Industrial Automation
Industrial Automation | Europe

myKnowledge

Main > Product Type > Automation Systems > HMI
Minimize Text   Default    Enlarge Text
 

Print
E-mail

How Do I Use User Permissions And Security Levels In The NB HMI?


Introduction

This article explains the security features in the NB HMI.

There are two security features implemented in the NB HMI; Security Levels and User Permissions. This article is intended to explain these security features.

Security Levels
Security levels are a way to secure an area or certain functions which should not be accessible for everyone. There is a difference between high-level security and low-level security – high-level users can access low-level secured screens, while low-level users cannot access high-level secured screens. Access to screens can be protected based on security levels.

User Permissions
User permissions are not related or restricted by security levels. As long as the user’s name and password are input correctly, the component which is set for limited access can be operated. With the user has the user permission, he can add or delete accounts from the HMI panel. User permissions only work on components, and make it possible to check the user/operator permission of the current user/operator.

Content
  • Security Levels
  • User Permissions
  • Dynamically Add/Delete Users
  • Permission Control
  • Permissions Control and Security Levels
  • Operation Log
  • Example Project
  • Tips
Security Levels

The security levels are classified into 16 levels (0 to 15) and you can decide how many levels you want to use in NB HMI. When the security level is 0, it means no security levels. Level 0 is the lowest level and level 15 the highest security level, so adding a level means one extra security layer. The default number of security levels configured for a project is 3.
Each level needs a numeric password and as minimum 1 digit needs to be set with a maximum of 8 digit numeric password.


 

User Permissions

The NB HMI provides 32 users and 32 user permissions for free use. The user has a name and a numeric password. The user permissions are freely definable and can be related to the process or a specific task an user/operator is allowed to perform, for example; specific operator tasks, configuring system settings or managing users. It is possible to add/remove and change user permissions from the NB HMI panel. The default log off time of an user is 10 minutes when the user is not interacting with the NB HMI panel. After 10 minutes, the current user will be automatically logged out.

Dynamically Add/Delete Users

Besides configuring users and user permissions in the software, you can also add/remove and change user permissions from the NB HMI panel. The following special registers are needed for this.

Users created on the NB HMI can be saved on your notebook or desktop. Please follow the steps below in order to create a back-up file.

Open NB-Manager in NB-Designer by selecting 'System Manager' in the dropdownmenu 'Tools'.

Verify if the Communication Setting is setup correctly and select 'Upload FRW Data' in the tab 'Upload Operation' to start the back-up procedure for the user information.

Save the file.

To restore the user information please select 'Download FRW Data' in the tab 'Download Operation'.

note 1: Uploading the user information only applies for the users created on the NB HMI. The users created in the NB-Designer project are not included in the back-up file.

note 2: Downloading the user information does not erase the user information created in the NB-Designer project.

Permission Control

Each component can have several setting to enable the access/function of this component. Under Conditional control you will find the security control settings.
Setting the security level and/or permission control for the component means only the user having this authority can operate the component.

Permission Control and Security Levels

By checking the ‘Auto show login window’ option the login screen will pop-up automatically for the user to input the password for convenient login when the security level or the permission of the current user doesn’t meet the requirement of the configured level or user permission. This option can be found at the ‘Control Setting’ tab.

Operation Log

The Operation Log component can be used to record or display the operations made by the users in the HMI. The operations are shown in a table form and the log file will be stored into the external memory in the CSV format.

An operation log can be assigned to an object such as a Function Key. With this option a description can be added of the performed action, this is shown in the illustration below.

Example Project

Let’s try to adopt the information from the previous paragraphs in an actual NB HMI project that visualizes a simple pump installation.

The NB HMI project contains three users: operator, maintenance and engineer. The operator has the lowest permission while the engineer has the highest permission.

The pump installation contains four valves, two centrifugal pumps and a tank. The operator which has the lowest permission is only able to monitor the installation and if necessary start or stop the installation and emptying the tank. While the maintenance user has identical permissions compared to the operator but it has also access to the maintenance screen and is able to manually controlling the valves and pumps. The engineer has the highest permission and has full permission to monitor, manually controlling the valves and pumps, add/edit/delete users and removing events from the event list.

NB HMI Project Screen Structure

The illustration below shows what screen is accessible from what screen.

Tips

  • The touch indicator in the Task bar turns yellow if the object is not control enabled while pressing it.

  • Passwords will be displayed as ‘****’, password display format cannot be changed.
  • Dynamically added users in the NB HMI can be deleted however the password of the appropriate user is required.
  • Immediately modifying the password after adding the user will result in an invalid username. Please log off the current user and log in as the added user to prevent this message from appearing.
  • Added users will be retained after power loss or if the same compiled project is downloaded into the NB HMI. However downloading a re-compiled project or other projects will result in a loss of dynamically added users in the NB HMI.
  • The Security Level can be reset to zero when the screen is switched/closed by checking the ‘Switching to the lowest security level when window closed’ option in the Window attribute.



Attachments



Comments (View All Comments / Add Comment)

Related Articles
No related articles found.
Created 2013-03-01
Modified 2014-02-27
Views 19003

 

You are not logged in.