Key Concepts and Terms

Users

Anyone accessing the solution, either in engineering (Designer Tool) or in runtime mode (Displays).

Permissions

Permissions are set levels of access for each user that determine what they can or cannot do within the solution.

Policies

Policies manage requirements on User Identification and Session Control.

RuntimeUsers

These users are created and retrieved from an external encrypted SQL database or other identification servers.

Features Highlights

The Security Module in FactoryStudio provides a range of features to ensure comprehensive security for your projects. Key features include:

• User Management: Easily create and manage user profiles with customizable access levels to project components.
• Group-based Permissions: Define the access level for each user group within the project.
• Session Policies: Manage user identification and session control requirements.
• Runtime Users: Dynamically add and remove users without needing to modify the project.
• Integration with Active Directory and LDAP: Seamlessly streamline user management across your organization.

Security

FDA 21 CFR Part 11 and NERC 

Our software platform offers various security and compliance features to assist organizations in meeting the requirements of FDA 21 CFR Part 11. It's important to recognize that compliance is a continuous process. Therefore, organizations should consistently monitor and update their systems and policies to ensure alignment with the standards set by the FDA.

Built-in .NET Security 

Our platform’s development relies on .NET and utilizes managed code, adhering to security guidelines. Development with .NET managed code must comply with .NET rules. Specific guidelines are tailored for different modules. For instance, Alarms adhere to FDA guidelines, while Electrical device communications adhere to IEC61850 standards, among others. Below, we'll outline the main FS-Security topics along with some basic information about each.

Group and User Permissions 

Using our platform, you have total flexibility to define privileges based on groups or individual users. Permissions can be set globally or linked to specific displays, objects, or input actions.

Runtime Users 

Easily create users on the fly and store their credentials in SQL databases. You can also retrieve users from Active Directory or third-party systems for integrated security and unified login.

User Policies

We offer a complete set of user management features, including identification policies, session duration control, automated logoff, e-signatures, audit trails, and more.

Redundancy

Hot-standby Fault-tolerant Servers 

Our platform provides reliable and easily configurable redundancy for seamless failover. It automatically initializes and synchronizes the primary and secondary servers. Additionally, setting up redundant physical networks and PLC nodes for device communication channels is straightforward.

Database Redundancy

You can assign the Alarm and Historian database to a third-party external cluster, or they can be automatically replicated when running on the platform’s servers.

Project Configuration Synchronization

The engineering tools offer features that simplify configuration and updates in redundant scenarios.

Hot-swapping

Redundant or stand-alone servers enable seamless switching of project versions, ensuring uninterrupted service for connected clients while maintaining the real-time database loaded.

Redundancy at the Core Level 

All modules, including Real-Time tags, Devices, Alarms, Historian, Scripts, and Clients, were built from the ground up to meet redundancy and hot-swapping requirements.

Redundancy can be set individually for each Execution Profile (Development, Testing and Production)