In order to comprehensively protect employees and machines, users need a holistic security concept that takes into account all aspects of machine safety and Industrial security.
Pilz’s “Identification and Access Management” portfolio can provide users with comprehensive products, solutions and software. From simple authentication to complex access rights, access management, to secure operating mode selection, maintenance and protection of data and networks, combining machinery safety and industrial security functions in a single system.
Functionally safe operating mode selection up to PL d Cat 3
If it is necessary to switch between different safety levels and safety functions, the selection of the operating mode is part of functional safety. This is often the case if a tool is to be changed or a machine is to be reconfigured. One or more safety devices, such as safety gates or enabling switches, can be opened or closed, depending on the selected operating mode. The associated risk of equipment damage and personal injury must be minimized. In order to preclude misuse and tampering as much as possible, access to the selection of operating modes must be restricted to suitably qualified personnel and must be designed to be as convenient and simple as possible for the user.
The operating mode selection and access authorization system PITmode from Pilz not only provides functionally safe operating mode switching up to PL d Cat 3 of EN ISO 13849-1 or SIL CL 2 of EN 62061 through self-monitoring, but also controls access rights. Its electronic keys offer more security than traditional keys, which are often inserted directly into the machine, and therefore offer as little security as password protection (easily compromised).
PITmode fusion can be used with all failsafe controllers. The safety evaluation unit detects the specified operating modes and evaluates them in order to provide functionally safe switching. With the small controller PNOZmulti 2 or the automation system PSS 4000, implementation is even simpler, since the safety evaluation unit for reading the operating mode is already provided as a function block. The operating mode is selected via buttons (PITmode flex) or via touch input on the PMI panel (PITmode flex visu).
Access rights and access management
Through user authentication, selectively access dangerous machines, protect users’ employees from harm, and protect machines from improper use and damage. In both cases, downtime is avoided and productivity is preserved.
With the access authorization system PITreader, many tasks related to access rights can be realized. Options range from simple enablement in place of passwords, to authentication of specific machine sub-functions, protection of security doors, to complex, hierarchical authorization matrices and company-specific coding for additional protection against tampering.
Especially for the safety door guards required by many machines, the access authorization system PITreader provides additional security. The guard locking device can only be released after authentication. This also applies to control units such as the pushbutton unit PITgatebox. With the integrated access authorization system PITreader, this is an ideal solution for authentication and operation in one device and guarantees that only authorized personnel can execute commands such as stop, unlock, lock or reset at the factory.
Data Protection and Cyber Security
Data protection and cybersecurity are increasingly relevant to industrial installations. The security concept needs to take into account two aspects of machine safety and industrial information security. Vulnerabilities can only be effectively prevented by taking a comprehensive approach. The best security door protection is worthless if user data, know-how and operations are not adequately secured against unauthorized access, external attackers breaking into the control network or tampering with the control system.
The Industrial Security Bridge firewall protects the data flow to the Pilz controller from “external” threats, such as hacker attacks, and thus prevents the data flow from being tampered with. The firewall monitors the data traffic between the PC and the controller and reports any unauthorized changes to the control items. In this way, it provides effective protection against network-based attacks and unauthorized access.
The activatable USB interface PIT oe USB protects against dangers “inside”, be it careless or deliberate. In combination with the access authorization system PITreader and authentication via individual RFID transponders, the USB interface is only activated for authorized persons and only for these persons to use the USB device on the machine. Therefore, when it is necessary to operate an input device such as a mouse or a keyboard, or to import or export data via a USB device, the user will have additional security.
The Links: SH-4 JANCD-YIF01-1E