User Guide
Category Description
Intended Use & Deployment Context
Applicable to Eaton Charging network manager or third-party backend connected product. Applicable to end customer.
Deployed at customer premises on parking places, private or publicly accessible, to allow charging of EVs, authentication,
billing, etc.
Asset Management
Keeping track of software and hardware assets in your environment is a pre-requisite for effectively managing
cybersecurity. Eaton recommends that you maintain an asset inventory that uniquely identifies each important component.
To facilitate this, Eaton Green Motion Building supports the following identifying information:
SW release for Green Motion AC Home:
•
APP: 108x
•
OS: 2.3.1-AC-PROD
•
MACH: cm3 or cm4
•
MPB: 831
•
Version date 25.05.2022 or newer
The information above can be accessed on the configuration Webpage or via the communication protocol OCPP
“SystemInformation”.
Risk Assessment
Eaton recommends conducting a risk assessment to identify and assess reasonably foreseeable internal and external risks
to the confidentiality, availability and integrity of the Eaton Green Motion Building and its environment. This exercise
should be conducted in accordance with applicable technical and regulatory frameworks such as IEC 62443 and NERC-CIP.
The risk assessment should be repeated periodically.
Physical Security
An attacker with unauthorized physical access can cause serious disruption to system/device functionality. Additionally,
Industrial Control Protocols do not offer cryptographic protections, making ICS and SCADA communications especially
vulnerable to threats to their confidentiality. Physical security is an important layer of defense in such cases. Eaton
Green Motion Building is designed to be deployed and operated in a physically secure location. Following are some
best practices that Eaton recommends to physically secure your system/device:
•
Secure the facility and equipment rooms or closets with access control mechanisms such as locks, entry card readers,
guards, man traps, CCTV, etc. as appropriate.
•
Restrict physical access to cabinets and/or enclosures containing Eaton Green Motion Building.
•
Physical access to the telecommunication lines and network cabling should be restricted to protect against attempts
to intercept or sabotage communications. It is a best practice to use metal conduits for the network cabling running
between equipment cabinets.
•
Eaton Green Motion Building supports the following physical access ports: Serial Port, Ethernet, Modbus, CAN bus.
Access to these ports should be restricted.
•
Do not connect removable media (e.g., USB devices, SD cards, etc.) for any operation (e.g., firmware upgrade,
configuration change, or boot application change) unless the origin of the media is known and trusted.
•
Before connecting any portable device through a USB port or SD card slot, scan the device for malware and viruses.
Time Synchronization
Many operations in power grids and IT networks heavily depend on precise timing information.
Ensure the system clock is synchronized with an authoritative time source (using manual configuration, NTP, SNTP, or
IEEE 1588).
Time synchronization will occur automatically once the device get access to NTP.
3
EATON Cybersecurity recommendations - Green Motion AC EV chargers