Table 563:Pre-defined user typesAccess rights Guest Super User SPA Guest SystemOperatorProtectionEngineerDesignEngineerUserAdministratorBasic setting possibilities (changesetting group, control settings,limit supervision)R R/W R R/W R/W R/W RAdvanced setting possibilities (forexample protection settings)R R/W R R R/W R/W RBasic control possibilities (processcontrol, no bypass)R R/W R/W R/W R/W R/W RAdvanced control possibilities(process control including interlocktrigg)R R/W R/W R/W R/W R/W RBasic command handling (forexample clear LEDs, manual trigg)R R/W R R/W R/W R/W RAdvanced command handling (forexample clear disturbance record)R R/W R R R/W R/W R/WBasic configuration possibilities(I/O-configuration in SMT)R R/W R R R R/W R/WAdvanced configurationpossibilities (applicationconfiguration including SMT, GDEand CMT)R R/W R R R R/W R/WFile loading (database loadingfrom XML-file)- R/W - - - R/W R/WFile dumping (database dumpingto XML-file)- R/W - - - R/W R/WFile transfer (FTP file transfer) - R/W - R/W R/W R/W R/WFile transfer (limited) (FTP filetransfer)R R/W R R/W R/W R/W R/WFile Transfer (SPA File Transfer) - R/W - - - R/W -Database access for normal user R R/W R R/W R/W R/W R/WUser administration (usermanagement – FTP File Transfer)R R/W R R R R R/WUser administration (usermanagement – SPA File Transfer)- R/W - - - - -The IED users can be created, deleted and edited only with the IED UserManagement within PCM600. The user can only LogOn or LogOff on the localHMI on the IED, there are no users, groups or functions that can be defined onlocal HMI.If the IED is Central Account Management enabled, users can onlybe created, deleted or edited in the Central Account Managementserver. In that case, only the user rights can be edited using thePCM600 tool. See Cyber Security Deployment Guidelines manual.1MRK 505 394-UEN A Section 20SecurityLine differential protection RED650 2.2 IEC 757Technical manual
