Skip to main content

iX Developer 2.52

Security Management

Using security groups and passwords in the HMI panel makes it possible to create a security system for the project. Operators can easily be assigned different authorizations in the project to restrict access to objects and functions. Security group information and passwords are stored in the project database.

It is not necessary to use this function if unrestricted access is acceptable. The security function is a predefined component of the Project Explorer.

General Security Settings

General settings for the security function are available by clicking on Security in the Project Explorer, selecting the Users tab and clicking the Settings button.

image334.png

Parameter

Description

Select action on access denied

When a users’s access rights are not sufficient to e.g. modify an object or carry out an action, it is possible to display an access denied message or opening a login dialog. Selecting None performs no action.

Select visibility

When a user with insufficient access rights tries to affect an object, it is possible to specify visibility for those objects:

Disabled: Only users with sufficient access rights can affect the object. The object is visible, but disabled, for users with insufficient access rights.

Hidden: Only users with sufficient access rights can see the object. The object is invisible for users with insufficient access rights

Normal: Only users with sufficient access rights can affect the object. The object looks normal for users with insufficient access rights

Automatic logout

Checking the box makes it possible to log out users automatically after a certain number of minutes of inactivity. After an automatic logout is executed, a screen jump to the start screen will be performed, if access to the active screen is not granted.

Note

The automatic logout will not be carried out if a communication error (COM error) is active in the panel. After removing the communication error from the panel, the automatic logout will be performed within the specified time, calculated from when the communication was reestablished.

Password Rules Properties

Allows setting a minimum number of characters for passwords.

Related information

Logging In and Logging Out

Security Groups

Security groups are defined on the Groups tab of the security configuration page. When objects and screens have been set up with restricted access, the current user must belong to a specific security group in order to control or see the object or screen.

Creating Security Groups

A new security group in a project is defined by clicking on Security in the Project Explorer, selecting the Groups tab and clicking Add.

image335.jpeg

Parameter

Description

Name

Any alphanumeric string, beginning with a letter (a-z, A-Z)

Users

Selection of users defined on the Users tab to be included in the group

Users Invisible in Runtime

When the box is checked, the users in the current group will not be available for selection from the Login dialog in runtime. It will still be possible to type in the user name and password to login.

HMI panel targets only: In order to enable the possibility to manually enter a user name and password, it is necessary to click the “Login” header on the Login dialog in runtime. Doing so and then clicking on the User field will present the user with a keyboard on which a user name can be entered.

Users

Users and passwords for login are defined on the Users tab of the security configuration page.

image336.jpeg

Parameter

Description

Name

Any alphanumeric string, beginning with a letter (a-z, A-Z)

Password

Any alphanumeric string; minimum length according to Password Rules properties. The password is converted to asterisks as you leave the password input cell.

Description

An optional description of the user

Groups

Selection of security groups for the user

It is also possible to add users and change passwords directly in a running project, using the Show Users Dialog action.

Logging In and Logging Out

The login dialog can be displayed in runtime by, for example, clicking a button, for which the Login action has been specified. It is possible to change password from the login dialog.

image337.png

The login dialog lists all users that have been configured for the current project, except for users in groups for which Users Invisible in Runtime was selected.

It is also possible to configure a general behavior that brings up the login dialog any time a user tries to affect an object that is not within the current user’s access rights. This behavior is configured from the Properties window for the Security function, and selecting ShowLoginDialog for action on access denied.

The Logout action is used to perform a logout.

Users may also be logged out automatically after a certain number of minutes of inactivity by configuring Automatic logout in the Properties window for the Security function.

Note

After logging out, the function Show Previous Screen for function keys and touch keys will be ignored. This is a security feature to prevent unauthorized persons from accessing screens protected by passwords.

Object Security and Visibility

Object access can be restricted to a certain security group. Each security group contains a set of users and each user has an individual password. To be able to control an object with a security setting, the user must belong to the defined security group, and has to login.

Object security is controlled by selecting the object, and then opening the Tag/Security group of the Home or General ribbon tabs.

When no security is set for an object, the object will be available to everyone, i.e. login will not be requested.

Note

Security has higher priority than dynamics.

It is not possible to set security on function keys.

The visibility and behavior settings specified in the security manager will be used when a security group is set but no explicit visibility is specified. The following options can be set:

Visibility

Description

Default

The object looks normal and is visible for anyone.

Disabled

Only users in the selected security groups can affect the object. The object is visible but disabled and greyed out, for users with insufficient access rights.

Hidden

Only users in the selected security groups can see the object. The object is invisible for users with insufficient access rights.

Normal

Only users in the selected security groups can affect the object. The object looks normal for users with insufficient access rights.

Cyber Security Best Practice

It is recommended to configure network firewalls to restrict access to the panel. For more information, contact your IT administrator. Some procedures, for example updating Image, requires access to panel and is then specified in the corresponding instructions in the reference manual.

Caution

Any security measures described in this manual, for example, for user access, password security, network security, firewalls, virus protection, etc., represent possible steps that a user of iX Developer, iX Developer and Runtime may want to consider based on a risk assessment for a particular application and installation. This risk assessment, as well as a proper implementation, configuration, installation, operation, administration, and maintenance of all relevant security related equipment, software and procedures are the responsibility of the user of the iX Developer.

Caution

It is the responsibility of the user of the iX Developer to deploy the product appropriate, including procedures/policies regarding organizational measures with required precautions and measures to ensure iX Developer functionality.

Web Server Security

The web server is disabled by default. It can be enabled on request using the Enable Web server option available in iX Developer. For more information on accessing the Enable Web server option in iX Developer and general handling of web server in controller, refer to iX Developer Web server configuration for more information.

The web server provides a login form, that is used for clients to authenticate, by default. Refer to section Login Form for more information. Replace this with a password that conforms with your organization's security policy at the first possible opportunity. See your organization security policy for setting a password, refer to customer password security configuration.

Caution

If the default password is not replaced, the system will be susceptible to unauthorized access.

The password can be any alphanumeric string. The passwords minimum length is four characters and the maximum length is 20 characters.

FTP Server Security

The FTP Server Security is disabled by default. When enabled, it is possible to upload/download files to or from the HMI panel provided that there is an FTP client program in the development PC, e.g. Internet Explorer, Windows Commander or some other standard FTP program.

It is possible to set up access to the FTP server with login requirements and/or as anonymous. An anonymous user has read-only access rights. A user that logs in with the correct user name and password gets read/write access rights. Refer to Section Servers Group (System Ribbon Tab) for more information.

Remote Server Security

The Remote Access function is disabled by default. The Remote Access function makes it possible to access, reflect and control an HMI panel from a PC by using the free VNC client program Remote Access Viewer together with the built-in VNC server in the HMI panel.

It is possible to set up Remote Access with a view only password and/or a full access password. The view only password allows reflecting the panel remotely; the full access password allows also control of maneuverable objects in the panel.

Only one VNC client can connect to the VNC server. Only available when an HMI panel is selected as target.

Caution

To protect secrecy when entering a password via Remote Access Viewer, it is recommended to use the PC keyboard. Otherwise it is possible that the cursor on the remote HMI panel displays which keys are pressed on the alphanumeric keyboard. Refer to Section Refer to Section Servers Group (System Ribbon Tab) for more information.

OPC UA Security

The OPC UA Server is disabled by default. When enabled by the Enable OPC UA Server option available in an iX Panel, it is possible to publish tags with an OPC UA Server.

A certificate will be auto generated and self-signed when the server first starts up. The certificate will be valid for 20 years. The certificate contains no IP address since this could change after the certificate has been generated.

Note

When a Project is re-downloaded to a panel containing an OPC UA certificate, the user can choose to keep the pki folder (containing the OPC UA certificate). Otherwise, the certificate is deleted and a new one is created.

Limitations

Discovery

Not supported

Encoding/Transport

Only UATCP Binary

User authentication

Only user name/password. Only one account.

Security

No encryption support.

Refer to Section Servers Group (System Ribbon Tab) for more information.

Project Transfer Security

Selecting Back Up Project compresses the project and saves it as a ZIP file. The user will be prompted for a path where to save the ZIP file and will also be offered the possibility to password protect the ZIP file.

Upload: Starts the transfer of the ZIP file from the selected target. The user will be prompted for a path where to decompress the ZIP file. If the ZIP file is password protected, the user must enter the password to be able to upload and decompress the ZIP file. Upload is not supported for all panels. If greyed out, please update to latest “System program”.

Verify: The verify function enables the user to check if a target platform configuration is identical to the project configuration. Verify is not supported for all panels. If greyed out, please update to latest “System program”.

Email (Alarm distributor)

User name and password protected if Authenticated Login is selected. Refer to Section Configure Distribution Devices in Reference manual for more information.

Ethernet Printer Devices

User name and password protected if Authenticated Login is selected. Refer to Section Output Devices Group in Reference manual for more information.

Password Settings

Password protection for Remote Access, Web server, OPC UA Server , FTP server is set in design time when creating projects. Any changes to passwords has to be done to the project in design time and the project has to be re-downloaded.

Password protection for Define Security User and Alarm Distributor Security is set in runtime, but can be set in design time as well. Default setting is set to “No password” when enabling a function.

Caution

It is highly recommended to set a password when enabling a new function, especially when it is exposed to the Internet.

Define Security Users

Using security groups and passwords in the HMI panel makes it possible to create a security system for the project. Operators can easily be assigned different authorizations in the project to restrict access to objects and functions.

Security group information and passwords are stored in the project. Security level is set per user group. The security groups are set in design time, and only the members of a security group can be modified in runtime. Refer to Section Security Management for more information.

When a user with insufficient access rights tries to affect an object, it is possible to specify visibility for those objects:

Disabled: Only users with sufficient access rights can affect the object. The object is visible, but disabled, for users with insufficient access rights.

Hidden: Only users with sufficient access rights can see the object. The object is invisible for users with insufficient access rights.

Normal: Only users with sufficient access rights can affect the object. The object looks normal for users with insufficient access rights.

It is recommended to use visibility Hidden for sensitive functions only visible for example service engineers. Refer to Section Security Management for more information.

Note

Security users created in designtime is not possible to remove in runtime.

Service Menu Password Setting

Enter a pin code for the service menu. No pin code enables the service menu for all users. Only numbers (0–9) are allowed. Refer to Section Service Menu Group for more information.

Audit Trail

The Audit Trail function makes it possible to track operator actions. When enabling the Audit trail function to a project, select which actions to log. No actions are set in the default setting. Refer to Section Audit Trail for more information.

The following actions that can be logged, are specified in the table below:

Show Unit Conversion Dialog

Acknowledge All Alarms

Acknowledge Visible Alarms

Acknowledge Selected Alarm

Alarm Info

Clear All Alarms

Clear Visible Alarms

Filter Alarms

Pause Viewer

Enable/Disable Alarms

Zoom In

Zoom Out

Pan Down

Pan Up

Pan Right

Pan Left

Trend Viewer History

Show Backlight Settings

Set Date And Time

Set Time Zone, Region And Daylight Saving

Copy Debug Log to USB Memory

Disable Debug Logger

Enable Debug Logger

Show IP Settings

Print Screen

Close Application

Run

Show Next Screen

Show Previous Screen

Show Start Screen

Backup Database

Restore Database

Database Cleanup

Database Export

Decrement Analog

Increment Analog

Reset Tag

Set Analog

Set String

Set Tag

ToggleTag

Open Address Book

Storage Device Detection

Open Routes Configurations

Clear Data Logger

Log Once

Start Logging

Stop Logging

Email Configuration

Set Language

Change Active Controllers

Clear Non-volatile Values

Show User Dialog

Delete Recipe

Load Recipe

End Offline Recipe Editing

Export Recipe

Import Recipe

Save Recipe

Start Offline Recipe Editing

Generate Report

Show Screen

Close Screen

Run Script

Login

Export User Accounts

Import User Accounts

Logout

Antivirus program

It is recommended to have a antivirus program installed on your PC.

Note

iX Developer has been tested with the following antivirus software:

  • McAfee Virusscan Enterprise

  • Symantec Endpoint Protection

Physical Protection

Physical security considerations elaborate measures that shall be in place to prevent unauthorized access via physical channels into the system. Measures can be security guards, locks, limitations in access to the equipment and similar.

iX Developer runtime is supported both on virtual and on physical machines. There is the possibility that removable assets/communication lines can be used in both these systems.

Caution

The user shall implement necessary physical precautions to prevent unauthorized access to the system and to removable assets/communication lines.

Open Ports

Communication drivers uses either dynamic ports or static ports and both are opened for communication. It is not always a fixed port that opens, this differs from driver to driver. Refer to specific driver help file.

Type

Description (Port)

Open by default

[a][b][c]

TCP

FTP (21)

No[a]

TCP

SSH (22)

No

TCP

HTTP (80)

No[a]

TCP

DCOM (135)

Yes

TCP

OPC UA (Default 4840)

No[a]

TCP

Remote access viewer (Default 5800)

No[a]

TCP

Alarm distributor, send Email. (Depends on the server)

No[a]

UDP

Project Transfer (9999)

Yes

UDP

Netbios (137)

Yes

UDP

Netbios (138)

Yes

TCP

Transfer download (9999)

No[b]

TCP

Alarm server (Default 1000)

No[a]

TCP/UDP

HASP (1947)

Yes[b]

TCP

MCER (6510)

Yes[c]

UDP

IPv6 Support (3544)

Yes[c]

UDP

IPsec (4500/500)

Yes[c]

[a] Opened by configuring iX Developer.

[b] Opened by the iX Runtime installer.

[c] Opened depending on the target type and image version.

Client ports

The iX Developer can use the ports, presented in the table below, when acting as a client to a server.

Type

Description (Port)

TCP

DHCP (135)

TCP

DNS (135)

TCP

WINS (135)