Schweitzer Engineering Laboratories SEL3X21 SEL-3021 User Manual Copy 3021 01

Download:
Mirror Download [FCC.gov]
Document ID	479868
Application ID	bh2rLbl5L97XWwREBT7twA==
Document Description	Users Manual
Short Term Confidential	No
Permanent Confidential	No
Supercede	No
Document Type	User Manual
Display Format	Adobe Acrobat PDF - pdf
Filesize	38.35kB (479398 bits)
Date Submitted	2004-10-18 00:00:00
Date Available	2004-10-18 00:00:00
Creation Date	1999-10-25 15:46:06
Producing Software	Acrobat Distiller 6.0.1 (Windows)
Document Lastmod	2004-10-05 15:06:30
Document Title	Copy_3021_01.fm
Document Creator	FrameMaker 6.0
Document Author:	heatkn

Preliminary Copy
Section 1
Introduction & Specifications
Introduction
This section includes the following overviews of the SEL-3021 Serial Encrypting
Transceiver:
➤
Product Overview
➤
Connections, Reset Button, and LED Indications
➤
Software System Requirements
➤
General Safety and Care Information
➤
Specifications
Date Code 20041005
Instruction Manual
SEL-3021 Transceiver
1.2
Introduction & Specifications
Product Overview
Preliminary Copy
Product Overview
The SEL-3021 Serial Encrypting Transceiver is a bump-in-the-wire encryption device
designed to add strong cryptographic security to new serial communications links and
to provide an easy and effective security solution for existing serial communications
networks. It is designed for use on both point-to-point byte oriented communications
links and multidrop SCADA networks.
The SEL-3021 provides data confidentiality by encrypting passwords and other
sensitive data prior to transport over insecure channels. The SEL-3021 also prevents
unauthorized device access by rejecting all communication session requests from
sources that cannot pass cryptographic session authentication. Figure 1.1 shows a
typical SCADA connection where a master device retrieves data from a remote device
over an insecure communications channel such as a leased phone circuit, a dial-up
connection, or a wireless link. Unauthorized individuals could monitor or alter the data
these media carry. Someone could also access the channel and inject malicious data to
force some type of action such as an unauthorized breaker operation.
Intended Communications
SCADA
Master
Modem
Insecure
Channel
Malicious Communication
Modem
SCADA
RTU
Malicious Communication
Modem
Unauthorized
Device or
Attacker
Figure 1.1
Typical SCADA Communications Channel
Figure 1.2 shows the SCADA communications link now secured by two SEL-3021
Serial Encrypting Transceivers. Install the SEL-3021 between the master device and
modem at the master location and install an SEL-3021 between the remote device and
modem at the remote location to provide electronic security. With the SEL-3021,
legitimate communication still flows seamlessly between the master and remote
devices, but a potential attacker cannot intercept or interpret the sensitive contents of
the encrypted frames. The SEL-3021 transceivers block all unauthorized access to the
master or remote device.
SEL-3021 Transceiver
Instruction Manual
Date Code 20041005
Introduction & Specifications
Product Overview
Preliminary Copy
1.3
Encrypted Communications
Over an Insecure Channel
SEL-3021
SCADA
Master
SEL-3021
Modem
Unauthorized
Communication
Blocked by an SEL-3021
Insecure
Channel
Modem
SCADA
RTU
Modem
Unauthorized
Communication
Blocked by an SEL-3021
Unauthorized
Device or
Attacker
Figure 1.2
Secure SCADA Communications Channel
Date Code 20041005
Instruction Manual
SEL-3021 Transceiver
1.4
Introduction & Specifications
Connections, Reset Button, and LEDPreliminary
Indications
Copy
Connections, Reset Button,
and LED Indications
The figure below shows typical connections for the SEL-3021.
125
Vdc
5–24
Vdc
Fuse
Modem
EIA-232
Contact
Input
Trusted
Interface
SEL-2030
SEL-2506
Figure 1.3
SEL-421
SEL-311L
EIA-232
Untrusted
Interface
Insecure
Network
AES Encrypted
Wireless 802.11b link from
computer to SEL-3021
PC
Computer
or PDA with
802.11b
Typical Connections for the SEL-3021
Power Supply Connections
You can apply 5 to 24 Vdc directly to the SEL-3021 power terminals, which are
available either as compression terminals or a 2.5 mm jack. You must use an auxiliary
power supply to supply a voltage source other than 5 to 24 Vdc. See Specifications on
page 1.10 for power requirements.
IMPORTANT: Use only one power connection at a time.
SEL-3021 Transceiver
Instruction Manual
Date Code 20041005
Introduction & Specifications
PreliminaryConnections,
Copy Reset Button, and LED Indications
1.5
Alarm Output Connection
Use the solid-state alarm contact to alert you to problems either with the
communications channel or the SEL-3021. See Section 5: Testing and Troubleshooting
for more details. To maintain the UL rating of the SEL-3021, connect the alarm output
contact as follows:
1.
Use an external load to limit current to less than 100 mA through the
alarm contact. There is no means within the SEL-3021 to limit
current through the alarm contact. You must ensure that the external
circuit connected to the SEL-3021 limits the current. For example, a
typical SEL contact input draws 4 mA. Figure 1.4 shows a typical
connection of a wetting source (125 Vdc), the SEL-3021 solid-state
output, an SEL-2030 contact input, and an optional load resistor. In
this case, because the contact input impedance limits the current to
less than 100 mA, the load resistor is not necessary. If the sensing
input does not have a means of limiting the current to less than 100
mA, then you must use a high wattage resistor. Select a load resistor
with the proper wattage rating to limit the current. For example,
assume the wetting source is 125 Vdc and that the sensing input
requires 10 mA to assert. You can use the following calculation to
determine the load resistor: 125 Vdc/ 10 mA = 12.5 kΩ. Calculate the
minimum wattage: (10 mA)2 • 12.5 kΩ = 1.25 W. You would typically
double this parameter to 2.5 W to ensure proper operation over
temperature and life. You should verify proper derating with the
resistor data sheet.
2.
Circuit protection should include an in-line fuse rated for 0.5 A or
less with a voltage rating greater than the voltage you intend to use.
Figure 1.4 shows a typical alarm output installation.
CAUTION: Current through the alarm output must be limited to less
! than 100 mA.
Date Code 20041005
Instruction Manual
SEL-3021 Transceiver
1.6
Introduction & Specifications
Connections, Reset Button, and LEDPreliminary
Indications
Copy
0.5 A, 250 V
Fast Blow Fuse
SEL-3021
Alarm Output Contact
—
Wetting Voltage
125 Vdc
Do not apply 125 Vdc
directly to the SEL-3021
power supply connections
Optional Load
Resistor
SEL-2030
Contact Input
Typical SEL contact
inputs draw 4 mA of
nominal wetting source voltage
Figure 1.4
Typical Alarm Output Installation
Serial Port Pin-Out Connection
The SEL-3021 has a fully compliant DTE and DCE serial port. SEL offers many cable
configurations for use between the SEL-3021 and other devices.
The serial port pin-out descriptions for the DTE and DCE ports are as follows.
Table 1.1
DTE (Male DB9)
Pin
Description
Data Carrier Detect (Input)
Received Data (Input)
Transmitted Data (Output)
Data Terminal Ready (Output)
Ground
Data Set Ready (Input)
Request to Send (Output)
Clear to Send (Input)
Ring Indicator (Input)
SEL-3021 Transceiver
Instruction Manual
Date Code 20041005
Introduction & Specifications
PreliminaryConnections,
Copy Reset Button, and LED Indications
Table 1.2
1.7
DCE (Female DB9)
Pin
Description
Data Carrier Detect (Output)
Transmitted Data (Output)
Received Data (Input)
Data Terminal Ready (Input)
Ground
Data Set Ready (Output)
Request to Send (Input)
Clear to Send (Output)
Ring Indicator (Output)
Reset Button
Use the {RESET} button to reset and delete all security related settings. You can access
the {RESET} button through the small hole in the end of the SEL-3021 near the status
LED. Use a paper clip or other similar device to press the {RESET} button for at least 2
seconds, which resets the SEL-3021 into a default state. Power must be applied to the
SEL-3021 for the reset operation to occur.
IMPORTANT: Pressing the {RESET} button erases all security
parameters and interrupts transmission of encrypted
data until you initialize the SEL-3021. See Initializing the
SEL-3021 on page 2.5 in Section 2: Installation.
Status LED
Use the status LED to determine the state of the SEL-3021. If the status LED is solidly
lit, the SEL-3021 is operating correctly. If the LED is blinking, the SEL-3021 is in a
failed or reset mode. Refer to Section 5: Testing and Troubleshooting for more details.
Date Code 20041005
Instruction Manual
SEL-3021 Transceiver
1.8
Introduction & Specifications
Software System Requirements
Preliminary Copy
Software System Requirements
The SEL-3021 comes with configuration and monitoring software, referred to as the
SEL-5809 Settings Software. The SEL-5809 Settings Software is the only means to set
and monitor the SEL-3021. The software comes in two versions: one version is for a
Personal Computer (PC) and one is for a Personal Digital Assistant (PDA) operating
system. The following operating systems have been tested with the software.
Table 1.3
Operating Systems Tested With the SEL-5809 Settings Software
Devices
Qualified Systems
PCs
WinXP Professional Edition (Service Pack 1)
Windows 2000 (Service Pack 4) with .NET framework (Version
1.1) installed
Windows XP with .NET framework installed
PDAs
Pocket PC 2002/2003 or higher with .NET compact framework
(Version 1.0 Service Pack 2)
Wireless (802.11b)
Modules
Netgear MA111
Linksys WPC11
SEL-3021 Transceiver
Instruction Manual
Date Code 20041005
Introduction & Specifications
Preliminary CopyGeneral Safety and Care Information
1.9
General Safety and Care Information
General Safety Notes
The SEL-3021 is designed for restricted access locations. Access shall be limited to
qualified service personnel.
The SEL-3021 should not be installed or operated in a condition not specified in this
manual.
CAUTION: The SEL-3021 is an intentional radiator. Changes or
! modifications not expressly approved by SEL for compliance could void
the user’s authority to operate the equipment.
CAUTION: The SEL-3021 is an intentional radiator. The radio has been
! authorized by the FCC for mobile use only. Users and nearby persons
must maintain a separation distance of at least 20 cm (8 inches) from the radio
during operation.
Cleaning Instructions
The SEL-3021 should be de-energized (by removing the power connection to both the
power and alarm connection) before cleaning.
The case can be wiped down with a damp cloth. Solvent-based cleaners should not be
used on plastic parts or labels.
Date Code 20041005
Instruction Manual
SEL-3021 Transceiver
1.10
Introduction & Specifications
Specifications
Preliminary Copy
Specifications
Indicators
Green LED:
Electromagnetic Compatibility Immunity
Conducted
RF Immunity:
Device Status
Solid-State Output
100 mA continuous
250 Vdc or 120 Vac Operational Voltage
Max. On Resistance: 50 Ω
Min. Off Resistance: 10 MΩ
Insulation:
1500 Vdc
Wiring size:
14 AWG Max.
26 AWG Min.
0.4 mm Min. Insulation
105° C, 250 V Min.
Encryption Protocols
AES:
128-bit encryption
Serial Port
Connectors:
Data Rate:
Interface:
DB-9 Male (DTE)
DB-9 Female (DCE)
300 bps to 38400 bps
EIA-232
Wi-Fi/802.11b Configuration Port
Protocol:
Modulation:
Frequency Band:
Encryption:
Authentication:
IEEE 802.11b
DSSS
2.4 GHz
128-bit WEP and
128-bit AES
HMAC SHA-1
128-bit key
Digital Radio
Telephone RF:
Electrostatic
Discharge:
Fast Transient
Disturbance:
Radiated Radio
Frequency:
ENV 50204:1995,
10 V/m at 900 MHz
and 1.89 GHz
IEC 60255-22-2:1996,
IEC 61000-4-2:1999,
[EN 61000-4-2–1995],
Levels 1, 2, 3, 4
IEC 61000-4-4:1995,
IEC 60255-22-4:1992,
4 kV at 2.5 and 5 kHz
ENV 50140–1993,
IEC 60255-22-3:1989,
10 V/m
IEEE C37.90.2–1995,
35 V/m
Type Test Compliance Criteria:
1) The SEL-3021 does not damage or impede
IED operation.
2) The SEL-3021 is allowed to lose data
during testing events.
3) The SEL-3021 must recover without
external intervention.
Environmental
Power Requirements
Cold:
+5 to +24 Vdc:
<5 W
supplied through compression terminals or a
2.5 mm jack
Operating Temperature Range
–40° to +85° C (–40° to +185° F)
802.11b module (0° to +70°C)
5 to 95% humidity (noncondensing)
Dry Heat:
Damp Heat, Cyclic:
Dimensions
3.675" wide
4.8" deep
1" high, without DIN mount
Vibration:
Type Tests
Electromagnetic Compatibility
Radiated Emissions: IEC 60255-25:2000,
Class A
FCC part 15 Class A
SEL-3021 Transceiver
ENV 50141:1993,
10 V rms
IEC 61000-4-6:1996,
10 V rms
Max. Altitude:
Instruction Manual
IEC 60068-2-1:1990
[EN 60068-2-1–1993],
Test Ad: 16 hrs
@ –40° C
IEC 60068-2-2:1974
[EN 60068-2-2–1993],
Test Bd: 16 hrs @
+85° C
IEC 60068-2-30:1980,
Test Db: +25° to
+55°C,
6 cycles, 95% humidity
IEC 60255-21-1:1988,
Class 1
IEC 60255-21-2:1988,
Class 1
IEC 60255-21-3:1993,
Class 2
2000 m
Date Code 20041005
Preliminary Copy
Introduction & Specifications
Specifications
1.11
Certifications
ISO:
Listings:
FCC:
IC:
FIPS:
Date Code 20041005
Device is designed and
manufactured using
ISO 9001 certified
quality program.
CE Mark
UL 61010C-1/CSA
C22.2 No. 1010-1-92/
EN 61010-1
15.247
ICES-001
140-2, Security Level 2
(pending)
Instruction Manual
SEL-3021 Transceiver
Preliminary Copy
This page intentionally left blank

---

Source Exif Data:

File Type                       : PDF
File Type Extension             : pdf
MIME Type                       : application/pdf
PDF Version                     : 1.5
Linearized                      : No
Page Count                      : 12
Page Mode                       : UseOutlines
XMP Toolkit                     : XMP toolkit 2.9.1-14, framework 1.6
About                           : uuid:24d6881e-bf91-4f93-8298-65c71f46f376
Producer                        : Acrobat Distiller 6.0.1 (Windows)
Creator Tool                    : FrameMaker 6.0
Modify Date                     : 2004:10:05 15:06:30-07:00
Create Date                     : 1999:10:25 15:46:06Z
Metadata Date                   : 2004:10:05 15:06:30-07:00
Document ID                     : uuid:66803a39-8b0f-4161-a454-862f1c3fdf0f
Format                          : application/pdf
Title                           : Copy_3021_01.fm
Creator                         : heatkn
Author                          : heatkn

EXIF Metadata provided by EXIF.tools