System Programming
HI 803 211 E Rev. 1.01.00 Page 85 of 110
6.4 User Management
The user management allows users to organize user groups, user accounts and their access
permissions for each individual project. The user management in SILworX is set up for each
project and each controller:
The PADT user management controls the access to the SILworX project.
The PES user management controls the access to the PES.
HIMA recommends using the user management for protecting SILworX projects and controllers
(PES) against unauthorized access and cyberattacks. Refer to the HIMA automation security
manual (HI 801 373 E) for more details.
6.4.1 PADT User Management
The PADT user management is used to create user groups and user accounts. The user
management and access permissions apply to one SILworX project.
If no PADT user management exists, any user can open and modify the project. If the PADT
user management has been defined for a project, only authenticated users can open the
project. If a PADT user account was defined in a project as the default user account, every user
can open the project with the default user account. Only users with the corresponding rights
may modify the projects. The table shows the possible access modes (permission levels).
Security administrators may modify the user management, i.e., set
up, delete, change user accounts, user groups and the user
management, and define the default user account.
They may also perform all SILworX functions.
Allows users to perform SILworX functions, except for the user
management.
Read-only access, i.e., users may not change or archive the
projects.
Table 28: Access Modes for the PADT User Management
The PADT user management allocates the permissions to the user groups. A user may only be
member in one user group. The user accounts obtain their permissions through the user group
assigned to them. At least one user group with configured user must have the access mode
Security Administrator.
Properties of user groups:
The name must be unique within the project and may contain 1…31 characters from the
ISO Latin 1 character set. Leading white-spaces are ignored.
An access mode is assigned to a user group.
Any number of user accounts may be assigned to a user group.
A project may contain any number of user groups.
Properties of user accounts:
The name must be unique within the project and may contain 1…31 characters from the
ISO Latin 1 character set. Leading and trailing white-spaces are ignored.
A user account is assigned to a user group.
A project may contain any number of user accounts.
A user account can be the default user account of the project.
No additional authentication is required if the project is opened with a default user account. The
default user account is defined in the Properties of the user management. Note: Close the user
management editor prior to opening the Properties dialog box.
To Next Page
Loading...