View Source

About the Security Module

The security module provides various security measures to protect the system and its data, including access control, user authentication, and data encryption. It enables users to define and manage user roles and permissions, limiting access to specific areas of the system based on user roles and privileges.

The module also supports multi-factor authentication and includes features such as audit trails and activity logs, which track user activity within the system, providing a detailed record of who accessed what data and when. This helps detect and investigate security breaches and identify potential security threats.

The security module also supports various industry-standard security protocols, including Secure Sockets Layer (SSL) and Transport Layer Security (TLS), which provide secure data transmission between the system and other devices or applications.

v10 > Security, Users and AD/LDAP > securityredun.jpg

On this page:

Group and User Permissions

The platform offers flexibility to define privileges based on groups or specific users. Permissions can be global or tied to a specified display, object, or input action.

Runtime Users

Dynamically create users and store credentials in SQL databases. Get users from Active Directory or third-party system for integrated security or unified login.

User Policies

Identification policies, session duration, control, automated logoff, e-sign, audit-trail,and a bundle of user management features is available.

FDA and NERC Regulated Applications

Our platform allows delivering applications in compliance with Title 21 CFR Part 11, and it was designed following the applicable recommendations from NERC, such as the CIP- 007-1-Cyber Security-System Management.

Core-Level Security

Security must be implemented at the core, not applied externally. Our modules have built-in security-related components designed from the core.

Redundancy switch time and high-volume data were tested to meet rigorous offshore requirements.

Hot-standby Fault-tolerant Servers

The platform automatically initializes and continues to synchronize the primary and secondary servers. The Device communication channels are also easily set up for redundant physical networks and redundant PLC nodes.

Database Redundancy

Alarm and Historian databases can be assigned to a third-party external cluster or replicated automatically when running on the platform's servers.

Project Configuration Synchronization

Engineering tools provide features to simplify configuration and updates in redundant scenarios.

Hot-swapping

Redundant or stand-alone servers allow dynamic switching of project versions, without interrupting service for connected clients and keeping the real-time database loaded.

Redundancy at the Core Level

All modules (Real-Time tags, Devices, Alarms, Historians, Scripts, Clients, and others) were designed from the ground up to meet redundancy and hot-swapping requirements.

Learn more at Security, Users and Roles.