About the Book

Document Scope

This document describes the steps for configuring the firewall for PacDrive LMC controllers (PacDrive LMC Eco, PacDrive LMC Pro/Pro2).

Validity Note

This document has been updated for the release of EcoStruxure™ Machine Expert V2.2.2.

Available Languages of this Document

This document is available in these languages:

  • English (EIO0000004198)

  • German (EIO0000004199)

Related Documents

Document title

Reference

PacDrive LMC Eco Hardware Guide

EIO0000001501 (eng)

EIO0000001502 (ger)

PacDrive LMC Eco Device Objects and Parameters

EIO0000002285 (eng)

EIO0000002286 (ger)

PacDrive LMC Pro/Pro2 Hardware Guide

EIO0000001503 (eng)

EIO0000001504 (ger)

PacDrive LMC Pro/Pro2 Device Objects and Parameters

EIO0000002335 (eng)

EIO0000002336 (ger)

EcoStruxure Machine Expert Programming Guide

EIO0000002854 (eng)

EIO0000002855 (fre)

EIO0000002856 (ger)

EIO0000002858 (spa)

EIO0000002857 (ita)

EIO0000002859 (chi)

CommonToolbox Library Guide

EIO0000004219 (eng)

To find documents online, visit the Schneider Electric download center (www.se.com/ww/en/download/).

Product Related Information

 WARNING
LOSS OF CONTROL
  • Perform a Failure Mode and Effects Analysis (FMEA), or equivalent risk analysis, of your application, and apply preventive and detective controls before implementation.
  • Provide a fallback state for undesired control events or sequences.
  • Provide separate or redundant control paths wherever required.
  • Supply appropriate parameters, particularly for limits.
  • Review the implications of transmission delays and take actions to mitigate them.
  • Review the implications of communication link interruptions and take actions to mitigate them.
  • Provide independent paths for control functions (for example, emergency stop, over-limit conditions, and error conditions) according to your risk assessment, and applicable codes and regulations.
  • Apply local accident prevention and safety regulations and guidelines.1
  • Test each implementation of a system for proper operation before placing it into service.
Failure to follow these instructions can result in death, serious injury, or equipment damage.

1 For additional information, refer to NEMA ICS 1.1 (latest edition), Safety Guidelines for the Application, Installation, and Maintenance of Solid State Control and to NEMA ICS 7.1 (latest edition), Safety Standards for Construction and Guide for Selection, Installation and Operation of Adjustable-Speed Drive Systems or their equivalent governing your particular location.

 WARNING
UNINTENDED EQUIPMENT OPERATION
  • Only use software approved by Schneider Electric for use with this equipment.
  • Update your application program every time you change the physical hardware configuration.
Failure to follow these instructions can result in death, serious injury, or equipment damage.
NOTE: Schneider Electric adheres to industry best practices in the development and implementation of control systems. This includes a "Defense-in-Depth" approach to secure an Industrial Control System. This approach places the controllers behind one or more firewalls to restrict access to authorized personnel and protocols only.
 WARNING
UNAUTHENTICATED ACCESS AND SUBSEQUENT UNAUTHORIZED MACHINE OPERATION
  • Evaluate whether your environment or your machines are connected to your critical infrastructure and, if so, take appropriate steps in terms of prevention, based on Defense-in-Depth, before connecting the automation system to any network.
  • Limit the number of devices connected to a network to the minimum necessary.
  • Isolate your industrial network from other networks inside your company.
  • Protect any network against unintended access by using firewalls, VPN, or other, proven security measures.
  • Monitor activities within your systems.
  • Prevent subject devices from direct access or direct link by unauthorized parties or unauthenticated actions.
  • Prepare a recovery plan including backup of your system and process information.
Failure to follow these instructions can result in death, serious injury, or equipment damage.

For more information on organizational measures and rules covering access to infrastructures, refer to ISO/IEC 27000 series, Common Criteria for Information Technology Security Evaluation, ISO/IEC 15408, IEC 62351, ISA/IEC 62443, NIST Cybersecurity Framework, Information Security Forum - Standard of Good Practice for Information Security and refer to Cybersecurity Guidelines for EcoStruxure Machine Expert, Modicon and PacDrive Controllers and Associated Equipment.

For reasons of Internet security, for those devices that have a native Ethernet connection, TCP/IP forwarding is disabled by default. Therefore, you must manually enable TCP/IP forwarding. However, doing so may expose your network to possible cyberattacks if you do not take additional measures to protect your enterprise. In addition, you may be subject to laws and regulations concerning cybersecurity.

 WARNING
UNAUTHENTICATED ACCESS AND SUBSEQUENT NETWORK INTRUSION
  • Observe and respect any and all pertinent national, regional and local cybersecurity and/or personal data laws and regulations when enabling TCP/IP forwarding on an industrial network.
  • Isolate your industrial network from other networks inside your company.
  • Protect any network against unintended access by using firewalls, VPN, or other, proven security measures.
Failure to follow these instructions can result in death, serious injury, or equipment damage.

Consult the Schneider Electric Cybersecurity Best Practices for additional information.

Information on Non-Inclusive or Insensitive Terminology

As a responsible, inclusive company, Schneider Electric is constantly updating its communications and products that contain non-inclusive or insensitive terminology. However, despite these efforts, our content may still contain terms that are deemed inappropriate by some customers.

Terminology Derived from Standards

The technical terms, terminology, symbols and the corresponding descriptions in the information contained herein, or that appear in or on the products themselves, are generally derived from the terms or definitions of international standards.

In the area of functional safety systems, drives and general automation, this may include, but is not limited to, terms such as safety, safety function, safe state, fault, fault reset, malfunction, failure, error, error message, dangerous, etc.

Among others, these standards include:

Standard

Description

IEC 61131-2:2007

Programmable controllers, part 2: Equipment requirements and tests.

ISO 13849-1:2023

Safety of machinery: Safety related parts of control systems.

General principles for design.

EN 61496-1:2020

Safety of machinery: Electro-sensitive protective equipment.

Part 1: General requirements and tests.

ISO 12100:2010

Safety of machinery - General principles for design - Risk assessment and risk reduction

EN 60204-1:2006

Safety of machinery - Electrical equipment of machines - Part 1: General requirements

ISO 14119:2013

Safety of machinery - Interlocking devices associated with guards - Principles for design and selection

ISO 13850:2015

Safety of machinery - Emergency stop - Principles for design

IEC 62061:2021

Safety of machinery - Functional safety of safety-related electrical, electronic, and electronic programmable control systems

IEC 61508-1:2010

Functional safety of electrical/electronic/programmable electronic safety-related systems: General requirements.

IEC 61508-2:2010

Functional safety of electrical/electronic/programmable electronic safety-related systems: Requirements for electrical/electronic/programmable electronic safety-related systems.

IEC 61508-3:2010

Functional safety of electrical/electronic/programmable electronic safety-related systems: Software requirements.

IEC 61784-3:2021

Industrial communication networks - Profiles - Part 3: Functional safety fieldbuses - General rules and profile definitions.

2006/42/EC

Machinery Directive

2014/30/EU

Electromagnetic Compatibility Directive

2014/35/EU

Low Voltage Directive

In addition, terms used in the present document may tangentially be used as they are derived from other standards such as:

Standard

Description

IEC 60034 series

Rotating electrical machines

IEC 61800 series

Adjustable speed electrical power drive systems

IEC 61158 series

Digital data communications for measurement and control – Fieldbus for use in industrial control systems

Finally, the term zone of operation may be used in conjunction with the description of specific hazards, and is defined as it is for a hazard zone or danger zone in the Machinery Directive (2006/42/EC) and ISO 12100:2010.

NOTE: The aforementioned standards may or may not apply to the specific products cited in the present documentation. For more information concerning the individual standards applicable to the products described herein, see the characteristics tables for those product references.