ABBSYSTEM DRIVES MEGADRIVE-LCI water-cooled User manual

the component level) as well as using the following best practices when you integrate the drive into 

your system and when you interact with the drive:

– Isolate drive control network (172.16.0.0) from other networks.

– Restrict drive connections to the interfaces in Table 2.

– Scan USB flash drives for viruses/malware before you connect them to the LCT.

– Route Ethernet-based bus communication (if existing) for the plant control system through a 

protected control network infrastructure that is isolated from the Internet.

– Follow the remote access gateway setup recommendations to establish a network connection 

to the ABB Ability platform.

– Restrict physical access to the drive and control network access to authorized personnel.

– Only allow control network access for drive servicing by qualified personnel.

Table 2 – Drive connection interfaces

Connection type Interface

Drive control (remote) Hardwired IO or fieldbus

Data collection (local) USB ports on control terminal (LCT)

Data collection and monitoring (remote) Remote access gateway

1.7.2. PEC controller security features

The PEC controller software fulfills the minimum cyber-security requirements by using security 

features of AC 800PEC platform. The following Ethernet ports are open by default to ensure that the 

system operates properly.

The AC 800PEC controller is also equipped with a serial port that provides a root shell for a user to 

directly change a password. This port must be secured and only made accessible to authorized 

persons.

IMPORTANT! Connecting the serial port to a remote terminal server to gain access the serial port 

remotely can create security risks. Exposure of the Ethernet ports, serial port or controller password 

to unauthorized persons can create significant security risk.

1.7.3. Control terminal (LCT) security features

The LCT Ethernet interface (AC 800PEC) is used for the internal exchange of drive data. 

The main security features of the LCT are:

– System files are write-protected

A few storage locations for user data and settings do not have write protection. 

– LCT regularly reboots from write-protected system storage to restore the original state and 

configuration of the LCT operating system 

– Unused ports (Ethernet and others) are disabled or blocked.

Ports and services that are required by the system are left open and are described in Table 4.

Table 3 – Open Ethernet ports for PEC controller software

Port Service Usage

22/tcp ssh/sftp Secure communication with AC 800PEC controller

(used by AC 800PEC Tool, LCT, Shell Terminal)

8080 / tcp http-proxy, 

gSOAP soap2.8

SOAP communication with AC 800PEC controller

8081 / tcp blackice-icecap, 

gSOAP soap2.8

SOAP communication with AC 800PEC controller

102 / tcp mms/IEC61850 MMS Server (only running with Industrial IT), IEC61850

123 / udp ntp Network Time Protocol: Synchronize computer clock times in a network 

of computers.

5002 / udp rfe/PEC Scanner For scanning controller over network (used by AC 800PEC Tool)

Table 4 – Opens ports for the LCT

Port Service Usage

102 / tcp MMS Communication with AC 800PEC controller

135 / tcp msrpc Windows service

139 / tcp NetBIOS-ssn Windows service

445 / tcp Microsoft-ds? Windows service

3050 / tcp Gds_db Database access

3389 / tcp ms-wbt-server Windows service

5040 / tcp CDP Windows external devices communication

7680 / tcp WUDO Windows Updates Optimization

49664 / tcp WinInit Windows startup

49665 / tcp EventLog Logging windows events

49666 / tcp Schedule Task scheduling

49667 / tcp SessionEnv Remote Desktop configuration

49668 / tcp Spooler Printer communication

49669 / tcp PolicyAgent Securing TCP/IP connections

49670 / tcp Services.exe Windows services control

49672 / tcp Vaultsvc, KeyIso, SamSS Windows credential and accounts management

137 / udp NetBIOS-ns Windows service

138 / udp NetBIOS-dgm Windows service

147 / udp iso-ip Used for automatic detection of other OPC nodes on the network

500 / udp ISAKMP Cryptographic key management

2423 / udp RNRP Routing in redundant industrial networks

3339 / udp RNRP Routing in redundant industrial networks

3389 / udp ms-wbt-server

4500 / udp NAT-T.IKE NAT traversal

5050 / udp CDP As 5040/tcp but connectionless

49665 / udp unknown Used for automatic detection of other OPC nodes on the network

1.7.4. List of software accounts

The following tables contain the login credentials.

Table 5 – Control terminal software accounts

Account description User Password

Windows user account

(local user account)

LCTuser N/A (undisclosed)

Windows account

(administrator)

LCT N/A (undisclosed)

LCT Application1

1 See 9.2.4 User passwords on page 96.

Operator Level 1 ABB1

LCT Application 1 Operator Level 2 ABB2

LCT Application 1 Operator Level 3 ABB3

LCT Application 1 Administrator N/A (undisclosed)

Table 6 – AC 800PEC, LIN-boards, and CIO-boards software accounts

Account description User Password

FTP and telnet access user N/A (undisclosed)

Table 7 – NETA-21 software account

Account description User Password

Configuration interface Admin N/A (undisclosed)

1.8. Quality certificates and applicable standards

The following certificates and conformity declarations are available with ABB: