Support

Support for business applications

Kaspersky Industrial CyberSecurity for Networks

Administration of Kaspersky Industrial CyberSecurity for Networks

Configuring Process Control

Process Control devices

Process Control settings for devices

Kaspersky Industrial CyberSecurity for Networks
Нет результатов
Online Help
FAQ Download Forum Contact support Recovery tools Product videos

Process Control settings for devices

March 22, 2024

ID 195981

Get as PDF

Process Control settings for devices are displayed in the details area when a device is selected in the devices table, on the network interactions map, or on the topology map. If Process Control settings are defined for a device, the details area contains a separate block containing the following settings:

  • Device type – type of device from the list of device types supported for Process Control.
  • Protocol – name of the utilized protocol. The following information is displayed for each protocol:
    • System commands – main settings for tracking system commands for a protocol. This field shows the total number of system commands for the protocol and the number of monitored system commands that will cause the application to register events if detected.
    • Address information – depending on the selected protocol, this field contains the IP address and port, MAC address or domain ID (for the IEC 61850: GOOSE protocol). If additional address spaces were added to the application, the specific address space must be indicated for an address (and the OSI model layers selected for address space rules must match the address).
    • Additional settings depending on the selected protocol. Additional settings are displayed if the application lets you configure more than system commands and address information for this protocol.

      Examples:

      When the Modbus TCP protocol is selected, the additional setting Reverse order of registers is also displayed. This setting lets you enable or disable support for an inverted sequence of registers (machine words) in 32-bit data values.

      When the IEC 60870-5-101 protocol is selected, the following additional parameters are displayed:

      • Two-byte ASDU address – lets you enable or disable two-byte addressing mode for application service data units (ASDU). If this mode is disabled, one-byte addressing is used.
      • Originator – lets you enable or disable the use of an additional byte for the originator's address in the data block ID.
      • Channel address block (bytes) – number of bytes in a data link layer address block.
      • Object address block (bytes) – number of bytes in an information object address block.

You can add Process Control settings for devices in the following ways:

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.