With industrial cybersecurity becoming a growing concern in manufacturing facilities across every industry, protecting automation components, such as HMI operator panels, from unauthorised access with the use of password authentication is just one of the security controls that can be implemented.
However, with the vast amount of login data for machines being used throughout any given industrial facility, it’s no surprise that passwords for HMI access control are regularly forgotten.
A UK-based systems integrator, which specialises in the field of machine tool manufacturing, process lines and support services, were facing an influx of call at all hours of the day and night from customers that were seeking help due to forgetting their passwords in order to access particular parameters within the HMI.
On the lookout for an access authorisation method without passwords, the systems integrators started to investigate the SIRIUS ACT ID key-operated switches.
High level of security and usability: Authorisation management with SIRIUS ACT ID key-operated switches
SIRIUS ACT ID key-operated switches can be configured so that authorisation for machine access can be set individually. The ID key-operated switches of the SIRIUS ACT series use electronic locks instead of the conventional mechanical ones. The associated keys contain an RFID chip that makes them uniquely identifiable. Key and switch are linked by a stable radio connection and have no HMI contact.
If the ID key is lost, the systems remain secure because the key can easily be disabled and replaced. In addition, the use of each key is logged so that it is clear who has used the machine and when. This offers additional security and the possibility of evaluating information on operation, downtime or maintenance work, which can be recorded with the aid of a database.
Furthermore, the ID key-operated switches have 4 freely assignable digital outputs. These can be used for control purposes for 4 different levels of authorization, to each of which a coloured key is assigned. 4 keys are thus available for differentiating between the levels of authorization.
Green stands for authorisation or switch position 1, yellow for 2, red for 3, and blue for authorization level 4. When a key is inserted, the key-operated switch enables the corresponding authorisations and indicates them with 4 LEDs. The machine operator can then turn the rotary switch smoothly to the required function, provided he or she has the corresponding authorisation.
Yet, if certain machine functions are only supposed to be available for a specific person or group, this cannot be achieved by using simple key-operated switches. In such a case, electronic switches with RFID technology enable a complex management of rights.
How can a complex authorisation management be implemented with SIRIUS ACT?
There are two different versions of the ID key-operated switches: One version which can be used autonomously and one which communicates with the controller via IO-Link. The IO-Link connection is used for registering and precisely allocating the authorisation levels in the Port Configuration Tool (PCT) or via the TIA Portal.
After shipment of the plant, regardless of location, new keys can easily be added by means of their individual number and also subsequently modified. If an ID key (or tag) is lost, then it can simply be blocked and replaced. It is possible to detect whether a key is inserted on the controller side via a monitored output. In addition, operation, downtime or maintenance information can be recorded and evaluated with the aid of a database for safety or quality purposes.