Professional Documents
Culture Documents
Grid Solutions
SWM0109
Version 1.00 Revision 0
Associated Software Release: Version 1.00
General
Secure Integration of SCADA Third Party Equipment with the G500
Configuration Guide
GE Grid Solutions
COPYRIGHT NOTICE
© 2019, General Electric Company. All rights reserved.
The Software Product described in this documentation may only be used in accordance with the applicable License Agreement. The Software
Product and Associated Material are deemed to be “commercial computer software” and “commercial computer software documentation,”
respectively, pursuant to DFAR Section 227.7202 and FAR Section 12.212, as applicable, and are delivered with Restricted Rights. Such
restricted rights are those identified in the License Agreement, and as set forth in the “Restricted Rights Notice” contained in paragraph (g) (3)
(Alternate III) of FAR 52.227-14, Rights in Data-General, including Alternate III (June 1987).
If applicable, any use, modification, reproduction release, performance, display or disclosure of the Software Product and Associated Material
by the U.S. Government shall be governed solely by the terms of the License Agreement and shall be prohibited except to the extent expressly
permitted by the terms of the License Agreement.
The information contained in this online publication is the exclusive property of General Electric Company, except as otherwise indicated.
You may view, copy and print documents and graphics incorporated in this online publication (the “Documents”) subject to the following: (1)
the Documents may be used solely for personal, informational, non-commercial purposes; (2) the Documents may not be modified or altered
in any way; and (3) General Electric Company withholds permission for making the Documents or any portion thereof accessible via the
internet. Except as expressly provided herein, you may not use, copy, print, display, reproduce, publish, license, post, transmit or distribute
the Documents in whole or in part without the prior written permission of General Electric Company. If applicable, any use, modification,
reproduction, release, performance, display, or disclosure of the Software Product and Associated Material by the U.S. Government shall be
governed solely by the terms of the License Agreement and shall be prohibited except to the extent expressly permitted by the terms of the
License Agreement.
The information contained in this online publication is subject to change without notice. The software described in this online publication is
supplied under license and may be used or copied only in accordance with the terms of such license.
TRADEMARK NOTICES
2 SWM0109-1.00-0 General
Secure Integration of SCADA Third Party Equipment with the G500
GE Grid Solutions Configuration Guide
Contents
Purpose ......................................................................................................................................................................... 7
Intended Audience ................................................................................................................................................... 7
Additional Documentation ................................................................................................................................... 7
Safety words and definitions ............................................................................................................................... 7
1. Overview .......................................................................................................................................... 9
4.1 Installing CA Certificate, Server Certificate and Diffie Hellman Parameters on the G500
19
4.2 Installing CA Certificate and Client Certificate for use by a PC Client .................................. 21
4 SWM0109-1.00-0 General
Secure Integration of SCADA Third Party Equipment with the G500
GE Grid Solutions Configuration Guide
Figures
General SWM0109-1.00-0 5
Secure Integration of SCADA Third Party Equipment with the G500
Configuration Guide
GE Grid Solutions
Tables
6 SWM0109-1.00-0 General
Secure Integration of SCADA Third Party Equipment with the G500
GE Grid Solutions Configuration Guide
Purpose
This document describes how to establish a secure channel between a client device and the
G500 for accessing a protected service in the substation. This document outlines and details
the procedures regarding:
• The implementation of a simple Certification Authority using XCA Certification Authority
(Open Source tool).
• The installation of certificates on the G500 and Windows PC running Tactical Software
Serial/IP or Stunnel.
• The configuration of Tactical Software Serial/IP and Stunnel to communicate to the G500
over TLS sessions.
Intended Audience
This document serves as a reference for systems integrators who wish to setup a secure
channel using Tactical Software Serial/IP or Stunnel with a G500 for the purposes of accessing
a protected service in the substation.
Additional Documentation
For further information about the Secure Integration of SCADA Third Party Equipment with the
G500, refer to the following documents:
• G500 Substation Gateway, Software Configuration Guide, SWM0066
• G500 Substation Gateway, HMI Online Help
General SWM0109-1.00-0 7
Secure Integration of SCADA Third Party Equipment with the G500
Configuration Guide
GE Grid Solutions
Product Support
If you need help with any aspect of your GE Grid Solutions product, you can:
• Access the GE Grid Solutions Web site
• Search the GE Technical Support library
• Contact Technical Support
8 SWM0109-1.00-0 General
Secure Integration of SCADA Third Party Equipment with the G500
GE Grid Solutions Configuration Guide
1. Overview
This document describes how to establish a secure channel between a client device and the
G500 for accessing a protected service in the substation. The secure channel is implemented
using a TLS (Transport Layer Security) connection and certificate-based mutual
authentication. A client device could be a PC with Tactical Software Serial/IP or Stunnel, SCADA
master that supports TLS and mutual authentication using certificates.
Certificates are issued by a Certification Authority (CA). The G500 does not come with a CA so
you must make use of an existing CA or create your own. There are many third-party
commercial and open source CAs available. This document describes one open source CA
packages: X Certificate and Key Management (XCA).
1.1.2 Stunnel
Stunnel is an open source package that can be installed on a Windows-based PC to relay a
local TCP connection over an TLS tunnel to a remote G500, which then relays data over a TCP
connection to an IED on the substation LAN. Stunnel can be configured to provide an TLS
channel for programs that would access IEDs over a TCP connection. This document describes
how to configure Stunnel and the G500 for this purpose.
General SWM0109-1.00-0 9
Secure Integration of SCADA Third Party Equipment with the G500
Configuration Guide
GE Grid Solutions
3. Install the CA’s Certificate on your G500 and client device – see section 2.
4. Generate private keys and certificates for your G500 and client device.
5. Install the private keys, certificates and optional Diffie Hellman parameters on your G500
and client device.
6. Using the G500 online configuration, configure the parameters for the TLS channels.
7. Using the client software, configure the parameters for the TLS channel.
8. Connect your client software with the G500 and test access to the protected service.
10 SWM0109-1.00-0 General
Secure Integration of SCADA Third Party Equipment with the G500
GE Grid Solutions Configuration Guide
Key Exchange
Encryption Hash Works with XCA ?
Algorithm Signature
RSA NULL MD5 Yes
RSA NULL SHA Yes
RSA WITH_RC4_128 SHA Yes
RSA WITH_3DES_EDE_CBC SHA Yes
DHE DSS WITH_3DES_EDE_CBC SHA Yes
DHE RSA WITH_3DES_EDE_CBC SHA Yes
DHE RSA WITH_AES_128_CBC SHA Yes
DHE DSS WITH_AES_128_CBC SHA Yes
DHE DSS WITH_AES_256_CBC SHA Yes
General SWM0109-1.00-0 11
Secure Integration of SCADA Third Party Equipment with the G500
Configuration Guide
GE Grid Solutions
9. Under the Extensions tab, if necessary change the Time Range that the CA certificate
is valid for and click Apply. The default is 10 years. Certificates generated with this CA
certificate after this period are no longer valid.
12 SWM0109-1.00-0 General
Secure Integration of SCADA Third Party Equipment with the G500
GE Grid Solutions Configuration Guide
10. Under the Key usage tab, do not change the defaults.
11. Under the Netscape tab, remove the value in the Comment field.
12. Under the Advanced tab, the following messages are expected except the value of the
X509v3 Subject Key Identifier, which differs from key to key:
General SWM0109-1.00-0 13
Secure Integration of SCADA Third Party Equipment with the G500
Configuration Guide
GE Grid Solutions
3. Certificate Generation
This chapter describes how to generate private keys and certificates for both the Client
computer and the G500. These certificates allow the Client to authenticate itself to the G500
and the G500 to authenticate itself to the Client.
There are two types of certificates you can generate: a server certificate and a client
certificate. The server certificate identifies a G500. The client certificate identifies a user or a
computer that is connected to the G500.
If users are accessing the G500 directly from their own computers using programs such as
Stunnel or Tactical Software Serial/IP to establish a secure channel, then you must generate
separate certificates for each user.
If you are using a centralized access server such as ESNET, you have the option of creating
only one computer certificate for the ESNET server. However, the centralized access computer
must be locked down in such a way as to prevent users from getting direct access to the
private key of this computer certificate. If a user could copy the private key, the user could
access the G500 from any computer. This would allow the user to bypass any access controls
that you put in place through the centralized access computer’s security policy.
If you are accessing the G500 from SCADA master stations, then you must generate separate
certificates for each master station.
It is important to keep the private keys associated with the Client and Server
Certificates secure. For example, they should not be transmitted over the LAN
unless you are using a strongly authenticated secure transport mechanism
such as SSH with public/private key authentication or multi-factor
authentication. Once the private keys reach their destination, they should be
deleted from any devices used to transport them (e.g., a USB drive or laptop).
14 SWM0109-1.00-0 General
Secure Integration of SCADA Third Party Equipment with the G500
GE Grid Solutions Configuration Guide
a. Select the checkbox next to the label Use this Certificate for signing. On the
dropdown to the right of this checkbox, select the CA you created in section
2.2.2 (e.g., MyCA).
b. Leave the dropdown Signature Algorithm as SHA 1.
c. Change the dropdown Template for the new certificate to “[default]
HTTPS_server”.
d. Click Apply all.
5. Under the Subject tab, click the Generate a new key button.
6. In the dialog that appears, enter a name that uniquely identifies the G500 in your
network (for this example, that is “MyG500”). Choose Keytype as RSA or DSA to match
the type of cipher suites you wish to use (see Table 1). Change the Keysize to 2048.
Click OK.
7. Back in the Subject tab, enter the Distinguished name of the G500 server certificate.
The most important component is the commonName. This is the name that your
Clients is configured to accept. Any difference between the commonName of the
certificate and the name configured in the Client results in a failed connection. Choose
other name components that are appropriate for your company. The following table
provides example distinguished name components.
Table 3 Example Distinguished Name Components
General SWM0109-1.00-0 15
Secure Integration of SCADA Third Party Equipment with the G500
Configuration Guide
GE Grid Solutions
16 SWM0109-1.00-0 General
Secure Integration of SCADA Third Party Equipment with the G500
GE Grid Solutions Configuration Guide
6. In the dialog that appears, enter a name that uniquely identifies the Client (for this
example, that is “MyName”). Choose Keytype as RSA or DSA to match the type of cipher
suites you wish to use (see Table 1). Change the Keysize to 2048. Click OK.
7. Back in the Subject tab, enter the Distinguished name of the Client certificate. The most
important component is the commonName. This is the name that the G500 is
configured to accept. Any difference between the commonName of the Client
certificate and the name configured in the G500 results in a failed connection. Choose
other name components that are appropriate for your company. The following table
provides example distinguished name components.
Table 4 Example Distinguished Name Components
General SWM0109-1.00-0 17
Secure Integration of SCADA Third Party Equipment with the G500
Configuration Guide
GE Grid Solutions
18 SWM0109-1.00-0 General
Secure Integration of SCADA Third Party Equipment with the G500
GE Grid Solutions Configuration Guide
4. Installing Certificates
This chapter describes how the CA Certificate, Server Certificate, Client Certificates and DH
Parameters are installed. The following table summarizes where to get the files containing the
CA certificate, Server certificates, Client Certificates and DH parameters.
Table 5 Location of Files Exported by Certification Authorities
Files Location
CA Certificate The CA certificate is in a file downloaded to a location of your choice as
described in Section 2.2.2 . The file is named with a .crt extension (e.g.,
MyCA.crt).
Server Certificate Server certificate and key are in the same file under the location of your
and Key choice as described in Section 3.1.1 . The file is named with a .pem extension
(e.g., MyG500.pem).
Client Certificate Client certificate and key are in the same file under the location of your
and Key choice as described in Section 3.1.2 . The certificate is in a file named with
a .pem extension (e.g., MyName.pem).
DH Parameters DH parameters are in the file named dh2048.pem under the location of your
choice as described in Section 2.2.3 .
General SWM0109-1.00-0 19
Secure Integration of SCADA Third Party Equipment with the G500
Configuration Guide
GE Grid Solutions
The reason for this warning is that the G500 file system does not support per-file
permissions, so when WinSCP or Secure File Browser from DS Agile MCP Studio (Refer to
Appendix B in SWM0101 for details) tries to set the permissions on a file, it is unable to do
so. However, there is no security risk because the file takes on the default permissions
of the files system which are correct. Therefore, this warning can be safely ignored by
clicking Skip.
3. To prevent this warning from appearing in the future, in WinSCP or Secure File Browser
from DS Agile MCP Studio (Refer to Appendix B in SWM0101 for details) go to Options >
Preferences. Then select Transfer and click Ignore permission errors.
4. If you are using the USB drive method of transferring the files, insert the drive into any
USB slot on the G500.
5. Connect to the G500 with a browser and click the and click the Utilities tab under
Settings option from the power bar.
Note: This Option is available in Utilities Tab under Settings option from Local HMI or
from the Connected Mode in DS Agile MCP Studio only.
20 SWM0109-1.00-0 General
Secure Integration of SCADA Third Party Equipment with the G500
GE Grid Solutions Configuration Guide
6. Click the Import button. You should see a dialog indicating that 1 Local Certificate and
1 Issuer Certificate was successfully imported. Click OK to dismiss the dialog.
7. Click the Manage button, and then click the Local tab. You should see a dialog showing
the Local certificate details in the Staged Local Certificates area. Select the certificate
and click Install. This causes the certificate to move into the Installed Local Certificate
area. This also installs the DH parameters file.
8. Click the Issuer tab. You should see the CA certificate in the Staged Issuer Certificates
area. Select the row containing the CA certificate and click Install. This causes the
certificate to move into the Installed Issuer Certificates area.
9. Close the dialog and log out of the G500.
10. If you are using G500 redundancy, you need to install same CA certificate, Server
certificate and DH parameters on both G500s. Follow steps 1 to 9 above on both G500s.
General SWM0109-1.00-0 21
Secure Integration of SCADA Third Party Equipment with the G500
Configuration Guide
GE Grid Solutions
There are three types of secure connections that you can configure on the G500:
• Secure terminal server
• Secure pass-through
• Secure connection relay
The following sections describe how to create one of each type.
22 SWM0109-1.00-0 General
Secure Integration of SCADA Third Party Equipment with the G500
GE Grid Solutions Configuration Guide
7. Click the Create button; the Secure Application Parameters dialog appears. Refer to
Section 5.4 Secure Application Parameters Dialog for further steps.
8. Optionally, you may click Use Custom to open the Terminal Server Application
Parameters dialog and specify No for Password Authentication and click Save.
Because the TLS connection provides certificate-based authentication, password
authentication may not be required. However, if the certificate is shared among many
users you may still want to enable password authentication.
9. Click Save.
10. Click Commit Changes.
General SWM0109-1.00-0 23
Secure Integration of SCADA Third Party Equipment with the G500
Configuration Guide
GE Grid Solutions
4. Click the Connections tab and select an existing connection that supports Pass-
through (i.e., Hydran Multidrop, IEC 60870-5-103 Multidrop, Modbus RTU Multidrop,
Single Generic ASCII, and Single SEL Binary). Alternatively, create a new connection that
supports Pass-through.
5. Check the Enable Security button and in the TLS Port field, choose a TCP port that is
not in use on the G500.
6. Click the Create button; the Secure Application Parameters dialog appears. Refer to
Section 5.4 for further steps.
7. Click Save.
8. Finally, click Commit Changes.
9. Optionally, you may want to disable the global setting for Pass-Through Password
authentication. To do so, launch mcpcfg from the G500 console or SSH terminal
window. Select Configure Authentication > Pass-through Authentication. If the
screen indicates Pass-through Authentication is Enabled, then type Y at the prompt for
disabling Pass-through Authentication. If the screen indicates Pass-through
Authentication is Disabled, then type N at the prompt for enabling Pass-through
Authentication. Finally, select Back > Quit.
Because the TLS connection provides certificate-based authentication, password
authentication may not be required. However, if the certificate is shared among many
users you may still want to enable password authentication.
24 SWM0109-1.00-0 General
Secure Integration of SCADA Third Party Equipment with the G500
GE Grid Solutions Configuration Guide
4. Click OK.
5. Ensure Auto Start-Up is selected so that the secure connection relay is active.
6. In the Remote IP Address field, enter the IP address of a device on the internal network
or optionally the localhost IP address (127.0.0.1) if connecting to a service on the G500
itself.
7. In the LAN Port field, enter the TCP port number of the service you wish to connect to.
8. In the TLS Port field, enter a TCP port that is not in use on the G500.
9. Click the Create button; the Secure Application Parameters dialog appears. Refer to
Section 5.4 for further steps.
10. Click Save.
11. Click Commit Changes.
General SWM0109-1.00-0 25
Secure Integration of SCADA Third Party Equipment with the G500
Configuration Guide
GE Grid Solutions
4. Under the Ciphers tab, click Enable All and uncheck rsaWithRc4128Sha, which is the
weakest cipher suite and should be used only if required by a remote device due to
limited processing power. Since the remote device is assumed to be a modern PC, there
should be no need to enable this cipher suite. Ensure Secure Protocol is set to TLS1.0
or TLS1.1.
26 SWM0109-1.00-0 General
Secure Integration of SCADA Third Party Equipment with the G500
GE Grid Solutions Configuration Guide
General SWM0109-1.00-0 27
Secure Integration of SCADA Third Party Equipment with the G500
Configuration Guide
GE Grid Solutions
8. Under Certificate Authority Keys, click Use Specified certificate authority file, and click
Choose File… Choose the CA certificate file you copied as described in Section 4.2 (e.g.,
CA.crt).
28 SWM0109-1.00-0 General
Secure Integration of SCADA Third Party Equipment with the G500
GE Grid Solutions Configuration Guide
9. Select the SSL Certificate tab. This tab configures location of the client certificate and
key.
10. Click Supply Certificate and click Choose File… Choose the client PEM file you installed
as described in Section 4.2. Note this file contains the Client Certificate and key.
11. With all the certificates in place, select a virtual com port and click Configuration
Wizard….
12. Enter the IP address and port number for the G500 and ensure Enable Encryption is
checked.
13. The protocol must be specified to either TLS Version 1 (TLSv1) and must match the
setting on the G500 (see Section 5.4) which defaults to TLS.
14. Click Start and ensure the log does not show any error messages.
General SWM0109-1.00-0 29
Secure Integration of SCADA Third Party Equipment with the G500
Configuration Guide
GE Grid Solutions
30 SWM0109-1.00-0 General
Secure Integration of SCADA Third Party Equipment with the G500
GE Grid Solutions Configuration Guide
4. Delete the semicolon before the CAfile variable and change the value to refer to the
full path of the PEM file containing the CA certificate installed in Section 4.2. For
example:
; It's often easier to use CAfile
CAfile=c:\certs\MyCA.crt
5. Delete the semicolon before the client variable to enable client mode:
; Use it for client mode
client = yes
6. Now add the TCP service that you wish to tunnel in the Service-level configuration
section of the file. For example:
; Service-level configuration
; Create secure connection for Enervista UR Setup to connect to UR in
substation
[MYG500-UR]
accept=502
connect=172.12.235.217:50000 (G500 IP and SSL/TLS Port Number)
sslversion=TLSv1.1
7. ciphers = EDH-DSS-DES-CBC3-SHA:DHE-DSS-AES128-SHA:DHE-DSS-AES256-
SHA:EDH-RSA-DES-CBC3-SHA:DHE-RSA-AES128-SHA:DES-CBC3-SHA:@STRENGTH
8. Comment out or delete the lines describing other services that you don’t need. For
example:
General SWM0109-1.00-0 31
Secure Integration of SCADA Third Party Equipment with the G500
Configuration Guide
GE Grid Solutions
;[pop3s]
;accept = 995
;connect = 110
;[imaps]
;accept = 993
;connect = 143
;[ssmtp]
;accept = 465
;connect = 25
;[https]
;accept = 443
;connect = 80
;TIMEOUTclose = 0
32 SWM0109-1.00-0 General
Secure Integration of SCADA Third Party Equipment with the G500
GE Grid Solutions Configuration Guide
2. Launch the TCP based client and make a connection to the device.
3. Right-click the tray icon for stunnel and select log. You should see a log with something
similar like stunnel was able to successfully connect to the device via the G500:
General SWM0109-1.00-0 33
Secure Integration of SCADA Third Party Equipment with the G500
Configuration Guide
GE Grid Solutions
All certificates are issued for a restricted time of validity. However, it can happen that a
certificate should not be used or becomes invalid before its expiry date. In this case, the issuing
CA should revoke this certificate by putting it on the list of revoked certificates (CRL) and
publishing it.
34 SWM0109-1.00-0 General
Secure Integration of SCADA Third Party Equipment with the G500
GE Grid Solutions Configuration Guide
based upon the internal name of your CA with a .pem extension. Append “_CRL” to
filename to indicate that this file is a CRL (e.g., MyCA_CRL.pem). Finally click OK.
General SWM0109-1.00-0 35
Secure Integration of SCADA Third Party Equipment with the G500
Configuration Guide
GE Grid Solutions
A. Error Messages
This appendix describes common error message logged by Secure SCADA Utility in the
diagnostic log. These diagnostic messages are logged under application “stunnel” and
application interface “P005”.
Table 6: Error Messages
36 SWM0109-1.00-0 General
Secure Integration of SCADA Third Party Equipment with the G500
GE Grid Solutions Configuration Guide
B. Connection Security
The G500 supports Transport Layer Security (TLS) which are cryptographic protocol that
provide security for communications over networks such as the Internet. TLS encrypt the
segments of network connections at the Application Layer to ensure secure end-to-end transit
at the Transport Layer.
The TLS protocol allows client/server applications to communicate across a network in a way
designed to prevent eavesdropping and tampering. TLS provides endpoint authentication and
communications confidentiality over Ethernet connections using cryptography.
1. A communications link is established between the G500 and a client device. This is
shown in the diagram by the purple arrow between the devices. The two devices
exchange a list of ciphers, or algorithms that are used to perform message encryption.
If both devices are configured to use one or more of the same ciphers, the most secure
one is selected and the communications link between the devices from that point on
is encrypted using it. Ciphers are selected on the Secure Application Parameters
window when configuring a serial or network connection. If null encryption is enabled,
the communications link between the devices is not encrypted and only identity
General SWM0109-1.00-0 37
Secure Integration of SCADA Third Party Equipment with the G500
Configuration Guide
GE Grid Solutions
verification is performed with security certificates (see the following steps). Not
enabling encryption will leave data vulnerable to interception by third parties who have
access to the network traffic. If a cipher that uses Diffie Hellman is selected (indicated
by the dhe prefix on the cipher name), the G500 sends the Diffie Hellman parameters
to the remote device. If these parameters are not contained within the local certificate
of the G500, the parameters file can be uploaded using the Utilities > Certificate
Import window.
2. The local certificate of the G500 is provided to remote devices to allow them to verify
the identity of the G500 device. This is shown in the diagram by the red arrows and
certificate between the G500 and the client device. Remote devices must have access
to the certificate from the certificate authority who issued the G500 local certificate to
verify its integrity. The local certificate of the G500 is managed on the Local tab of the
Utilities > Certificate Management window.
3. The remote device provides the G500 with its certificate. This is shown in the diagram
by the blue arrow and certificate between the G500 and the client device. These
certificates must then be compared against the issuer certificate provided by the
certificate authority to verify its validity, which is shown by the cyan arrow and
certificate. Issuer certificates are managed on the Issuer tab of the Utilities >
Certificate Management window.
If any of these steps fail, the connection is rejected, and an error is logged to the G500 system
log. Once a secure connection has been established, the devices will periodically ensure that
the connection remains secure by regenerating the session key (a short sequence of data
used to encrypt the contents of the messages).
Note that the serial and Ethernet links between the G500 and IEDs (shown by the green
arrows) are not identity-verified or encrypted. Security features are provided to remote client
devices through secure pass-through or secure connection relay links to these devices.
38 SWM0109-1.00-0 General
Secure Integration of SCADA Third Party Equipment with the G500
GE Grid Solutions Configuration Guide
C. List of Acronyms
Table 7 List of Acronyms
Abbreviation Description
CA Certification Authority
CN Common Name
CRL Certificate Revocation List
DCA Data Collection Application
DPA Data Presentation Application
DTA Data Translation Application
ESNET EnterpriseServer.NET
FQDN Full Qualify Distinguished Name
HMAC Hash-based Message Authentication
Code
HMI Human Machine Interface
IED Intelligent Electronic Device
JVM Java Virtual Machine
LAN Local Area Network
OU Organizational Unit
PEM Privacy Enhanced Mail
PKCS Public Key Cryptography
PKI Public Key Infrastructure
PRF Protective Relay Fault
RTDB Real Time Data Base
RTU Remote Terminal Unit
SCR Secure Connection Relay
SDD Software Design Document
SOE Sequence of Event
SPT Secure Pass-Through
SSDD Software Subsystem Design Document
SSL Secure Sockets Layer
ST Secure Terminal Server
TLS Transport Layer Security
WAN Wide Area Network
General SWM0109-1.00-0 39
Secure Integration of SCADA Third Party Equipment with the G500
Configuration Guide
GE Grid Solutions
MODIFICATION RECORD
40 SWM0109-1.00-0 General