LENZE E94AMHE0074 E94AMHE0074 E94AMHE0074 E94AMHE0074 E94AMHE0074 E94AMHE0074

not apply in the case of mandatory liability, e.g. under the German Product Liability
Act (“Produkthaftungsgesetz”), in case of intent, gross negligence, or injury of life,
body or health, guarantee for the quality of a product, fraudulent concealment of a
deficiency or breach of a condition which goes to the root of the contract
(“wesentliche Vertragspflichten”). The damages for a breach of a substantial
contractual obligation are, however, limited to the foreseeable damage, typical for
the type of contract, except in the event of intent or gross negligence or injury to
life, body or health. The above provisions do not imply a change of the burden of
proof to your detriment.
Any form of duplication or distribution of these Application Examples or excerpts
hereof is prohibited without the expressed consent of the AG.
Security
information
provides products and solutions with industrial security functions that
support the secure operation of plants, systems, machines and networks.
In order to protect plants, systems, machines and networks against cyber
threats, it is necessary to implement – and continuously maintain – a holistic,
state-of-the-art industrial security concept. ’ products and solutions only
form one element of such a concept.
Customer is responsible to prevent unauthorized access to its plants, systems,
machines and networks. Systems, machines and components should only be
connected to the enterprise network or the if and to the extent necessary
and with appropriate security measures (e.g. use of firewalls and network
segmentation) in place.
Additionally, ’ guidance on appropriate security measures should be
taken into account. For more information about industrial security, please visit’ products and solutions undergo continuous development to make them
more secure. strongly recommends to apply product updates as soon
as available and to always use the latest product versions. Use of product
versions that are no longer supported, and failure to apply latest updates may
increase customer’s exposure to cyber threats.
To stay informed about product updates, subscribe to the Industrial
Security RSS Feed underIncreased networking and the use of proven technologies of the office world in

automation systems lead to increased security requirements. It is not sufficient to
offer only superficial and limited protection, since attacks from outside may occur
on several levels. A deep understanding of security and how to apply it is required
for optimal protection.
1.1 Security strategies
Motivation
The first priority in automation is maintaining control over the production process.
Measures intended to reduce the security threats must not interfere with this
priority. The use of an adequate protection concept should ensure that only
authenticated users can carry out (authorized) operations, restricting access to
those operation options approved for use by the authenticated user. The operation
is to be carried out exclusively in clearly planned access paths to ensure that the
production process will continue to operate securely during a command without any
risks for people, the environment, the product, the goods to be coordinated and the
business of the company.
Strategies
Based on these statements, a protection concept comprises general defense
strategies which are intended to resist the following attacks:
• decrease of availability (e.g. denial of Service)
• bypassing single security mechanisms (such as “man in the middle”)
• intentional incorrect operation by authorized users (such as stealing
passwords)
• incorrect operations due to misconfigured user privileges
• unauthorized monitoring of data (such as reces and business secrets or the
functioning of the machines and systems and their security mechanisms)
• modifying data (for example to alter alarm levels)