1. Document information
This document contains a description of Schneider Electric’s CERT and CPCERT in accordance with RFC 2350 specification.
It provides basic information about Schneider Electric’s CERT and CPCERT, describes its responsibilities and services offered.
1.1 Date of the last update
Version 1, created on 10/27/2022
1.2 Distribution List for Notifications
There is no distribution list for notifications.
1.3 Locations where this Document May Be Found
The current and latest version of this document is available at Schneider Electric’s website.
1.4 Document identification
Title: ‘Schneider Electric’s RFC-2350’
Version: 1
Document Date: 11/10/2022
Expiration: this document is valid until superseded by a later version
2. Contact information
2.1 Name of the team
Team Name: CERT Schneider Electric
- Short Team Name: SE-CERT
- Email: cert@se.com
Team Name: CPCERT Schneider Electric
- Short Team Name: CPCERT
- Email: cpcert@se.com
2.2 Address
Schneider Electric
35 rue Joseph Monier, 92500, Rueil Malmaison, France
2.3 Time zone
SE-CERT operates 24/7
CPCERT operates – Monday to Friday 8:00 -17:00 EST
2.4 Telephone Number
None available.
2.5 Facsimile Number
None available.
2.6 Electronic Mail Address
If you need to notify us about an information security incident or a cyber-threat targeting or involving Schneider Electric, please contact us at: cert@se.com. If you need to notify us about vulnerabilities on Schneider Electric’s product, please contact us at: cpcert@se.com.
2.7 Other Telecommunication
None available.
2.8 Public Keys and Encryption Information
SE-CERT (cert@se.com)
- User ID: cert@se.com
- Key ID - 0x1532593F
- Finger Print - 920C 07B4 A1C5 85C7 8698 8659 9918 81ED 1532 593F
- Public PGP key for SE-CERT
CPCERT (cpcert@se.com)
- User ID: cpcert@se.com
- Key ID - 0xCF9F652C
- Finger Print - E38F 0E4A 8541 8B53 20A7 D84F 8233 2C33 CF9F 652C
- Public PGP key for CPCERT
2.9 Team Members
The operational CERT stands for Computer/Cyber Emergency Response Team. This document references to two separate teams:
SE-CERT = Schneider Electric – Computer/Cyber Emergency Response Team
CPCERT = Corporate Product Cyber Emergency Response Team
SE-CERT and CPCERT Teams are comprised of technical and governance analysts, which are committed in delivering high-quality CERT services to their constituency.
2.10 Other Information
Vulnerability management policy for SE-CERT and CPCERT can be accessed on our website.
2.11 Points of Customer Contact
SE-CERT’s preferred method of contact is email to: cert@se.com
CPCERT’s preferred method of contact is email to cpcert@se.com
Note: sender’s email domain will be checked against SPF/DMARC, and DKIM prior to delivery into the CERT mailbox.
3. Charter
3.1 Mission Statement
SE-CERT (cert@se.com) is part of the Schneider Electric’s Cyber Defense and Incident Response team within Schneider Electric’s Governance. SE-CERT (cert@se.com) is responsible for providing alerts and warnings, intrusion detection services, incident handling for Schneider Electric, protecting our customers and environment.
CPCERT (cpcert@se.com) is part of Schneider Electric’s Product & System Security Office within Schneider Electric’s Governance. CPCERT (cpcert@se.com) addresses cybersecurity vulnerabilities to support the security of our products, installed solutions, protecting our customers and environment.
3.2 Constituency
SE-CERT’s (cert@se.com) constituency is composed of all the elements of Schneider Electric group’s information system: its users, its systems, its applications, and its networks.
CPCERT’s (cpcert@se.com) constituency is composed of all the products of Schneider Electric’s group.
3.3 Affiliation
SE-CERT and CPCERT are affiliated with Schneider Electric.
3.4 Authority
SE-CERT (cert@se.com) services are operating in compliance with Schneider Electric’s security governance framework and is also under the authority of Schneider Electric Global Chief Information Security Officer. CPCERT (cpcert@se.com) services are operating in compliance with Schneider Electric’s security governance framework and is also under the authority of Schneider Electric Global Chief Product Security Officer.
4. Policies
4.1 Types of Incidents and Level of Support
SE-CERT (cert@se.com) is authorized to handle all types of cyberattacks that would target Schneider Electric and subsidiaries.
Support given by SE-CERT (cert@se.com) will be adapted based on the severity of the security incident or issue, its potential, or assessed impact.
CPCERT (cpcert@se.com) is authorized to handle all types of vulnerabilities that would target Schneider Electric’s products.
Support given by CPCERT (cpcert@se.com) will be adapted based on the severity of the vulnerability, its potential, or assessed impact.
4.2 Co-operation, Interaction and Disclosure of Information
SE-CERT is committed to open and transparent collaboration with our trusted partners including the international CERT community in accordance with Schneider Electric policies.
For this reason, all worldwide CERT teams are welcome to get in touch with SE-CERT (cert@se.com) to establish co-operation agreements, as questions, or information sharing initiatives as appropriate.
4.3 Communication and Authentication
The preferred method of communication is email. For the exchange of sensitive information and authenticated communication SE-CERT and CPCERT uses several encryption solutions.
By default, all sensitive communication to SE-CERT and CPCERT should be encrypted with our public PGP key.
5. Services
SE-CERT (cert@se.com) provides incident response services including but limited not to:
- Alerts and Warning
- Triage
- Art
- Handling
CPCERT (cpcert@se.com) provides Product Vulnerability Handling including but limited not to:
- Intake
- Evaluation
- Resolution
- Disclosure
5.1 Incident response
SE-CERT (cert@se.com), collect information from sensors, after triage, will contact relevant stakeholder to handle the incident and artifact. Then the stakeholder will respond the incident defining containment and remediation.
6. Incident Reporting Forms
In case of emergency or crisis, please provide SE-CERT (cert@se.com) at least the following information:
- Contact details and organizational information – name of person and organization name and address
- Scanning results (if any) - an extract from the log showing the problem,
- IP address(es), FQDN(s), and any other relevant technical element with associated observation
- Regards email issues, in case you wish to forward any emails to cert@se.com, please include all email headers, body and any attachments if possible and as permitted by the regulations, policies and legislation under which you operate
- Telephone number and email address.
7. Disclaimers
While every precaution will be taken in the preparation of information, notifications, and alerts, SE-CERT assumes no responsibility for errors or omissions, or for damages resulting from the use of the information contained herein.