientto meet the standard requirements in the field of automated energy supply.

• Medium means that the system time deviates from the 'real' clock time by less than 2 s and that thequality of the time sources is sufficient for this determination. This level of precision ensures that no low-quality time stamps are produced if a leap second is inserted and the clock therefore shows a temporarydeviation of ~1 s.

• Low means that the available time information does not have the required precision and that the systemmust therefore be considered as 'out of synchronization'.

• Unknown is assigned if the system detects that no NTP service runs at all or that the service was not ableto detect a time source.

For reasons of compatibility, the SIGUARD internal time stamp is assigned the ClockSync and ClockValidstatus bits. These bits are set based on the quality of the time stamp:

• highThe status bits ClockSync and ClockValid are set.

• mediumThe status bit ClockValid is set.

• lowNo status bit is set.

• UnknownNo status bit is set.

7.5

Time Synchronization7.5 NTP Daemon


Configuration File for the NTPDWhen installing SIGUARD PDP, an ntp.conf configuration file is copied into the directory ...\windows\system32\drivers\etc. This file is used to configure the NTPD.The time servers are indicated in the configuration files of the clients. However, the clients are not indicated inthe configuration files of the servers. A time client can thus be added to a system in a simple way. Only theconfiguration file of the new client needs to be edited.

ii NOTEYou can edit this file only when SIGUARD is not running. If SIGUARD is running, you can open this file onlyin read-only mode.

The configuration file includes some comments on its contents. This section provides information aboutimportant entries.You can find more information in the Internet under the address http://www.ntp.org.

General Settings

[agsig001-170511-01.tif, 1, --_--]

Figure 7-2 ntp.conf - General Settings

7.6

Time Synchronization7.6 Configuration File for the NTPD


http://www.ntp.org

• tinker panicTime information is not synchronized if the clock concerned deviates by more than 90 s from the bestexternal clock. The NTPD stops automatically or does not start up.The Services Manager indicates whether the NTPD has started or not. Press F5 to update the ServicesManager. Set the local system time manually and start the NTPD.

• driftfile, logfile, statsdirIn these rows, you can specify the storage location of the drift and protocol files. To do this, write accessrights are required.Activate the logfile, statsdir rows for error detection only.The quartz drift determined is stored in the ntp.drift file. This allows faster synchronization after a systemstart, because the clock can be set to the correct speed based on the offset value. If no writable (andreset-proof!) file system is available, the drift file can be disabled. In this case, optimum synchronizationcan be achieved only some time after a system start. This can take several hours.

Reference Clocks

[agsigref-170511-02.tif, 1, --_--]

Figure 7-3 ntp.conf - Reference Clocks

Using the lines under local system clock, you can define the local clock as the timer. Define a high value forthe stratum. The local time is used unless another, better time base is available.In the lines under Hopf6039 receiver, you can define the use of a Hopf6039 card.

• modeWith mode 53 (see Table 7-2), no time is polled from the card if it cannot receive data.

• minpoll, maxpollThe time is to be polled at intervals of between 4 s and 64 s. The values of minpoll and maxpoll are theexponents from a base of 2 (22 = 4, 26 = 64).

• iburstThe iburst parameter ensures that 5 values per second are read during the 1st poll. The internal filtersenter a steady state, which ensures that synchronization can be achieved within an even shorter time.

Servers

[agntpser-240511-21.tif, 1, --_--]

Figure 7-4 ntp.conf - Servers



The following rows serve as examples for the definition of time servers. They are used for demo purposesonly. In a real environment, the user must enter the parameters for real time servers.server 139.25.31.13 minpoll 2 maxpoll 6 iburstserver 139.25.208.27 minpoll 2 maxpoll 6 iburst server ntp.lpz.siemens.de minpoll 2 maxpoll 6 iburst



Driver for the Hopf6039 CardThe Hopf6039 card is a PCI card with a DCF77 or GPS receiver with a clock function. With a clock time preci-sion of 1 ms, the operating system can achieve a resolution of up to 1 ms. With the modified driver for theHopf6039 card, the resolution can be improved in the edge polling mode.The quartz oscillator integrated in the Hopf6039 card is more stable than the oscillator of a standardcomputer. By combining the Hopf6039 card with NTPD, a time precision of less than 1 ms can be maintainedfor another 2 hours even if no time signal can be received after a stabilization phase of several hours.Different modes can be set on the modified driver in order to determine the behavior of the driver in case ofan error (that is, no time signal received from the clock). The driver can increase the value of the stratum andmark the clock as erroneous.A typical line in the configuration file for a Hopf6039 card provides the following information types:server 127.127.39.0 mode 53 minpoll 2 maxpoll 6 prefer iburstThe mode 53 parameter must be interpreted as a bit pattern (decimal value). The following tables illustratethe significance of the bits.

Table 7-1 Bit Pattern of Mode 53

Bit 7 6 5 4 3 2 1 0Bitpattern

0 0 1 1 0 1 0 1

Value 1 1 5

Table 7-2 Parameter Mode 53

Bit Position DescriptionBit 0 to 3 Stratum drop

In case of an error, this value is added to the stratum (see Table 7-3)Bit 4 Edge polling mode

The Hopf6039 card does not support interruptions. The card has a resolution of 1 ms,but maintains the clock time with far higher precision. During the first reading of thetime stamp, a statistical error of +/- 0.5 is detected; due to repeated readings until thechange of the value read, this error can be reduced to 1/10th of the original value. Thismethod enables faster synchronization.If Bit 4 is set, repeated reading until the value changes is activated.

Bit 5 to 7 Dropout modeThese bits determine the behavior in case of an error (see Table 7-3).

Table 7-3 Parameter Mode

Dropout Mode Stratum drop Description0 0 The connection to the satellite is not checked, but rather the

status of the internal clock. If the clock indicates that it issynchronized only by the internal quartz, the driver marks theclock as erroneous. The time signal is no longer polled. Thisbehavior is identical with the behavior of the unmodified clockdriver.

0 1 to 15 Time information is still polled, even if the clock is synchronizedonly by the internal quartz. However, the driver adds thestratum drop value to the stratum of the clock. The value of thestratum is limited to 15.

7.7

Time Synchronization7.7 Driver for the Hopf6039 Card


Dropout Mode Stratum drop Description1 1 to 15 The driver determines from how many satellites the clock

receives time signals. If a clock does not receive time signalsfrom any satellite, the stratum drop value is added to thestratum of the clock.The time signal is no longer polled if the clock is synchronizedonly by the internal quartz.

2 0 Time information is still polled, even if the clock is synchronizedonly by the internal quartz.This behavior is identical with the behavior of the unmodifiedclock driver, if the fudge1 flag of this driver is set to 1.

2 1 to 15 The driver determines from how many satellites the clockreceives time signals. If a clock does not receive time signalsfrom any satellite, the stratum drop value is added to thestratum of the clock.Time information is still polled, even if the clock is synchronizedonly by the internal quartz.

Time Synchronization7.7 Driver for the Hopf6039 Card


Sample Configurations

Overview

This chapter illustrates typical sample configurations. It describes the distribution of time information in thesystem and presents the configuration files of the NTPDs.

• In the 1st example, a Hopf PCI card is used. It is incorporated in a SIGUARD PDP server.

• In the 2nd example, the time is specified by an external radio clock or an NTP timer. The radio clock or anNTP timer is connected directly to the Ethernet.

PCI Card as Timer

The Hopf FG6039GPS PCI card is incorporated in the SIGUARD PDP server and used as the timing master of thesystem. Other clocks can become the timing master only if the PCI card fails or if its time information is of poorquality.The NTPD is active on the SIGUARD PDP UI computer as well as the SIGUARD PDP Engineer computer:

• On the SIGUARD PDP server as server

• On the SIGUARD PDP UI computer and the SIGUARD PDP Engineer computer as client

[agpcikar-corrected, 1, en_US]

Figure 7-5 Time Synchronization with the Hopf6039 Card in the SIGUARD PDP Server (Example)

ii NOTEThe time of the PMUs is synchronized via GPS at the control center (at the bay level).

Configuration FilesIn the following sections, the configuration files ntp.conf for the SIGUARD PDP Server and the clients(SIGUARD PDP UI computer and SIGUARD PDP Engineer computer) are listed. The entries in the list have beencustomized for the example illustrated. Be aware that, in practice, the real system configuration (for example,IP addresses) must be considered.Changes to the predefined configuration files have been highlighted.

7.8

7.8.1

7.8.2

Time Synchronization7.8 Sample Configurations


PCI Card Configuration Files

Configuration File - ServerConfiguration file for the SIGUARD PDP Server:

[iccpserv-100811-05.tif, 1, --_--]

Figure 7-6 ntp.conf - Reference Clocks

In the row marked in blue, enter the IP address of the Hopf card (for example, 127.127.39.0).

Configuration File - ClientsConfiguration file for the clients (SIGUARD PDP UI computer and SIGUARD PDP Engineer computer):

[agpcikar-040811-05.tif, 1, --_--]


In the row marked in blue, enter the IP address of the SIGUARD PDP Server (for example, 192.168.1.1) asreference from the client to the server.

External Radio Clock or NTP Time Server as Timer

With this system configuration, an external radio clock (for example, SICLOCK, Meinberg, Hopf) or an NTPtime server is used as timing master on the Ethernet. If this clock fails or if the quality of the time informationis poor, another clock available in the system becomes the timing master. You can define which clock will bethe new timing master in the configuration files of the NTPDs.The NTPD is active on the SIGUARD PDP Server as well as on the SIGUARD PDP UI computer and the SIGUARDPDP Engineer computer The NTPD of the radio clock or of the NTP time server is the time server, the NTPDs ofthe SIGUARD computers are the clients.

7.8.3

7.8.3.1

7.8.3.2

7.8.4



[aguhrntp-corrected, 1, en_US]

Figure 7-8 Time Synchronization via External Radio Clock or NTP Time Server

ii NOTEThe time of the PMUs is synchronized via GPS at the control center (at the bay level).

Configuration FilesIn the following sections, the configuration files ntp.conf for the NTP Clients are listed. The entries in the listhave been customized for the example illustrated. Be aware that, in practice, the real system configuration(for example, IP addresses) must be considered.Changes to the predefined configuration files have been highlighted.

NTP Configuration File

Configuration File - ClientsConfiguration file for the Clients (SIGUARD PDP Server, SIGUARD PDP UI computer and SIGUARD PDP Engi-neer computer):

[agntpcli-040811-12.tif, 1, --_--]


In the rows marked in blue, enter the IP addresses of the available time servers. Only the entered time serversare polled.

7.8.5

7.8.5.1



ii NOTEIf a radio clock is used as a timer, then the settings of the respective manufacturer should be taken intoaccount.

Finishing Configuration

² Save the configuration files for servers and clients in the appropriate path of the computer.

² Start the Network Time Protocol service again.The procedure for starting the Network Time Protocol is the same as described in the chapter Config-uring the OPC server.

7.8.6



Security Settings

8.1 Overview 1308.2 The Desktop Firewall 1318.3 Logging 1348.4 User Management 1428.5 IPSec Tunneling 1448.6 Protection Against Malware 1598.7 Patch and Update Information 161

8


OverviewMany different aspects must be considered in order to protect a complex system such as the SIGUARD PDPnetwork. This chapter describes some important aspects on providing additional protection for the network.You can find more information on security in the chapters 1.2 Recommended Actions that Make Your SystemMore Secure and 1.3 Recommended Rules for Improving the Security Process.

ii NOTE

Note the following when working with Windows 10 and Windows Server 2016:Some sections of this manual describe the procedure with Windows XP. Use the corresponding functionswhen working with Windows 10.

8.1

Security Settings8.1 Overview


The Desktop FirewallGeneral

Siemens recommends activating the Windows Firewall on the SIGUARD PDP Server. For a pure SIGUARD PDPServer application, only some ports and services are required.

Setting up the Firewall

² On the SIGUARD PDP Server, open the window Windows Firewall via Start > Settings > Control Panel >Windows Firewall.

[agfire01-240511-22.tif, 1, --_--]

Figure 8-1 Windows Firewall

² Select Change settings.

² Activate the firewall.Add a port for the SIGUARD PDP Server which will receive incoming connections.² Open the window Add a Port.

8.2

Security Settings8.2 The Desktop Firewall


[agfire02-240511-23.tif, 1, --_--]

Figure 8-2 Add TCP Port on the SIGUARD PDP Server

² Enter PDP Server as a name for the port.

² Assign the Port number, for example, 4714.

² Set the protocol to TCP .

² Close the dialog with OK.If the SIGUARD PDP Server is used as NTP Server, incoming connections must also be accepted at UDP-Port123.

[agfire01-170611-03.tif, 1, --_--]

Figure 8-3 Add UDP Port on the NTP Server

² Enter NTP Server as a name for the port.

² Assign the Portnumber, for example, 123.

² Set the protocol to UDP .


In addition to the basic services of the network, exceptions must be defined for the firewall:

• File and Printer SharingFile and Printer Sharing (Port 139/445) for a shared folder on the SIGUARD PDP Server

• Network DiscoveryDisplay of the network, if desired

• PDP ServerThe defined port for the SIGUARD PDP Server

• Remote Event Log ManagementFor remote access to the events protocol file



² Open the window Windows Firewall Settings

[agfire03-240511-24.tif, 1, --_--]

Figure 8-4 Exceptions

² Select the corresponding exceptions.

² Use Add port... to add the ports.


ii NOTEYou can find additional information on port assignments in chapter 2.2 SIGUARD PDP Ports Used.



Logging

General

Regulations, such as NERC-CIP or BDEW Security Whitepaper, require records of changes and security-relevantactivities. Changing the user password or a configuration change for retracing in the event of an error orforeign interventions count as security-relevant activities. Beyond this, the central recordings are a prerequi-site for a good overview and for simplified fault search by Siemens.Central logging (recording of events in a protocol file) by Microsoft, which also contains system-nativeprograms, is not so simple. It is not possible to record all relevant log data on a central Syslog Server. For thisreason, software by a third-party company must be used, for example, Datagram Syslog Agent, which isdistributed by Datagram Consulting as free software, see website of Datagram Consulting.Microsoft Windows also supports remote access to recorded events via the included Event Viewer.Note that some conditions must be satisfied in order to be able to view protocol files via remote access. Incase of problems, see Event Viewer Troubleshooting webpage of Microsoft.

• First, you need administrator rights on the remote computer, in order to be able to read protocol files.This user must also be created with the same password on the local computer. In order to attain the bestsecurity benefit, use Run as, in order to complete the process. We recommend creating an audit adminis-trator, who has administrator rights, on the remote computer and the local computer.

• In order to be able to view the designation and category fields in the properties window of an eventrecording, the Remote Registry Service must be started on some Windows operating systems.

• Once the firewall is activated as suggested, release the incoming data traffic for remote event recordings.

² Open the window Windows Firewall Settings.

[aglog001-260511-07.tif, 1, --_--]

Figure 8-5 Release Data Traffic for Remote Event Recordings

² Select Remote Event Log Management.


8.3

8.3.1

Security Settings8.3 Logging


http://www.syslogserver.com/syslogagent.html

http://technet.microsoft.com/en-us/library/cc738322%28WS.10%29.aspx

Logging with the Event Viewer for Windows 10 (Local Computer) andWindows Server 2016 (Remote Computer)

Creating a User

² Create a user Auditor with administrator rights on the local computer and the remote computer.

ii NOTEFor reasons of consistency, note that the same user name and the same password are always assigned onthe local computer and on the remote computer.

² Open the window Computer Management via the control panel.

² Select the user Auditor.

[aglow701-260511-12.tif, 1, --_--]

Figure 8-6 Computer Management

² Double-click to open the Properties window for this user.

8.3.2



[aglow702-260511-13.tif, 1, --_--]

Figure 8-7 Auditor Properties – General

² Establish the rights for this user in the tab General.² To assign the new user in the user group Administrators, select the tab Member Of.

[logcon03-100811-09.tif, 1, --_--]

Figure 8-8 Auditor Properties – Member Of

The user Auditor is assigned to the user groups Administrators and Users.² Next, click OK to confirm your settings.

Authorizing Remote Event Recordings

² In the Windows Firewall Settings window, select Remote Event Log Management in the Exceptionstab.For further information, see 8.1 Overview.



Starting the Event ViewerUnder Windows 10/Server 2016, you can start the Event Viewer via the following elements:

• The user interface or

• The input window

² At the user interface, start the Event Viewer from the menu All Programs > Administrative Tools >Event Viewer- or -

² Start the Event Viewer via the input window.

[aglogein-120811-07.tif, 1, --_--]

Figure 8-9 Starting the Event Viewer via the Input Window

The Event Viewer window opens.

Establishing a Connection with Another Computer

² In the Event Viewer, open the menu Action > Connect to another Computer....² Select Another Computer and enter the IP address or the domain name of the remote computer.

[aglow708-260511-16.tif, 1, --_--]

Figure 8-10 Event Viewer, Set Up Remote Connection


Viewing Protocol FilesThe SIGUARD PDP Server has its own area where error messages can be displayed.² Under Applications and Services Logs, select the subdirectory SIGUARD_PDP.



[aglow710-260511-17.tif, 1, --_--]

Figure 8-11 Event Viewer in Remote Access

All SIGUARD PDP Server events are displayed here.

Saving Protocol Files

² In the Event Viewer, select error messages (rows) that you would like to save.

[aglow711-260511-18.tif, 1, --_--]

Figure 8-12 Selected Error Messages

² In the Actions window, select the menu item Save Selected Events...



[aglogsav-120811-09.tif, 1, --_--]

Figure 8-13 Save As...

² Enter a file name.

² Select the file format.

² Close the dialog with Save.

Saving Protocols in Text or XML FormatProtocol files can be saved in the following formats

• Text format

• XML format

² In the Actions window, select the menu item Save All Events As...



[aglogsav-120811-11.tif, 1, --_--]

Figure 8-14 Save As...

² Enter a file name.

² Select the file format.

² Close the dialog with Save.

Viewing XML FileXML documents can be opened for later evaluations.² Open an XML document by double-clicking on the file name.



[aglow713-260511-20.tif, 1, --_--]

Figure 8-15 Log File Opened in XML Format



User Management

Set Local Access Rights

GeneralIf SIGUARD PDP Engineer and SIGUARD PDP UI are installed on the same computer, you must set the accessrights separately.² Give the user group SIGUARD PDP Engineer access rights only to the program SIGUARD PDP Engineer.

² Give the user group SIGUARD PDP Users access rights only to the program SIGUARD PDP UI.If a user assumes both tasks, both user groups are assigned to him. These user groups require read andexecute rights for the main directory SIGUARD PDP on the local computer (SIGUARD PDP Engineer/UIcomputer).

ii NOTEIf a SIGUARD PDP engineer requires access rights to the SIGUARD PDP UI computer, add him as a member ofthe user group SIGUARD PDP Users.

Editing Access Rights to the Program SIGUARD PDP UI

² Open the properties window of SiguardUI.exe.

[agusuiex-300511-53.tif, 1, --_--]

Figure 8-16 Access Rights for SIGUARD PDP UI

² Select the user group and click Edit..., in order to change its rights.

² Select the user group and click Advanced... in order to change its extended settings.


Editing Access Rights to the Program SIGUARD PDP Engineer

² Open the properties window from Engineer.exe and proceed as with SIGUARD PDP UI, in order tochange the program settings.

8.4

8.4.1

Security Settings8.4 User Management


[agusengp-300511-56.tif, 1, --_--]

Figure 8-17 Access Rights for SIGUARD PDP Engineer

Editing Access Rights to the Program SIGUARD PDP Communication UIThese setting are required only on the SIGUARD PDP Server.² Open the properties window from Comm_UI.exe and proceed as with SIGUARD PDP UI, in order to

change the program settings.

[aguscomp-300511-57.tif, 1, --_--]

Figure 8-18 Access Rights for SIGUARD PDP Communication UI

Security Settings8.4 User Management


IPSec Tunneling

IPSec Tunnel between SIGUARD PDP Server and Local Computer

General Due to the data exchange of pure text between the SIGUARD PDP Server and the SIGUARD PDP Engineer /UIcomputer, Siemens recommends using a certified and trustworthy VPN connection tunnel (Virtual PrivateNetwork) from a third-party manufacturer that complies with the applicable guidelines.IPSec (Internet Protocol Security) is a security protocol that guarantees the protection goals of trustworthiness,authenticity and integrity for communication via IP networks. It is used for establishing virtual privatenetworks.It is very easy to use this IPSec implemented in Windows. IPSec is included in Windows XP, Windows 10 andWindows Server 2016, among others.In the following configuration, PSK authentication and ESP encryption are used.Preshared Key, or abbreviated, PSK, designates an encryption process in which the keys must be known toboth participants before communication. Encapsulating Security Payload (ESP) ensures the authentication,integrity and trustworthiness of IP packets. ESP is based directly on IP and uses the IP protocol number 50.It is the simplest way to set up IPSec with PSK authentication for an administrator user account on a SIGUARDPDP Server and a SIGUARD PDP Engineer/UI computer, since only a few systems are integrated in SIGUARD. Donot install any further software for IPSec authentication/encryption. The completeness and trustworthiness ofthe data are guaranteed.To do this, proceed as follows:² Configure the IPSec Tunnel on the SIGUARD PDP Server.

² Export the configuration data.

² Import the configuration data on the local computer.

IPSec Configuration

Inserting the IPSec Snap-In

² Start the Configuration Management Console.

² Select the menu Add/Remove Snap-in... .

[ipsec001-310511-06.tif, 1, --_--]

Figure 8-19 Configuration Management Console

² Select the snap-ins IP Security Monitor and IP Security Policy Manager and add them with Add > to theselected snap-ins.

8.5

8.5.1

8.5.1.1

8.5.1.2

Security Settings8.5 IPSec Tunneling


[ipsec002-310511-07.tif, 1, --_--]

Figure 8-20 Add IP Security Policy Snap-in

² Confirm the selection by clicking OK.

[ipsec003-310511-09.tif, 1, --_--]

Figure 8-21 Selection of the Local Computer

² Use Local Computer to select the computer on which this configuration is supposed to run.

² Close the dialog with Finish.

Establishing a Security Strategy and Filter SettingsUse the wizard in the Configuration Management Console to set the following functions:

• Creation of an IPSec guideline with Create IP Security Policy...

• Filter settings for export with Manage IP filter lists and filter actions...



ii NOTEBoth transmission directions are always needed for the guidelines and filter settings.

² Right-click the snap-in IP Security Policies on Local Computer.

[ipseccre-120811-30.tif, 1, --_--]

Figure 8-22 Calling up the Snap-ins

Filter Editing

² Select the menu item Manage IP filter lists and filter actions...² Select the tab Filter Action.

[ipsec005-310511-19.tif, 1, --_--]

Figure 8-23 Add Filter and Edit Settings

² Select Add... to create a new filter.

² Select a filter and then click Edit... in order to edit its properties.



[ipsec006-310511-24.tif, 1, --_--]

Figure 8-24 Editing Filter Settings

² Select Negotiate security. The security rules for transmission are negotiated by the system, for example,which rules and which algorithms are used.

² Select PFS (Perfect Forward Security). The filter uses a key with perfectly continuous secrecy, an encryp-tion procedure in which previous and subsequent keys of a communication channel cannot be deter-mined from a uncovered key.

² To specify the security method, select Edit....

[ipsec007-310511-23.tif, 1, --_--]

Figure 8-25 Establishing the Security Method

² To configure this security method, select Settings....



[ipsecf04-120811-31.tif, 1, --_--]

Figure 8-26 Security Method Configuration

² Select ESP as the method for data encryption and data security.

² From the list box SHA-1, select the security algorithm and 3DES as encryption algorithm.

² Keep the settings for Session key.

² Confirm your settings in the windows Security Method Settings, Edit Security Method and PDPServer/UserInterface Properties with OK.

Definition of the IPSec Security Rules

² Select the menu Create IP Security Policy...² Select the tab Rules.

[ipsec009-310511-42.tif, 1, --_--]

Figure 8-27 IPSec Security Rule UserInterface2PDPServer

² To add 2 new security rules Filter PDP Engineer/UI system (UserInterface) > PDPServer and PDPServer> UserInterface, select Add....

² Mark a checkmark in the check box, so that both rules work according to the PSK encryption process.



² Select a security rule and click Edit... in order to edit its properties.

² Select the IP Filter List tab.

[ipsec010-310511-44.tif, 1, --_--]

Figure 8-28 Editing the Security Rule UserInterface2PDPServer

² Select the filter UserInterface2PDPServer in order to edit its properties.

[ipsec011-310511-48.tif, 1, --_--]

Figure 8-29 IP Filter List

² Enter the IP address of the SIGUARD PDP Engineering/UI computer or its domain name as SourceAddress.

² Enter the IP address of the SIGUARD PDP Server or its domain name as Destination Address.

² Enter Any in the Protocol column, so that all protocols, for example, UDP, TCP and Port 445 and 139, canpass through the IPSec tunnel.


² Select the Tunnel Setting tab.



[ipsec012-310511-63.tif, 1, --_--]

Figure 8-30 Settings for the IPSec Tunnel

² Select Tunnel endpoints are specified by these IP addresses.In this entry in the IP filter list, the Destination Address is the tunnel endpoint of the SIGUARD PDP Server.² Close the dialog with OK.

² In the tab, select Connection Type, in order to set the connection type.

[ipsectyp-190112-32.tif, 1, --_--]

Figure 8-31 IPSec Connection Type

² Select Local Area Network (LAN).² Close the dialog with OK.

² Select the Authentication Methods tab.



[ipsecaut-190112-33.tif, 1, --_--]

Figure 8-32 IPSec Authentication

² Select Add.. in order to add a new IPSec authentication.

² Select an authentication method and click Edit... in order to edit its properties.

² Enter the method Preshared Key.

² Under Details, enter your personal security key.Change the given sequence of numbers. Select a security key that is at least 10 characters long andwhich includes alphanumeric characters and special characters.

ii NOTEThe security key must not be given to the users. If the exported configuration file for installation on thelocal computer is transferred via a secure communication path, no security key must be entered. Therefore,use a long, complex security key.


Configuration for the Other Transmission Direction

² Select the IP Filter List for the other transmission direction.



[ipsec016-310511-61.tif, 1, --_--]

Figure 8-33 IPSec Security Rule PDPServer2UserInterface

² Select the IP Filter List tab.

[ipsec016-310511-65.tif, 1, --_--]

Figure 8-34 Editing the Security Rule PDPServer2UserInterface

² Select the filter PDPServer2UserInterface, in order to edit its properties.



[ipsec017-310511-64.tif, 1, --_--]

Figure 8-35 IP Filter List

² Enter the IP address of the SIGUARD PDP Server or its domain name as Source Address.

² Enter the IP address of the SIGUARD PDP Engineer/UI computer or its domain name as DestinationAddress.

² Enter Any in the Protocol column, so that all protocols, for example, UDP, TCP and Port 445 and 139, canpass through the IPSec tunnel.

² Select the Tunnel Setting tab.

[ipsec018-310511-67.tif, 1, --_--]

Figure 8-36 Settings for the IPSec Tunnel

² Select Tunnel endpoints are selected by these IP addresses.In this entry in the IP filter list, the Destination Address is the tunnel endpoint of the SIGUARD PDPEngineer/UI computer.² In the tab, select Connection Type, in order to set the connection type.



[ipsec013-310511-58.tif, 1, --_--]

Figure 8-37 IPSec Connection Type

² Select Local Area Network (LAN).² Select the Authentication Methods tab.

[ipsec014-310511-60.tif, 1, --_--]

Figure 8-38 IPSec Authentication

² Enter the method and the security key as for the other transmission direction.


Exporting the Configuration FileThe configuration file which was created on the SIGUARD PDP Server is exported here in the format Ipsec. Thisfile is overwritten and imported on the local computer via a secure path. Then, activate the security settingsof both systems, on the SIGUARD PDP Server and on the local computer.² Open the Configuration Management Console.



² Right-click the snap-in IP Security Policies on Local Computer and select the menu entry All Tasks >Export Policies....

[agexpcon-170611-22.tif, 1, --_--]

Figure 8-39 Requesting Export of the Configuration File

² Assign a name for the configuration file.

² Close the dialog with Save As....² Transfer the configuration file to the local computer via a secure path.

Importing the Configuration FileThe configuration file is imported on the local computer.² Insert the snap-ins in the Configuration Management Console of the local computer.

² Right-click the snap-in IP Security Policies on Local Computer and select the menu All Tasks > ImportPolicies....



[agimpcon-170611-23.tif, 1, --_--]

Figure 8-40 Requesting Import of the Configuration File

² Select the configuration file.

² Complete the import with Open....

Activation of the Security SettingsActivate the security settings on both systems.² Under IP Security Policies on Local Computer, right-click the entryPDPServer/UserInterface Policy and

select the menu entryAssign.

[ipsec019-310511-68.tif, 1, --_--]

Figure 8-41 Activation of the IPSec Security Settings



[ipsec020-190112-69.tif, 1, --_--]

Figure 8-42 IPSec Security Settings are Activated

As soon as the security settings are loaded, a green arrow appears in the icon for the configuration file.Now all IP data traffic between the SIGUARD PDP Server and the SIGUARD PDP Engineer/UI computer isencrypted. This setting is also retained, in case the system is restarted and a normal user logs on to theSIGUARD PDP Engineer/UI computer.

ii NOTEAdditional security strategies can be added on both systems, either for access to other SIGUARD PDPServers or for access via the SIGUARD PDP Engineer/UI computer to a server. The principle is the same.

² If you are uncertain whether the system is configured well, use the monitoring snap-in.

IPSec MonitoringThe current configuration can be monitored on the SIGUARD PDP Server.² In the window Configuration Management Console, select the path Console Root > IP Security

Monitor > SIGUARD-WIN08SE > Quick Mode > Statistics.

[ipsec021-310511-70.tif, 1, --_--]

Figure 8-43 IPSec Monitoring



The most important parameters are Bytes Sent In Tunnels and Bytes Received In Tunnels. The IPSec tunnelsare what is meant by tunnels.

IPSec Tunnel between PMU and SIGUARD PDP Server

GeneralIf you use unsecure third-party communication networks, Siemens recommends using an IPSec tunnelbetween the PMUs and the SIGUARD PDP Server. To be able to use this IPSec tunnel, an additional securitycomponent, for example, SIEMENS Scalance S, must be used.To do this, proceed as follows:² Install the security module Scalance S.

For details, also see 2.3 Network Configuration with IPSec.

² Install the software Security Configuration Tool.² Configure the security module Scalance S.

IPSec ConfigurationIf firewalls and/or routers are used between the SIGUARD PDP Server and the PMUs, the Scalance S modulesare installed behind the corresponding inputs. Since the IPSec protocol is conducted over the firewalls, ESPdata traffic must be authorized and UDP-Port 500 must be enabled. If NAT-T (Network Address TranslationTraversal) is used, UDP-Port 4500 must be enabled and instead of ESP, Encapsulated ESP must be authorized.Since the PMU protocol may be defined freely, Siemens recommends authorizing all data traffic between theSIGUARD PDP Server and the PMUs. Define a VPN group for the Scalance S network between the SIGUARD PDPServer and the PMUs.

ii NOTEAll Scalance S modules must be set up according to a global IP Default Drop Firewall policy. This policymust be set up as the last in the firewall configuration of a Scalance S module. Without this policy, all datatraffic is permitted to pass through the IPSec tunnel.

A graphic interface (Security Configuration Tool) is available to configure the Scalance S modules. For opera-tion and configuration of the Scalance S Security modules, see the SIEMENS Industry Manual, which you candownload at the following address: Download of the manual.

8.5.2

8.5.2.1

8.5.2.2



http://support.automation.siemens.com/WW/llisapi.dll/21718449?func=ll&objId=21718449&objAction=csView&nodeid0=18703650&lang=en&siteid=csius&aktprim=0&extranet=standard&viewreg=WW&load=content&subtype=133300

Protection Against Malware

General

The SIGUARD PDP Server and SIGUARD PDP Engineer/UI computer work with the Windows operating system.Therefore, Siemens recommends installing antivirus software, the virus signatures of which are continuallyupdated, as protection against the infection by malware. Siemens recommends Trend Micro OfficeScan asantivirus software.

ii NOTEEnsure that the antivirus software is configured in the manner recommended by Siemens.

To avoid an infection via USB devices, such as USB sticks or USB hard drives, the autostart function must bedeactivated. This prevents the automatic execution of the software. Scanning is also recommended for all USBdevices with updated antivirus software for malware, before they are connected to the system. The antivirussoftware must be configured in the operating mode on-access. The same procedure applies to CDs or DVDs.In addition to infection by malware via USB devices, infection can also occur through e-mail or browsing onthe Internet. Therefore, Siemens recommends installing antivirus software that offers the following options:

• Checking e-mail

• Preventing access to unsecure Internet sites

• Preventing the use of unsecure e-mail serversThe computer must be configured such that infection by malware is prevented reliably. A secure configurationalso includes the continuous updating of all installed third-party components.System administrators must be trained such that the systems (for example, domain controller, file server, etc.)which they administer are used exclusively for administrative purposes.In particular, SIGUARD PDP Servers which are used for administrative purposes may not be used for thefollowing tasks:

• Browsing the Internet or playing any multimedia content

• Testing or installing untrustworthy software from dubious sources (for example, Internet, CD-ROM withshareware)

• Experimenting with SIGUARD PDP systems

Virus Scanning System

Virus scanners are available in various designs:

• Stand-alone product

• Client-Server configurationAn example of this can be found in the following figure.

The setup data, configuration, and updated virus signatures are distributed by means of a virus scanningserver. Using the push or pull mechanisms, the information or the software is passed on to the systems.

8.6

8.6.1

8.6.2

Security Settings8.6 Protection Against Malware


[dw_virus_scan_TrendMicro, 1, --_--]

Figure 8-44 The Virus Scanning System by TrendMicro

The virus scanning system by TrendMicro is tested and is recommended by Siemens.

Security Settings8.6 Protection Against Malware


Patch and Update InformationSecurity in the case of patch and update information is important over the entire lifespan of a product. Theadministration of patches for software is an essential part of this process. If possible, always activate the auto-matic update function of the installed software, for example, for Microsoft Windows, Adobe Acrobat or OracleJava. If Internet access is not authorized or is not available, install the security patches for the installed soft-ware manually.If you do not have direct access or proxy access to the Internet, set up your own WSUS server (Windows ServerUpdate Services). With WSUS you can distribute all Microsoft patches in your Windows system. The method iscomparable to the Client-Server from Virus Scan. The entire system receives the patches via an automatedupdate mechanism in Windows. The significant difference is the server that makes the patches available.Not all software providers offer an update system like the updated system of Microsoft with which you canwork via remote access. If you do not have direct access or proxy access to the Internet, install the securitypatches for the installed software manually. Inform yourself regularly on the homepage of the correspondingprovider in this regard.

8.7

Security Settings8.7 Patch and Update Information


Index

A

Access rights for released folders 39Access Rights, Local 142

B

Basic Security Settings 78

C

Communication redundancy 22, 25Configuration file for the NTPD 119Configuring DCOM 80Configuring the OPC DA Server 84Create user groups 37Create users 37

D

Desktop Firewall 131Driver for the Hopf6039 card 122

E

Editing the Configuration File 106

F

Firewall 131Firewall Settings, OPC 93

I

Installation 103Installation of the ICCP Driver 103IPSec Configuration 144, 158

IPSec Tunnel between PMU and SIGUARD PDPServer 158IPSec Tunnel between SIGUARD PDP Server and LocalComputer 144

L

LicenseRemoval 74

Licensing 40Licensing the ICCP Driver 104Local Access Rights 142Logging 134Logging with the Event Viewer for Windows 10 (localcomputer) and Windows Server 2016 (remotecomputer) 135

N

Network Configuration with IPSec 18Network Topology, Overview 16NTPD installation 116NTPD, Details 118

O

OPC Enum Server configuration 91OPC Firewall Settings 93OPC server configuration 78OPC Server installation 77OPC Server, overview 76Operating system 33

P

Patch Information 161Protection Against Malware 159


R

RedundancyCommunication redundancy 22, 25Server redundancy 25Server Redundancy 23

S

Sample configurations 124Security process 12Security, Actions 13Security, Rules 14Server redundancy 25Server Redundancy 23System configuration

With communication redundancy 22With communications and server redundancy 25With Server Redundancy 23Without communication redundancy 21

T

Time synchronizationOverview 112

Timer, PCI card 124Timer, Radio Clock or NTP Time server 125

U

Uninstalling 73Uninstalling NTPD of the Hopf card 117Update Information 161User Management 35

V

Virus scanner 159

Index


SIGUARD PDP Phasor Data Processing

Documents

Transcript of SIGUARD PDP Phasor Data Processing