The human-machine interface (HMI) is the window to the equipment’s operations. As remote connectivity and data sharing continue to play larger roles, machine builders capitalize on the HMI’s digital capabilities. This select panel of experts discusses where HMI software is leading operator interface, as well as the equipment it puts a face on.
How do I keep the HMI application secure while providing remote viewing of the application?
Aaron Severa, Pepperl+Fuchs: Security is obviously an important issue when it comes to process plants and should not be taken lightly. Security measures can include using an anti-virus software to secure your HMI from viruses or malware. But HMI applications should also be protected from internal sources such as workers who should not have access to certain settings within a device.
You can restrict access to settings and profile menus with password-protected user groups. The base user group, the operator level, completely restricts all access to settings menus and the ability to create, delete or change anything. An operator only has access to what has already been created and configured on the HMI. The engineer user group allows basic settings to be managed and remote connections—Microsoft RDP, VNC—to a host computer or server network to be created and modified. The administrator level allows full access to the thin client settings and provides the ability to completely tailor the thin client to the application and, more importantly, the security protocol of the facility.
In many facilities that are using a thin client network, customers are looking for ways to remotely manage and view the entire installation of HMI workstations. They want to know what is happening on a workstation at any given time and be able to remotely update settings and firmware with the push of a button from anywhere in the facility or even from a remote location.
User groups can be created and assigned to different personnel within the plant. These user groups are fully customizable and allow privileges to be assigned for each user and each user group. For example, you can allow only some personnel to remotely view the workstations but not have the ability to change settings or edit user privileges. All of these users and groups are password-protected and secure.
Aaron Severa is product manager, HMI at Pepperl+Fuchs.
Eric Reichert, Phoenix Contact USA: Remote viewing and, to narrow in, mobile viewing, is a growing trend that we're starting to see within the market place. With many suppliers now coming out with their own apps, accessible both in the Apple store and Google Play store, customers are able to bring new devices directly onto their networks. This is great from an accessibility standpoint but also opens up their processes to new vulnerabilities. In most installations, customers are using wireless access points to open their applications to these third-party devices. To combat against the vulnerabilities, they can encrypt and protect these networks, just as they would any wireless network, to ensure that only those meant to be using it are connected. Beyond the infrastructure, they can also pcassword-protect their apps, so that the users trying to remote-view the application need to be aware of a specific port and username/password. Once connected, access can be further restricted by a separate navigation of screens that are mobile-optimized. These screens may have scaled-back capabilities and be more optimized on viewing vs. operating. Phone applications are often different than standard virtual-network-computing (VNC) connections because users are viewing the application asynchronously vs. taking remote control, where a local user would see the mouse move as a remote user operated the machine.
Eric Reichert is product marketing lead specialist—industrial PCs and HMIs at Phoenix Contact USA.
Alicia Millinger, GE Digital: As a first step, make sure that you are keeping your HMI software up-to-date, using the latest version, as well as the latest version for all HMI-related software such as your operating system. This is a basic but often neglected way to improve the security of your system. Second, use remote viewing technologies available from your HMI supplier.
Alicia Millinger is marketing manager, automation software at GE Digital.
Allen Tubbs, Bosch Rexroth: Implementing standard user management features is a start. But for more sophisticated security, network features like firewalls and VPNs can be implemented, as well. Most HMIs today have operating systems that have the full capabilities of a PC, allowing implementation of standard and well-known security practices. Additionally, machine controllers are now implementing security protocols such as secure file transfer protocol (SFTP) and secure shell protocol (SSH) as part of their communication channels, too, creating a secure connection between HMI and machine control.
Chirayu Shah, Rockwell Automation: Securing mobile users requires a robust network architecture for integrated control and information systems. Rockwell Automation and Cisco have developed best practices for designing networks using a converged plantwide Ethernet architecture
One recommendation is to segment plant and business system networks with an industrial demilitarized zone (IDMZ). An IDMZ creates a barrier between the plant and enterprise zones, allowing users to share data from the HMI while helping to prevent traffic from directly traveling between the two zones. For mobile users, remote HMI access should be limited to specific authorized individuals who connect through the IDMZ and log in through a server.
The centralized management of content also provides a new layer of security for mobile HMI devices. A location-based feature uses geofencing technology that only allows users to look at the content when in a specific area of a plant.
Chirayu Shah is marketing manager, HMI software, at Rockwell Automation.
Chuck Harrell, Advantech: The HMI software provides authority protection to identify remote access. Usually the HMI using the same network as the machine must pass through a firewall of field networks.
Chuck Harrell is key account and product marketing at Advantech.
Jeff Hayes, Beijer Electronics: HMI applications can be changed if someone has local access to the machine, say, through the USB port, or remotely via the Ethernet port. Passwords can be placed on project updates. Remote access can be secured by forcing solid password policies, such as strength and change frequency, and by creating various authorization user groups, such as operators, maintenance and controls engineers. Also, require a pin code to access the service menu.
Jeff Hayes is regional product manager at Beijer Electronics.
Chris Harris, Revere Control Systems: View-only web portal residing in a DMZ on the network will keep it secure.
Asako Takayasu, Fuji Electric: Each user ID has security levels. Even if you don't make changes to the screen to operate the machine, you will be asked to log in just to monitor the screen remotely. Also, thanks to the operation logging information, you can learn who had an access and when it was. You can check the operation logging data on the HMI unit screen or output the log in binary format and check on your computer.
Asako Takayasu is international product specialist, HMI, at Fuji Electric.
Robert Zeigenfuse, Avanceon: Determine the correct amount of cybersecurity required, implement it and keep it current. Most mean to, but are not very process-oriented in determining, implementing and maintaining cybersecurity. If one does not have the technical resources to do this important function properly, they should consider outsourcing it to a qualified and certified firm.
Vikram Kumar, EZAutomation: In order to keep HMI applications secure while providing remote access, HMI hardware and software must support secure software formats such as WPA/WPA2 with encryption WEP/TKIP/AES. It is also important to have unique SSIDs and passwords for each remote user, so traceability is present.
Vikram Kumar is president/CEO of EZAutomation.