EcoStruxure Power Commission Installation Guide
EcoStruxure Power Commission Installation Guide
EcoStruxure Power Commission Installation Guide
Installation Guide
DOCA0134EN-17
09/2024
www.se.com
Legal Information
The information provided in this document contains general descriptions, technical
characteristics and/or recommendations related to products/solutions.
This document is not intended as a substitute for a detailed study or operational and
site-specific development or schematic plan. It is not to be used for determining
suitability or reliability of the products/solutions for specific user applications. It is the
duty of any such user to perform or have any professional expert of its choice
(integrator, specifier or the like) perform the appropriate and comprehensive risk
analysis, evaluation and testing of the products/solutions with respect to the relevant
specific application or use thereof.
The Schneider Electric brand and any trademarks of Schneider Electric SE and its
subsidiaries referred to in this document are the property of Schneider Electric SE or
its subsidiaries. All other brands may be trademarks of their respective owner.
This document and its content are protected under applicable copyright laws and
provided for informative use only. No part of this document may be reproduced or
transmitted in any form or by any means (electronic, mechanical, photocopying,
recording, or otherwise), for any purpose, without the prior written permission of
Schneider Electric.
Schneider Electric does not grant any right or license for commercial use of the
document or its content, except for a non-exclusive and personal license to consult it
on an "as is" basis.
Schneider Electric reserves the right to make changes or updates with respect to or in
the content of this document or the format thereof, at any time without notice.
To the extent permitted by applicable law, no responsibility or liability is
assumed by Schneider Electric and its subsidiaries for any errors or omissions
in the informational content of this document, as well as any non-intended use
or misuse of the content thereof.
Table of Contents
Safety Information ....................................................................................5
About the Book...........................................................................................6
Installation Requirements ..........................................................................7
Prerequisites ..............................................................................................8
Download and Installation ....................................................................... 11
Downloading the EcoStruxure Power Commission Software ........................12
Installing the EcoStruxure Power Commission Software ..............................13
Software Registration................................................................................18
EcoStruxure Power Commission Software Upgrade ....................................21
Cybersecurity Best Practices ..................................................................22
Overview .................................................................................................23
Product Defense in Depth .........................................................................24
Potential Risks and Compensating Controls ...............................................27
Defense in Depth Measures Expected in User Environment.........................28
Secure Deployment ..................................................................................29
Secure Operation .....................................................................................31
Secure Decommissioning..........................................................................35
Awareness and Education.........................................................................37
Appendix ....................................................................................................38
Troubleshooting .......................................................................................39
DOCA0134EN-17 3
Safety Information
Safety Information
Important Information
Read these instructions carefully, and look at the equipment to become familiar
with the device before trying to install, operate, service, or maintain it. The
following special messages may appear throughout this documentation or on the
equipment to warn of potential hazards or to call attention to information that
clarifies or simplifies a procedure.
The addition of this symbol to a “Danger” or “Warning” safety label indicates that an
electrical hazard exists which will result in personal injury if the instructions are not
followed.
This is the safety alert symbol. It is used to alert you to potential personal injury
hazards. Obey all safety messages that follow this symbol to avoid possible injury or
death.
! DANGER
DANGER indicates a hazardous situation which, if not avoided, will result in death or serious
injury.
! WARNING
WARNING indicates a hazardous situation which, if not avoided, could result in death or
serious injury.
! CAUTION
CAUTION indicates a hazardous situation which, if not avoided, could result in minor or
moderate injury.
NOTICE
NOTICE is used to address practices not related to physical injury.
Please Note
Electrical equipment should be installed, operated, serviced, and maintained only
by qualified personnel. No responsibility is assumed by Schneider Electric for any
consequences arising out of the use of this material.
A qualified personnel is one who has skills and knowledge related to the
construction and operation of electrical equipment and its installation, and has
received safety training to recognize and avoid the hazards involved.
DOCA0134EN-17 5
About the Book
Validity Note
This document is valid for EcoStruxure Power Commission™ software version 2.0
or later.
6 DOCA0134EN-17
Installation Requirements
What’s in This Part
Prerequisites....................................................................................................8
DOCA0134EN-17 7
Prerequisites
Prerequisites
Hardware Requirements
Component Minimum Requirements
Software Requirements
The software requirements for EcoStruxure Power Commission [EPC] software
are:
• Microsoft Windows® 10 and 11 operating system with .net framework 4.8
support
NOTE: Windows 10 and 11 versions 1507 and 1511 do not support .net
framework 4.8.
• Modbus driver (version 2.20 IE30 for 32-bit and version 3.20 IE30 for 64-bit)
• Require at least 2 GB free space in the drive where EcoStruxure Power
Commission will be installed
NOTE: Make sure to follow the below guidelines before starting the
installation.
• User should have access to Run Node.exe
• User should have full permission to:
◦ %UserProfile%\Documents\Schneider-Electric\Ecoreach
◦ %UserProfile%\AppData\Roaming\Schneider-Electric\Ecoreach
◦ %ProgramData%\Schneider-Electric\Ecoreach
8 DOCA0134EN-17
Prerequisites
Servers URL
IDMS - Customer Identify and https://secureidentity.schneider-electric.com/
Access Management (cIAM)
SafeRepo http://go2se.com/ref=
Servers URL
IDMS - Customer Identify and https://secureidentity.schneider-electric.cn/
Access Management (cIAM)
SafeRepo http://go2se.com/ref=
DOCA0134EN-17 9
Prerequisites
The EcoStruxure Power Commission application will not launch successfully if any
of the above mentioned ports are being used by other applications or services.
These ports must be freed up in the host machine to successfully launch the
application. In case of any launch issues due to above mentioned ports with
PORT_IN_USE error, please contact your IT administrator to free up the ports.
To determine which ports are already in use, open a command prompt window
and run the command netstat -a. This will list all the TCP port numbers currently
used in the system.
10 DOCA0134EN-17
Download and Installation
What’s in This Part
Downloading the EcoStruxure Power Commission Software..............................12
Installing the EcoStruxure Power Commission Software....................................13
Software Registration .....................................................................................18
EcoStruxure Power Commission Software Upgrade..........................................21
DOCA0134EN-17 11
Downloading the EcoStruxure Power Commission Software
WARNING
POTENTIAL COMPROMISE OF SYSTEM AVAILABILITY, INTEGRITY, AND
CONFIDENTIALITY
Download EPC software from se.com. Use SESU for software updates and
upgrades. Do not use software downloaded from unknown or unauthorized
source.
Verify the authenticity of the software while installing. Refer - Section
Application Signing, page 24 and Verifying file integrity and authenticity, page
32 for verifying integrity and authenticity of the software.
Failure to follow this instruction can result in death, serious injury,
equipment damage, or permanent loss of data.
Step Action
12 DOCA0134EN-17
Installing the EcoStruxure Power Commission Software
2 Select the required language for the installation, and click OK.
3 Click Install.
DOCA0134EN-17 13
Installing the EcoStruxure Power Commission Software
Step Action
5 Read the license agreement and accept the terms of the agreement selecting the
appropriate option. Click Next.
14 DOCA0134EN-17
Installing the EcoStruxure Power Commission Software
Step Action
7 If you are located in China Mainland, select China, otherwise select Rest of the world
and then click Next.
DOCA0134EN-17 15
Installing the EcoStruxure Power Commission Software
Step Action
8 Click Next in the Destination Folder window to save the installation file in the default
folder mentioned.
NOTE: If you want to change the default installation location, click Change....
Result: The Ready to Install the Program window is displayed.
16 DOCA0134EN-17
Installing the EcoStruxure Power Commission Software
Step Action
Result:
• The Installing EcoStruxure Power Commission window is displayed with
installation in progress.
• After the installation is completed, the Installation Wizard Completed window is
displayed.
DOCA0134EN-17 17
Software Registration
Software Registration
Steps for Registration
NOTE: The PC should have Internet connection for the registration.
When you start the EcoStruxure Power Commission for the first time, follow these
steps:
Step Action
1 Double-click the EcoStruxure Power Commission icon on the desktop to start the software.
Or
NOTE: Only Schneider Electric employees can use icon to directly log into
EcoStruxure Power Commission.
3 For a new user, click Register here.
5 Enter the company name and business type. Complete the validation step and click
Register.
18 DOCA0134EN-17
Software Registration
Step Action
6 Open the registered email and check for the confirmation email sent from
[email protected].
NOTE: Sometimes Spam filters block automated emails. If you do not find the email in
your inbox, check your Spam or Junk folder.
7 Click the activation link attached in the email to verify and complete your registration.
8 Enter the verification code and new password to complete your registration. Click Set
password & login.
DOCA0134EN-17 19
Software Registration
Step Action
20 DOCA0134EN-17
EcoStruxure Power Commission Software Upgrade
DOCA0134EN-17 21
Cybersecurity Best Practices
What’s in This Part
Overview .......................................................................................................23
Product Defense in Depth ...............................................................................24
Potential Risks and Compensating Controls .....................................................27
Defense in Depth Measures Expected in User Environment ..............................28
Secure Deployment........................................................................................29
Secure Operation ...........................................................................................31
Secure Decommissioning ...............................................................................35
Awareness and Education ..............................................................................37
22 DOCA0134EN-17
Overview
Overview
Cybersecurity is intended to help and protect your communication network and all
equipment connected to it from attacks, that could disrupt operations (availability),
modify information (integrity), or give away confidential information
(confidentiality). The objective of cybersecurity is to provide increased levels of
protection for information and physical assets from theft, corruption, misuse, or
accidents while maintaining access for their intended users. There are many
aspects to cybersecurity including designing secure systems, restricting access
using physical and digital methods, identifying users, as well as implementing
security procedures and best practice policies.
This section provides information on how to help secure your system from a
malicious cyber attack.
Refer to Schneider Electric’s product security brochure for Recommended
Cybersecurity Best Practices.
DOCA0134EN-17 23
Product Defense in Depth
Application Signing
Event Logging
Application supports event logging capabilities and generates audit records for
access control, request errors, configuration changes, and user action.
24 DOCA0134EN-17
Product Defense in Depth
EcoStruxure Power Commission log files are stored in user specific app data
folder located in %UserProfile%\AppData\Roaming\Schneider-Electric\Ecoreach
\Logs.
Syslog Client
The EcoStruxure Power Commission application supports the syslog client feature
to send security event records to a syslog server to facilitate centralized log
analysis.
Data Privacy
Our cloud services are physically deployed across multiple Microsoft Azure data
centres. Microsoft data centres are world-class facilities with more certifications
than any other cloud provider. The data centres used by EcoStruxure Cloud
Commissioning are located in multiple countries. Certifications and compliance
achievements include ISO or IEC 22301, 27017, 27018, and ISO or IEC 27001, in
addition to SOC 1, SOC 2, and SOC 3. To learn more about Microsoft Azure data
centres, visit: https://azure.microsoft.com/en-us/support/trust-center.
Schneider Electric follows best practises to create a highly secure solution and
limit the risk of data being compromised in any meaningful manner while
protecting the privacy, control, and autonomy of each customer's data
independently from others.
Our solution includes:
DOCA0134EN-17 25
Product Defense in Depth
• Asset Information
• Business Analytics data like asset identification, Schneider user information
(such as department, country, city, or plant name), and EPC failure events.
Schneider Electric cloud based application implement best practices such as:
• All communications to and from EcoStruxure Cloud Commissioning with
internal Schneider Electric systems or external third-party systems are
encrypted using HTTPS (the minimum level required is TLS 1.2).
• The certificate involved in these encrypted sessions leverages the SHA-256
secure hash algorithm.
• Schneider Electric is continuously monitoring the changing security
landscape of cryptography and cybersecurity to ensure that we offer the best
available protections to our customers and their sensitive data.
Data Privacy
26 DOCA0134EN-17
Potential Risks and Compensating Controls
QR code Someone may tamper If the QR code has Check that the QR
with the Schneider been tampered with, it code has not been
Electric QR code of can redirect to a fake tampered with (no
the switchboard. site and the user rips, tears, punctures,
credential be stolen or or scratches) and
robbed. check that the URL
redirects you to a
Schneider Electric
web site (domain).
Do no share
credentials with other
users.
Disable unused
accounts.
Access application Unauthorized user If an unauthorized Limit access to
server from Local Area may access server user gains access to network where
Network running in Local Area Network EcoStruxure Power
EcoStruxure Power where EcoStruxure Commission system
Commission PC or Power Commission and Schneider Electric
Laptop from Local PC or Laptop is devices are connected
Area Network . connected, then the
attacker may perform Always place
IP address spoofing to Schneider Electric
get access to systems and devices
application server. behind firewalls and
other security
protection appliances
that limit access to
only authorized
connections.
DOCA0134EN-17 27
Defense in Depth Measures Expected in User Environment
Cybersecurity Policy
Security plan, policies and procedures that cover risk assessment, risk mitigation
and methods to recover from disaster. Policy is available with up-to-date guidance
on governing the use of information and technology assets in your company.
Network Separation
Separating the industrial automation and control system from other networks by
creating Demilitarized Zones (DMZ) to protect the industrial system from
enterprise network requests and messages.
Perimeter Security
Firewalls, authentication, authorizations, VPN (IPsec) and antivirus software to
prevent unauthorized access. Installed devices, and devices that are not in
service, are in an access-controlled or monitored location.
Network Segmentation
Containment of a potential security breach to the only affected segment by using
switches and VLANs to divide the network into sub-networks and by restricting
traffic between segments. This helps contain malware impact to one network
segment; thus limiting damage to the entire network.
Device Hardening
Password management, user profile definition, and deactivation of unused
services to strengthen security on devices. Controls against malware - detection,
prevention, and recovery controls to help protect against malware are
implemented and combined with appropriate user awareness.
28 DOCA0134EN-17
Secure Deployment
Secure Deployment
Securing Network
WARNING
POTENTIAL COMPROMISE OF SYSTEM AVAILABILITY, INTEGRITY, AND
CONFIDENTIALITY
Use cybersecurity best practices to help prevent unauthorized access to the
software.
Failure to follow this instruction can result in death, serious injury,
equipment damage, or permanent loss of data.
Securing PC or Laptops
Patching
WARNING
POTENTIAL COMPROMISE OF SYSTEM AVAILABILITY, INTEGRITY, AND
CONFIDENTIALITY
Apply the latest updates and hotfixes to your Operating System and software.
Failure to follow this instruction can result in death, serious injury,
equipment damage, or permanent loss of data.
Ensure all Windows updates and hotfixes, especially Windows security updates
are regularly applied to machines running EcoStruxure Power Commission
application.
Allowlisting
DOCA0134EN-17 29
Secure Deployment
WARNING
POTENTIAL COMPROMISE OF SYSTEM AVAILABILITY, INTEGRITY, AND
CONFIDENTIALITY
Use cybersecurity best practices when configuring user access.
Failure to follow this instruction can result in death, serious injury,
equipment damage, or permanent loss of data.
Cybersecurity policies that govern user accounts and access, such as least
privilege and separation of duties, vary from site to site. Work with the facility IT
System Administrator to ensure that user access adheres to the site-specific
cybersecurity policies.
Make sure not to use a shared user account. Use a separate account for each
user.
30 DOCA0134EN-17
Secure Operation
Secure Operation
WARNING
POTENTIAL COMPROMISE OF SYSTEM AVAILABILITY, INTEGRITY, AND
CONFIDENTIALITY
Use cybersecurity best practices and follow recommended operation guidelines
while using the application.
Failure to follow this instruction can result in death, serious injury,
equipment damage, or permanent loss of data.
Software Update
Network Monitoring
DOCA0134EN-17 31
Secure Operation
Monitoring PC
Back up the project file regularly and store it in a secure, separate, non-shared
location.
Install operating system patches and anti-virus software updates on the PC, as
they are released.
Periodically monitor the Windows accounts available on the PC to ensure that only
the necessary personnel can log on to the PC, with the appropriate level of
access. Remove inactive or unnecessary user accounts.
Review the windows System Events Log to monitor logon and logoff activity on all
the PCs, and to detect attempted unauthorized activity.
Periodically review user accounts and their roles and privileges to ensure
compliance with your organization’s policy.
32 DOCA0134EN-17
Secure Operation
DOCA0134EN-17 33
Secure Operation
7. Select Certification Path tab to view certificate chain of trust and certificate
status and click OK.
34 DOCA0134EN-17
Secure Decommissioning
Secure Decommissioning
Decommissioning removes EcoStruxure Power Commission files to prevent
potential disclosure of sensitive, confidential, and proprietary data and software
from your system. You risk disclosing your project data, system configuration, user
information, and other sensitive information if you do not decommission. It is
strongly recommend that, you decommission your system at the end of its life.
WARNING
UNINTENDED DATA LOSS OR LOSS OF SOFTWARE FUNCTION
• Decommission EcoStruxure Power Commission if it is no longer needed.
• Backup project data and log files before decommissioning.
• Refer section EcoStruxure Power Commission Software Upgrade for
updating the software.
Failure to follow these instructions can result in unintended data loss or
loss of software function.
Procedure
Steps to uninstall EcoStruxure Power Commission.
Step Action
DOCA0134EN-17 35
Secure Decommissioning
3 Once you click Yes, Windows will start the uninstallation process.
NOTE: If you get error while uninstalling, contact Schneider Electric customer care
center.
EcoStruxure Power Commission log files are not removed after uninstallation of
the application. Take a backup of log files and store it in a secure place. Manually
delete log files from the logs folder located in % UserProfile%\AppData\Roaming
\Schneider-Electric\Ecoreach\Logs after uninstalling the application.
36 DOCA0134EN-17
Awareness and Education
Security Notification
Product security notification posted can be viewed via Schneider Electric website:
https://www.se.com/ww/en/work/support/cybersecurity/security-notifications.jsp
DOCA0134EN-17 37
Appendix
What’s in This Part
Troubleshooting .............................................................................................39
38 DOCA0134EN-17
Troubleshooting
Troubleshooting
Error Code Error Description Steps to be Followed
DOCA0134EN-17 39
Troubleshooting
40 DOCA0134EN-17
Schneider Electric
35 rue Joseph Monier
92500 Rueil Malmaison
France
+ 33 (0) 1 41 29 70 00
www.se.com