Presentation is loading. Please wait.

Presentation is loading. Please wait.

By Jacques Terblanche Johnson Matthey

Similar presentations


Presentation on theme: "By Jacques Terblanche Johnson Matthey"— Presentation transcript:

1 By Jacques Terblanche Johnson Matthey
How to secure your Rockwell PLC’s and enforce Software Change Management using MDT AutoSave By Jacques Terblanche Johnson Matthey

2 Introduction Project Solution Agenda Benefits Considerations Summary

3 Background to the Project
This project shows how to secure your Rockwell PLC’s at no additional cost using out the box solutions and how to implement software change management on PLC code using MDT’s AutoSave.

4 Project Goals Secure all Rockwell SLC and CLX PLC’s from:
Unauthorised online changes Unauthorised access from a 3’rd party’s PC running PLC Development software Provide easy configuration to change security access Implement Software Change Management on PLC Code

5 Introduction Project Solution Agenda Benefits Considerations Summary

6 Why AutoSave A need was identified to perform Software Change Management on all PLC code and to secure all PLC’s from unauthorised access A comparison was done between MDT AutoSave and Rockwell’s Factory Talk Asset Centre to determine the best solution to provide Change Management as well as securing PLC Processors

7 Which solution? AutoSave or Asset Centre? AutoSave Change Management
Archive of changes Scheduled Compares Locked programs AutoSave InTouch Plugin Archestra Plug-in

8 Why Software Change Management?
Where is your latest backup C:\Projects\PLC001 or z:\PLC Backups\PLC001 Which file is the latest change 05_03_09_PLC001 or 06_03_09_PLC001 What was changed? Uhm can’t remember, that was 2 weeks ago

9 AutoSave Central location of all backups
Resides on AutoSave Server Use normal IT backup methods to backup my backup Central Location to access all projects Launch AutoSave Client Configured in tree structure to easily access projects Provides a revision history with comments Enforces comment

10 New features in AutoSave 5.04
Spaces Rearrange tree structure by moving areas and programs Why is this important Current structure is flat Move option allows restructuring of Plant model to represent a S95 model type

11 FactoryTalk Services Platform
Where to find the Services Platform RSLinx Classic Optional steps Install FactoryTalk(R) Services Platform What is installed Administration Console Directory Configuration Wizard Security Configuration Emulator Specify Directory Location

12 FactoryTalk Administration Console
Used to configure either Local or Network Security Provides central place to configure: Users and Groups Use Local users or Active Directory Groups Networks and Devices Configure for entire network Configure individually Computers Add PC Nodes which will be used for Development as well as nodes used to perform remote connections Policies

13 Configuring Security Logix 5000 Logix 500
Set Administrator to configure Controller Secure Set Logical Name Set Controller Security Logix 500

14 Enabling Security for Logix 5000
Install Emulator Must be installed on all Development PC’s Enable Security Key Run SetSectKeys and Enable RSLogix 5000 Security Controller Properties Change Security Setting to RSI Security Server Can be done Online to PLC

15 Enabling Security for Logix 500
New install Select Enable FactoryTalk Security during install Current Install Run setup again and select Security option Securing the Controller Convert old Logix 500 projects to version 7 or later Enable Processor Secured from Controller Properties Download converted project to PLC

16 Configuring AutoSave for Security Services
Open AutoSave Client Logon to AutoSave Server Select PLC Launch Project NO CONFIGURATION REQUIRED

17 What now? Windows user authenticated to Security Server
Local Users Domain users User with development privileges User with read only privileges

18 Topology - Software The AutoSave system consists of: AutoSave Agents
AutoSave Server 2003 Server SQL 2000 SP4 AutoSave 5.04 FactoryTalk Services Platform – Network Security AutoSave Agents Logix 500 and 5000 One Logix 5000 agent and one Logix 500 agent FactoryTalk Services Platform – Referencing AutoSave Server AutoSave Development clients XP SP2 Pro

19 Topology - Network

20 Topology – Use of Agents
Remote connection enabled User starts a Terminal Session Allows multiple users access to AutoSave Less development software installations

21 Introduction Project Solution Agenda Benefits Considerations Summary

22 Benefits / Goals Achieved
Were the initial goals achieved? Secure all Rockwell PLC’s – YES Provide Software Change Management - YES What benefits? PLC Online connection is read only No Online changes possible No offline changes possible No access via unauthorised Development software

23 Introduction Project Solution Agenda Benefits Considerations Summary

24 Lessons Learned SLC projects must be converted to the latest Logix 500 version Cannot access PLC’s if Security Server is unavailable Install and configure secondary security server for emergencies

25 Introduction Project Solution Agenda Benefits Considerations Summary

26 Conclusions It is essential to have the correct tools available to perform Software Change Management MDT AutoSave provides an easy interface with all the functionality. Securing your Rockwell PLC’s is quick and easy using the Factory Talk Service Platform

27 The End....


Download ppt "By Jacques Terblanche Johnson Matthey"

Similar presentations


Ads by Google