Manualshelf

User's Manual

ManualsBrandsSchweitzer Engineering Laboratories ManualsElectronicsSEL-3021
12345678910
Table Of Contents
SEL-3021 Transceiver Instruction Manual Date Code 20041005
Introduction & Specifications
Product Overview
1.2
Product Overview
The SEL-3021 Serial Encrypting Transceiver is a bump-in-the-wire encryption device
designed to add strong cryptographic security to new serial communications links and
to provide an easy and effective security solution for existing serial communications
networks. It is designed for use on both point-to-point byte oriented communications
links and multidrop SCADA networks.
The SEL-3021 provides data confidentiality by encrypting passwords and other
sensitive data prior to transport over insecure channels. The SEL-3021 also prevents
unauthorized device access by rejecting all communication session requests from
sources that cannot pass cryptographic session authentication. Figure 1.1 shows a
typical SCADA connection where a master device retrieves data from a remote device
over an insecure communications channel such as a leased phone circuit, a dial-up
connection, or a wireless link. Unauthorized individuals could monitor or alter the data
these media carry. Someone could also access the channel and inject malicious data to
force some type of action such as an unauthorized breaker operation.
Figure 1.1 Typical SCADA Communications Channel
Figure 1.2 shows the SCADA communications link now secured by two SEL-3021
Serial Encrypting Transceivers. Install the SEL-3021 between the master device and
modem at the master location and install an SEL-3021 between the remote device and
modem at the remote location to provide electronic security. With the SEL-3021,
legitimate communication still flows seamlessly between the master and remote
devices, but a potential attacker cannot intercept or interpret the sensitive contents of
the encrypted frames. The SEL-3021 transceivers block all unauthorized access to the
master or remote device.
Intended Communications
Insecure
Channel
Modem Modem
Modem
SCADA
Master
SCADA
RTU
Unauthorized
Device or
Attacker
Malicious CommunicationMalicious Communication
Preliminary Copy