Example: dental hygienist

SIMATIC HMI WinCC V6.0 SP4 Process Visualization System ...

S Preface Table of Contents Planning the Security Cells and Access Points 1 Managing the Network 2 Managing Computers and Users 3 User and Access Management in WinCC and Integration Into Windows Management 4 Planning Time Synchronization 5 Implementing Patch Management 6 Secure Network Access to Security Cells 7 Concluding remarks 8 References 9 Meaning of the Symbols Used 10 Glossary SIMATIC HMI WinCC SP4 Process Visualization System WinCC Security Concept Recommended and mandatory practice Edition 07/2006 A5E00917540-01 Siemens AG Automation and Drives Postfach 4848, D-90327 N RNBERG A5E00917540-01 07/2006 Copyright Siemens AG 2006 Technical data subject to change Safety instructions This manual contains instructions that must be followed both for your personal safety and in order to avoid damage t

WinCC Security Concept - Recommended and mandatory practice A5E00917540-01 i Preface Purpose of this documentation The "WinCC Security Concept" documentation contains recommended and mandatory procedures for planning and building secure, networked WinCC automation solutions with …

Tags:

  Wincc

Information

Domain:

Source:

Link to this page:

Please notify us if you found a problem with this document:

Other abuse

Advertisement

Transcription of SIMATIC HMI WinCC V6.0 SP4 Process Visualization System ...

1 S Preface Table of Contents Planning the Security Cells and Access Points 1 Managing the Network 2 Managing Computers and Users 3 User and Access Management in WinCC and Integration Into Windows Management 4 Planning Time Synchronization 5 Implementing Patch Management 6 Secure Network Access to Security Cells 7 Concluding remarks 8 References 9 Meaning of the Symbols Used 10 Glossary SIMATIC HMI WinCC SP4 Process Visualization System WinCC Security Concept Recommended and mandatory practice Edition 07/2006 A5E00917540-01 Siemens AG Automation and Drives Postfach 4848, D-90327 N RNBERG A5E00917540-01 07/2006 Copyright Siemens AG 2006 Technical data subject to change Safety instructions This manual contains instructions that must be followed both for your personal safety and in order to avoid damage to equipment.

2 Instructions regarding your personal safety are identified by a warning triangle; instructions regarding general equipment damage appear without a warning triangle. Warnings and associated instructions appear as follows depending on the level of danger (the most dangerous warning appears first). ! Danger Indicates that death or serious injury will occur if the corresponding precautions are not taken. ! Warning Indicates that death or serious injury can occur if the corresponding precautions are not taken. ! Caution With a warning triangle, indicates that minor injury can occur if the corresponding precautions are not taken.

3 Caution Without a warning triangle, indicates that equipment damage can occur if the corresponding precautions are not taken. Notice Indicates that undesirable events or circumstances can occur if the corresponding instruction is not heeded. In the event of a number of levels of danger prevailing simultaneously, the warning corresponding to the highest level of danger is always used. If a warning with a warning triangle warns of potential injury, a warning regarding equipment damage can be included in the same notice. Qualified personnel Reference must be made to this document when setting up the associated device/ System .

4 Only qualified personnel may commission and operate a device/ System . In the context of the safety instructions in this document, qualified personnel are persons who are authorized to commission, ground and mark devices, systems and circuits in accordance with safety engineering standards. Intended use Please note: ! Warning The device may only be used for the applications envisaged in the catalog and technical description, and only in association with third-party devices and components recommended and/or approved by Siemens. In order to operate correctly and safely, the product must be transported, stored, set up and installed correctly, and operated and maintained with care.

5 Trademarks All product names followed by the symbol are registered trademarks of Siemens AG. Other product names in this document may be trademarks whose use by third parties might violate the rights of their owners. Exclusion of liability We have checked the content of this document for consistency with the hardware and software it describes. However, as deviations cannot be totally excluded, we are unable to warrant complete consistency. The information in this document is reviewed at regular intervals and any necessary correction included in subsequent editions.

6 WinCC Security Concept - Recommended and mandatory practice A5E00917540-01 i Preface Purpose of this documentation The " WinCC Security Concept" documentation contains recommended and mandatory procedures for planning and building secure, networked WinCC automation solutions with connected Web clients, SIMATIC IT applications and office networks based on customer specifications. This documentation serves as both a reference and a guide for network administrators working in the following areas: Configuration of WinCC Commissioning and servicing of WinCC Management of company networks It is intended to facilitate cooperation between network administrators managing company networks and automation networks.

7 Required knowledge This documentation is intended for persons involved in the configuration, commissioning and servicing of automation systems using SIMATIC WinCC . It assumes basic knowledge of the common IT technology used in offices. Notice This documentation cannot replace training of personnel in the fields of network engineering, management of Microsoft Windows desktop and server stations and operation of these stations in Windows domains and in fact assumes some previousknowledge of these skills on the part of the reader. Validity of the documentation The " WinCC Security Concept" documentation is valid for plants running WinCC SP4.

8 Preface WinCC Security Concept - Recommended and mandatory practice ii A5E00917540-01 IT Security in Your Plant The aim of this security concept is to provide IT security in a plant. To this end, the plant is divided into separate security cells. Each of these cells can represent a "closed System ". A network comprising a number of security cells can also be seen as a "closed System ". Several security measures are necessary in this respect. Optimum plant protection can only be achieved by implementing all of these security measures in their entirety. Security Cells Security cells in this document are zones, sections, subsections or units that can only be accessed by authorized personnel.

9 They include: Operator permissions for individual production sections Physical access to production areas and Process control facilities Access permissions for the file System of a Visualization System station or entire computer and control networks and their power supplies The following security concept documents should be used as references in this context: BSI IT Baseline Security Manual, Chapter 4 "Infrastructures" FDA 21 CFR 11, "Electronic Records; Electronic Signatures" NAMUR Worksheet NA 67 "Information Security for Process Control Systems (PLS)" NAMUR Worksheet NA 103 "Use of Internet Technology in Process Automation" ISA 2004 "Security Technologies for Manufacturing and Control Systems", dated March 11, 2004 This security concept can be used to validate a networked plant as a "closed System " according to FDA 21 CFR 11 Section A Para.

10 Number (4): Quote: "A closed System means an environment in which System access is controlled by persons who are responsible for the content of electronic records that are on the System ." End of quote. Preface WinCC Security Concept - Recommended and mandatory practice A5E00917540-01 iii System types The WinCC Security Concept is illustrated in this document on the basis of the following types of System : Single-user System as a Visualization System without Web clients Figure 1 Block diagram of a single-user System Multi-user System as a Visualization System with Web clients Figure 2 Block diagram of a multi-user System Preface WinCC Security Concept - Recommended and mandatory practice iv A5E00917540-01 Large System as a Visualization System with MES and ERP layers Figure 3 Block diagram of a large System Note This SIMATIC WinCC Security Concept has been System -tested and should be implemented in your installation.


Related search queries