User Manual

ManualsBrandsSiemens ManualsBuilding automationDesigo CC MP 5.0 BACnet Server, BACnet Protocol Implementation Conformance Statement (PICS), Basic Documentation

About This Document

Technical Terms and Abbreviations

6 | 27

A6V11917731_en_b_41

ISA-99/IEC 62443

Security Level

ANSI/ISA 62443 is a series of standards, technical reports, and related

information that define procedures for implementing electronically secure

Industrial Automation and Control Systems (IACS). This guidance applies to

end-users (for example, asset owner), system integrators, security

practitioners, and control systems manufacturers responsible for

manufacturing, implementing, or managing IACS.

These documents were originally referred to as ANSI/ISA-99 or ISA99

standards, as they were created by the International Society for Automation

(ISA) and publicly released as American National Standards Institute

(ANSI) documents. In 2010, they were renumbered to be the ANSI/ISA-

62443 series. This change was intended to align the ISA and ANSI

document numbering with the corresponding International Electrotechnical

Commission (IEC) standards.

ISO

The International Organization for Standardization is an international

standard-setting body composed of representatives from various national

standards organizations.

MMS

Management station. In this document, it is intended as synonym of Desigo

CC.

Multi-homed

Connected with more than one network at the same time.

Novigo/Cerberus PACE

Ethernet-based digital audio network. Signals from audio frequency (AF)

sources are digitized and fed into the network. Conversely, digital audio

streams can be taken at any point from the network and prepared for

analog processing.

PACE PC

Computer with Pace design.

PN2005-A1

Planet IGS-10020MT Switch. Enables the user to create a stable,

redundant network.

Supports Spanning Tree Protocol (STP) and Rapid Spanning Tree Protocol

(RSTP) for clear identification of network paths in a redundant network.

Supports Ethernet Ring Protection Switching (ERPS) for ring-shaped

network structures to enable rapid switching to redundant network paths in

the event of a fault.

Supports Virtual Local Area Network (VLAN) to divide the physical network

into logical subnetworks to increase network performance and security.

Protection zone

Physically separated, private network. A fire detection system is a

physically separated network and forms a Protection zone. Network access

from outside of this zone into this zone is only allowed through a protective

component at the boundary to the Protection zone.

Public key certificate

In cryptography, a public key certificate, also known as a digital certificate

or identity certificate, is an electronic document used to prove the

ownership of a public key[1]. The certificate includes information about the

key, information about the identity of its owner (called the subject), and the

digital signature of an entity that has verified the certificate's contents

(called the issuer). If the signature is valid, and the software examining the

certificate trusts the issuer, then it can use that key to communicate

securely with the certificate's subject.[2] In email encryption, code signing,

and e-signature systems, a certificate's subject is typically a person or

organization. However, in Transport Layer Security (TLS) a certificate's

subject is typically a computer or other device, though TLS certificates may

identify organizations or individuals in addition to their core role in

identifying devices. TLS, sometimes called by its older name Secure

Sockets Layer (SSL), is notable for being a part of HTTPS, a protocol for

securely browsing the web.

In a typical public-key infrastructure (PKI) scheme, the certificate issuer is a

certificate authority (CA), usually a company that charges customers to

issue certificates for them. By contrast, in a web of trust scheme, individuals

sign each other's keys directly, in a format that performs a similar function

to a public key certificate.

The most common format for public key certificates is defined by X.509.

Because X.509 is very general, the format is further constrained by profiles

defined for certain use cases, such as Public Key Infrastructure (X.509) as

defined in RFC 5280.

https://en.wikipedia.org/wiki/Public_key_certificate

Single-homed

Connected with a maximum of one network at the same time.