The ArchestrAnaut

Most of our IAS systems have a lot of vendor provided pieces of equipment (aka skids).  Those skids usually have their own PLC and HMI.  The HMI’s usually have some function to login and they apply security based on the users group or security level.  Most of them have common or shared accounts that everybody knows the password for (even the disgruntled guy you just fired).

The other way that shows up a lot is having individual user account & privileges being role based.  If you have 15 users and 30 skids, that becomes a management nightmare trying to disable users, remember passwords, etc.  You could draw the same corollary to a bunch of Windows PCs’.  Security would be much easier to manage from a single location.  Our IAS system are always built on top of a Windows ActiveDirectory (AD) Domain.  This at least simplifies all of the SCADA security to be managed in one place:  the domain controller (DC).  Wouldn’t it be nice to use that to manage the skids too?

Read the rest of this entry »

IAS is as flexible as or more flexible than any other platform out on the market in terms of the breadth of programming possibilities. The concept of inheritance makes it possible to make changes at a template level and all of its children (templates & instances) will be changed too. Equally as powerful is IAS’s inclusion of .NET in their QuickScript language.

Read the rest of this entry »