Five key HMI security features
Modern HMI software offers a wide range of security features that, if used, can help strengthen your security. Key features include:
Access control: User authentication and authorization services in your HMI software can help make sure only the right people can perform the right actions at the right terminals. You can even ensure that specific production assets can be accessed only from specific terminals, based on factors like an operator’s line of sight to machinery.
Mobile security: Mobile HMIs – laptop PCs, tablets or smart phones – are increasingly being used to untether workers from fixed terminals. And mobile HMI software can deliver the same role-based access control to mobile devices as what’s possible with stationary terminals. The software allows you to restrict specific displays and interactions for certain users, for example restricting remote workers who don’t have physical access to machinery to view-only HMI access.
Electronic signatures and change confirmation: Built-in change confirmation with electronic signatures can give you greater confidence that only authorized individuals are accessing your production systems and performing certain operations or making changes. You can even require a second electronic signature from an employee in a designated “approver” user group. And if something goes wrong in production, you can review the changes made and electronic signatures logged in your system to help identify the cause of the incident.
Electronic signatures can also help you comply with standards like FDA 21 CFR Part 11 in regulated industries.
Centralized management: Modern HMI software that integrates with your existing IT systems, like Windows Active Directory, can help you more easily and securely manage users and groups in your organization.
For example, employees can use the same user credentials that they use to check their email to log into the HMI software. This can help reduce security risks like shared log-in credentials that can end up being shared on a note taped to a computer for anyone to see. Also, if an employee leaves, their log-in credentials only need to be deleted in one place.
Back-up and recovery: When you integrate modern HMI software with asset-management software, you can automatically back-up your HMI configurations. This allows you to retrieve the latest version configurations so you can quickly recover in the event of a security incident.
Integration with asset-management software also allows you to create an audit trail of operator actions. So, if an alarm goes off or a downtime incident occurs, you can review what the operators were doing to understand what happened. With proper trending and troubleshooting tools, you can even review operator actions and alarm conditions overlaid with process data for a complete look at the situation.
Find a vendor that has your security in mind
When choosing HMI software for your operations, make sure the vendor makes security a priority - not only in a product’s features, but also holistically across the product’s lifecycle.
For example, do they think about and implement security in every new feature or function they develop? Do they perform in-house testing to look for vulnerabilities in their software and work with outside security experts to do similar, third-party testing? And if a potential vulnerability is found in their products, are they transparent with customers about it?
