User manual
Toolbox 32 User Manual 1.47d www.cse-semaphore.com/mykingfisher
Page
200
Appendix - RTU Security
An RTU can be secured against unauthorised re-configuration or unauthorised access to data registers.
An RTU is secured by loading the security driver (as detailed in the next topic) and configuring each
communications port with a non-zero security level using Toolbox (the 5 levels of security are detailed
below).
The security driver limits access to RTU registers and configuration parameters by limiting messages
received from Toolbox or from another RTU or device using the Kingfisher or Modbus protocols. Note: other
protocols are not affected by the security system and can read and write RTU data. However, only the
Kingfisher protocol can be used to reconfigure the RTU if permitted by the security level of the
communications port or if the communications port is first unlocked using Toolbox.
The security levels that can be configured for each port are as follows:
RTU Port
Security
Level
Read
Access
Write Access Notes
0 Everything Everything
Highest access level. Only
this level can be used to
download a configuration
and reconfigure the RTU.
1 Everything
Everything except
System Registers
and Ladder Logic
System Registers include all
configuration parameters.
2 Everything #R1 to #R512 only
3 Everything Nothing
4
#R1 to
#R512 only
Nothing
5 Nothing Nothing
RTU can only be accessed
by first unlocking the port
using Toolbox.
Note: Ethernet port will still
respond to a ping request.
Each RTU Communication Port has a default security level of 0 (full access). Other security levels may be
configured from Configuration, Port List. By configuring all RTU ports in a network with security levels of 3,
4 or 5, the network is then secure against unauthorised reconfiguration and can only be reconfigured by an
authorised Toolbox user after unlocking the RTU comms port as detailed in the next section. If the security
driver is not loaded, all ports default to full access (level 0).