November 30th, 2010
In part 1, I covered a simple example on setting up security in IAS. We often run across scenarios where System Platform security either doesn’t work quite like we want (second person verification) or can’t do what we want (supervisor verification). The goal for part 2 is to outline the existing holes and to cover some of the tips & tricks we’ve got for applying security above and beyond the system’s existing capabilities.
Read the rest of this entry »
2 Comments | 
Security | 
Permalink
Posted by David Goodman
November 18th, 2010
Before I get into ways to cover some of the gaps in IAS’s security scheme, I wanted to briefly go over how to implement domain-based security in IAS & InTouch. To be fair, you can get most of this from the help manual, but I’m going to try to explain it with an example.
Read the rest of this entry »
No Comments » | Security | Permalink
Posted by David Goodman
November 5th, 2010
Most of our IAS systems have a lot of vendor provided pieces of equipment (aka skids). Those skids usually have their own PLC and HMI. The HMI’s usually have some function to login and they apply security based on the users group or security level. Most of them have common or shared accounts that everybody knows the password for (even the disgruntled guy you just fired).
The other way that shows up a lot is having individual user account & privileges being role based. If you have 15 users and 30 skids, that becomes a management nightmare trying to disable users, remember passwords, etc. You could draw the same corollary to a bunch of Windows PCs’. Security would be much easier to manage from a single location. Our IAS system are always built on top of a Windows ActiveDirectory (AD) Domain. This at least simplifies all of the SCADA security to be managed in one place: the domain controller (DC). Wouldn’t it be nice to use that to manage the skids too?
Read the rest of this entry »
5 Comments | Leveraging .NET, Security | Permalink
Posted by David Goodman
October 29th, 2010
IAS is as flexible as or more flexible than any other platform out on the market in terms of the breadth of programming possibilities. The concept of inheritance makes it possible to make changes at a template level and all of its children (templates & instances) will be changed too. Equally as powerful is IAS’s inclusion of .NET in their QuickScript language.
Read the rest of this entry »
8 Comments | Leveraging .NET | Permalink
Posted by David Goodman
