Eaton Cybersecurity Center of Excellence Cybersecurity Recommendations Eaton Green Motion AC chargers Secure configuration guidelines
Documentation to securely deploy and configure Eaton products Eaton Green Motion AC EV chargers have been designed with cybersecurity as an important consideration. A number of features are offered in the product to address cybersecurity risks. These Cybersecurity recommendations provide information to help users to deploy and maintain the product in a manner that minimizes the cybersecurity risks.
Category Intended Use & Deployment Context Description Applicable to Eaton Charging network manager or third-party backend connected product. Applicable to end customer. Deployed at customer premises on parking places, private or publicly accessible, to allow charging of EVs, authentication, billing, etc. Keeping track of software and hardware assets in your environment is a pre-requisite for effectively managing cybersecurity.
Category Description Eaton Green Motion Building supports network communication with other devices in the environment. This capability can present risks if it’s not configured securely. Following are Eaton recommended best practices to help secure the network. Additional information about various network protection strategies is available in Eaton Cybersecurity Considerations for Electrical Distribution Systems [R1].
Category Description The device includes SSH remote connection to allow a service engineer with help from site administrator to trouble shoot the device functionality. This connection allows service engineer to perform following tasks. The SSH port is disabled by default and shall only be enabled if strictly necessary. • Open TCP port 22 to allow the SSH connection to be established when the service engineer requests it. Instructions will be provided by Eaton field service engineer how to enable SSH.
Category Description It is a best practice to purge data before disposing of any device containing data. Guidelines for decommissioning are provided in NIST SP 800-88. Eaton recommends that products containing embedded flash memory be securely destroyed to ensure data is unrecoverable.
References [R1] Cybersecurity Considerations for Electrical Distribution Systems (WP152002EN): http://www.eaton.com/ecm/groups/public/@pub/@eaton/@corp/documents/content/pct_1603172.pdf [R2] Cybersecurity Best Practices Checklist Reminder (WP910003EN): https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/white-papers/WP910003EN.pdf [R3] NIST SP 800-82 Rev 2, Guide to Industrial Control Systems (ICS) Security, May 2015: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.
Eaton Industries Manufacturing GmbH Place de la Gare 2 1345 Le Lieu, Switzerland © 2022 Eaton All Rights Reserved Publication No. MZ191002EN July 2022 Eaton is a registered trademark. All other trademarks are property of their respective owners. Follow us on social media to get the latest product and support information.