SlideShare a Scribd company logo

Logix Security for Machine Builders and End Users

Download as PPTX, PDF
Rockwell Automation
Rockwell Automation

Studio 5000 Logix Designer® is introducing a new way to control access to selected routines and add-on instructions using software licensing technology. Additionally, FactoryTalk® Security can now be used by machine builders and end users to enforce policies for accessing controllers and content. Come and learn about these new capabilities.

Software
1 of 32
PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 1Rockwell Automation TechED 2017 @ROKTechED #ROKTechED
Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 2Rockwell Automation TechED 2017 @ROKTechED #ROKTechED PUBLIC Logix Security for Machine Builders and End Users
PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 3Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Agenda Tamper Protection License Protection FactoryTalk® Security Source Protection Security Overview
PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 4Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Secure Automation Environment Network hardware that provides the foundation of a secure environment Who, what, where and when… access is allowed to an application or device Tamper ProtectionInfrastructure Authentication & Policy Management Detecting and recording unwanted activity and modifications to the application Content Protection Protecting the viewing, editing, and use of specific pieces of control system content Mitigate enterprise risk & monetize intellectual property
PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 5Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Studio 5000 Logix Designer® Content Protection History Password Source Protection License Source and Execution Version 8 Version 30Version 20
PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 6Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Summary of the Options – Before V30 Tags AOI’s Routines Modules More… Wide range of user permissions applied to vast range of objects. Source Protection User Permissions Applied to AOI’s and Routines: Protect, Edit, Copy, Export, View Password/ Source Key Legacy Protection
PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 7Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Source Execution* Summary of the Options – V30 Source Protection User Permissions Applied to AOI’s and Routines: Protect, Edit, Copy, Export, View Tags AOI’s Routines Modules More… Wide range of user permissions applied to vast range of objects Password / Source Key Legacy Protection License New!! – Hardened Security Protection *Supported by ControlLogix® 5580, CompactLogix™ 5480, CompactLogix 5380 controllers
PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 8Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Password Source Protection Simple Control of Who Accesses Content Some control over who accesses content, but chief concern is simplicity USE CASE SOLUTION REQUIRES USER TYPE User 1 User 2 User 3 CUSTOMERS WITH FEW USERSStudio 5000 Logix Designer® Password Source Protection LEVEL OF SECURITYMODERATE HIGHEST
PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 9Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Password Source Protection ASSIGN A PASSWORD TO ANY ROUTINE OR ADD-ON INSTRUCTION
PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 10Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Demo Source Protection
PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 11Rockwell Automation TechED 2017 @ROKTechED #ROKTechED LEVEL OF SECURITYMODERATE HIGHEST FactoryTalk® Security Flexible, Manageable Policies for Content Flexible, manageable policies for who can access my content USE CASE SOLUTION REQUIRES USER TYPE Operator RESTRICTED ACCESS Engineer CONTROLLED ACCESS Developer FULL ACCESS END USERS
PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 12Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Directory FactoryTalk® Security • Authenticate the User • Authorize Use of Applications • Authorize Access to Specific Devices FACTORYTALK SECURITY ENABLED SOFTWARE EXAMPLES Enterprise
PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 13Rockwell Automation TechED 2017 @ROKTechED #ROKTechED  Secure a project file with a Permission Set to use the same policies for many controllers Permission Sets for Securing Projects
PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 14Rockwell Automation TechED 2017 @ROKTechED #ROKTechED  Apply Permission Sets to Routines, AOIs and Tags to have different policies for different components Permission Sets for Securing Routines, AOIs and Tags
PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 15Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Guest User Access  With Guest Users, grant limited permissions to users who aren’t members of your FactoryTalk® Directory
PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 16Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Secondary Security Authority  Guest Users can further limit access to a project file with a Secondary Security Authority
PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 17Rockwell Automation TechED 2017 @ROKTechED #ROKTechED FactoryTalk® Temporary Users  Use FactoryTalk Temporary Users to temporarily give someone access to privileges of a different user group
PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 18Rockwell Automation TechED 2017 @ROKTechED #ROKTechED FactoryTalk® Security Machine Builder Environment Machine builder FactoryTalk directory VPN FIELD ENGINEER LAPTOP END USER’S MACHINE NETWORK Project file secured by machine builder Controller secured by machine builder Machine builder Active Directory MACHINE BUILDER’S NETWORK
PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 19Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Demo FactoryTalk Security
PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 20Rockwell Automation TechED 2017 @ROKTechED #ROKTechED LEVEL OF SECURITYMODERATE HIGHEST License Source & Execution Protection Secure Hardened IP Protection of Content Most secure protection possible for intellectual property. USE CASE SOLUTION REQUIRES USER TYPE Activated Secure Device Subscription to License Portal OEMS HIGHLY SENSITIVE IP END USERS THEFT OF CONTENT IS CONCERN License Source and Execution
PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 21Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Content License Protection Robust protection of Intellectual Property END USER RESTRICTED ACCESS MAINTENANCE ENGINEER CONTROLLED ACCESS • Can Diagnose / Modify unprotected parts of the program • Add new content as needed • Force IO, modify a signal, replace/add devices, manage performance data, etc • Uptime! Less support needed • Easily Edit and Deploy IP protected content • Can still use FT Security (V28+) for additional control / access regulation • Multiple IP Owners in one system • Retains Access to Unprotected Content DEVELOPER FULL ACCESS
PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 22Rockwell Automation TechED 2017 @ROKTechED #ROKTechED WORKING TOGETHER CONTENT PROTECTION CAN EXIST TOGETHER LIKE MULTIPLE DIFFERENT LOCKS ON A DOOR Password Source Protection License Source and Execution Protection
PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 23Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Demo FactoryTalk Security
PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 24Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Which Do I Choose? USE CASE SECURITY OPTION I want limited control over who accesses my content, but my chief concern is simplicity I want flexible, manageable policies for who can access my content I want the most secure protection possible for my content I want to control the use of my content Password Source Protection License Source Protection License Execution Protection
PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 25Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Logix 5580 & 5380 – Controller MSG to SELF User configurable functionality for an additional layer of security  Programmatic ability enable/disable via Message to “SELF”  Configurable “Masking” of Scrolled Fields 4-Char LCD  Knowledgebase article KB869648  Embedded Web Page Disable/Enable  Knowledgebase article KB869649, KB869651  Embedded Ethernet port Disable/Enable  Knowledgebase article KB869650, KB869652
PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 26Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Logix 5580 & 5380 4-Char LCD User configurable “Masking” for an additional layer of security  Normal Scrolling Messages on the LCD Display:  1.) Controller Name - ( )  2.) Link Status - ( )  3.) Port Status - ( )  Configurable “Masking” of Scrolled Fields with a MSG to SELF  Default (All shown)  Controller Name and Link Status (only)  Port & IP Address (only)  Completely OFF Knowledgebase article KB869648
PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 27Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Logix 5580 & 5380 Embedded Web Page User configurable Disable/Enable for an additional layer of security  Configurable Disable/Enable of Controller Embedded Web Page Knowledge Base article KB869649, KB869651
PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 28Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Logix 5580 & 5380 Embedded Ethernet Port User configurable Enable/Disable for an additional layer of security  Configurable Disable/Enable of Controller Ethernet Port Knowledgebase article KB869650, KB869652
PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 29Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Component Change Detection Determine if the state of key components in a program have changed (5570)  Quickly determine if changes were made to a program offline.  New Tracking Group setting enables the tracking of changes on a granular basis for tags, I/O modules, and routines within a program.  In the event that changes are made to components within a “Tracked Group”, the group signature will change.  Tracked State Value can be accessed from the Security Tab in the Controller Properties  List of items tracked is located on the View Components page
PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 30Rockwell Automation TechED 2017 @ROKTechED #ROKTechED  Detailed log files created and stored to the SD Card  As detailed as the records that Logix Designer currently sends to AssetCentre  The Controller “cryptographically” signs the log files that are written to the SD card, as well as verify the authenticity of those log files. Controller Based Audit Log Updates to the Controller Logs (5570)
PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 31Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Please take a moment to complete the brief session survey on our mobile app and let us know how we’re doing! Username: Last name Password: Email address used to register  Locate the session in the “Schedule” icon  Click on the “Survey” icon in the lower right corner of the session details  Complete survey & submit  Download the ROKTechED app and login: Thank you! Complete A Survey
www.rockwellautomation.com Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 32Rockwell Automation TechED 2017 @ROKTechED #ROKTechED PUBLIC Thank you

Recommended

RA TechED 2019 - PR03 - Implementation of PlantPAx Systems
RA TechED 2019 - PR03 - Implementation of PlantPAx SystemsRA TechED 2019 - PR03 - Implementation of PlantPAx Systems
RA TechED 2019 - PR03 - Implementation of PlantPAx SystemsRockwell Automation
 
RA TechED - DE10 - Simulation and Optimization of Lines using RAPID, Line Bal...
RA TechED - DE10 - Simulation and Optimization of Lines using RAPID, Line Bal...RA TechED - DE10 - Simulation and Optimization of Lines using RAPID, Line Bal...
RA TechED - DE10 - Simulation and Optimization of Lines using RAPID, Line Bal...Rockwell Automation
 
RA TechED 2019 - PR24 - FactoryTalk Brew Designed to Help Large Brewer's Succeed
RA TechED 2019 - PR24 - FactoryTalk Brew Designed to Help Large Brewer's SucceedRA TechED 2019 - PR24 - FactoryTalk Brew Designed to Help Large Brewer's Succeed
RA TechED 2019 - PR24 - FactoryTalk Brew Designed to Help Large Brewer's SucceedRockwell Automation
 
RA TechED 2019 - SY07- Next-Gen Device Library of Preconfigured Objects
RA TechED 2019 - SY07- Next-Gen Device Library of Preconfigured ObjectsRA TechED 2019 - SY07- Next-Gen Device Library of Preconfigured Objects
RA TechED 2019 - SY07- Next-Gen Device Library of Preconfigured ObjectsRockwell Automation
 
RA TechED 2019 - SY22 - The Future of Software Purchase and Maintenance
RA TechED 2019 - SY22 - The Future of Software Purchase and MaintenanceRA TechED 2019 - SY22 - The Future of Software Purchase and Maintenance
RA TechED 2019 - SY22 - The Future of Software Purchase and MaintenanceRockwell Automation
 
RA TechED 2019 - SY08 - Developing Information Ready Applications using Smart...
RA TechED 2019 - SY08 - Developing Information Ready Applications using Smart...RA TechED 2019 - SY08 - Developing Information Ready Applications using Smart...
RA TechED 2019 - SY08 - Developing Information Ready Applications using Smart...Rockwell Automation
 
RA TechED 2019 - SS16 - Security Where and Why do I start
RA TechED 2019 - SS16 - Security Where and Why do I startRA TechED 2019 - SS16 - Security Where and Why do I start
RA TechED 2019 - SS16 - Security Where and Why do I startRockwell Automation
 
RA TechED 2019 - SS14 - Electronic Lockout Tagout Management Systems
RA TechED 2019 - SS14 - Electronic Lockout Tagout Management SystemsRA TechED 2019 - SS14 - Electronic Lockout Tagout Management Systems
RA TechED 2019 - SS14 - Electronic Lockout Tagout Management SystemsRockwell Automation
 

Recommended

RA TechED 2019 - PR03 - Implementation of PlantPAx Systems
RA TechED 2019 - PR03 - Implementation of PlantPAx SystemsRA TechED 2019 - PR03 - Implementation of PlantPAx Systems
RA TechED 2019 - PR03 - Implementation of PlantPAx SystemsRockwell Automation
 
RA TechED - DE10 - Simulation and Optimization of Lines using RAPID, Line Bal...
RA TechED - DE10 - Simulation and Optimization of Lines using RAPID, Line Bal...RA TechED - DE10 - Simulation and Optimization of Lines using RAPID, Line Bal...
RA TechED - DE10 - Simulation and Optimization of Lines using RAPID, Line Bal...Rockwell Automation
 
RA TechED 2019 - PR24 - FactoryTalk Brew Designed to Help Large Brewer's Succeed
RA TechED 2019 - PR24 - FactoryTalk Brew Designed to Help Large Brewer's SucceedRA TechED 2019 - PR24 - FactoryTalk Brew Designed to Help Large Brewer's Succeed
RA TechED 2019 - PR24 - FactoryTalk Brew Designed to Help Large Brewer's SucceedRockwell Automation
 
RA TechED 2019 - SY07- Next-Gen Device Library of Preconfigured Objects
RA TechED 2019 - SY07- Next-Gen Device Library of Preconfigured ObjectsRA TechED 2019 - SY07- Next-Gen Device Library of Preconfigured Objects
RA TechED 2019 - SY07- Next-Gen Device Library of Preconfigured ObjectsRockwell Automation
 
RA TechED 2019 - SY22 - The Future of Software Purchase and Maintenance
RA TechED 2019 - SY22 - The Future of Software Purchase and MaintenanceRA TechED 2019 - SY22 - The Future of Software Purchase and Maintenance
RA TechED 2019 - SY22 - The Future of Software Purchase and MaintenanceRockwell Automation
 
RA TechED 2019 - SY08 - Developing Information Ready Applications using Smart...
RA TechED 2019 - SY08 - Developing Information Ready Applications using Smart...RA TechED 2019 - SY08 - Developing Information Ready Applications using Smart...
RA TechED 2019 - SY08 - Developing Information Ready Applications using Smart...Rockwell Automation
 
RA TechED 2019 - SS16 - Security Where and Why do I start
RA TechED 2019 - SS16 - Security Where and Why do I startRA TechED 2019 - SS16 - Security Where and Why do I start
RA TechED 2019 - SS16 - Security Where and Why do I startRockwell Automation
 
RA TechED 2019 - SS14 - Electronic Lockout Tagout Management Systems
RA TechED 2019 - SS14 - Electronic Lockout Tagout Management SystemsRA TechED 2019 - SS14 - Electronic Lockout Tagout Management Systems
RA TechED 2019 - SS14 - Electronic Lockout Tagout Management SystemsRockwell Automation
 
RA TechED 2019 - SS08 - What's New and Coming Soon in Safety Automation Archi...
RA TechED 2019 - SS08 - What's New and Coming Soon in Safety Automation Archi...RA TechED 2019 - SS08 - What's New and Coming Soon in Safety Automation Archi...
RA TechED 2019 - SS08 - What's New and Coming Soon in Safety Automation Archi...Rockwell Automation
 
RA TechED 2019 - NT03 - Building Converged Plantwide Ethernet Architectures
RA TechED 2019 - NT03 - Building Converged Plantwide Ethernet ArchitecturesRA TechED 2019 - NT03 - Building Converged Plantwide Ethernet Architectures
RA TechED 2019 - NT03 - Building Converged Plantwide Ethernet ArchitecturesRockwell Automation
 
RA TechED 2019 - IN12 Microsoft - Digitalize Your Production to Capitalize on...
RA TechED 2019 - IN12 Microsoft - Digitalize Your Production to Capitalize on...RA TechED 2019 - IN12 Microsoft - Digitalize Your Production to Capitalize on...
RA TechED 2019 - IN12 Microsoft - Digitalize Your Production to Capitalize on...Rockwell Automation
 
RA TechED 2019 - IN10 - What Machine Learning can do for you using FactoryTal...
RA TechED 2019 - IN10 - What Machine Learning can do for you using FactoryTal...RA TechED 2019 - IN10 - What Machine Learning can do for you using FactoryTal...
RA TechED 2019 - IN10 - What Machine Learning can do for you using FactoryTal...Rockwell Automation
 
RA TechED 2019 - IN03 - Develop Analytics That Scale Using FactoryTalk Innova...
RA TechED 2019 - IN03 - Develop Analytics That Scale Using FactoryTalk Innova...RA TechED 2019 - IN03 - Develop Analytics That Scale Using FactoryTalk Innova...
RA TechED 2019 - IN03 - Develop Analytics That Scale Using FactoryTalk Innova...Rockwell Automation
 
RA TechED 2019 - IN02 - Empower Your Connected Enterprise with FactoryTalk In...
RA TechED 2019 - IN02 - Empower Your Connected Enterprise with FactoryTalk In...RA TechED 2019 - IN02 - Empower Your Connected Enterprise with FactoryTalk In...
RA TechED 2019 - IN02 - Empower Your Connected Enterprise with FactoryTalk In...Rockwell Automation
 
RA TechED 2019 - CL05 Reduce Waste with Logixai
RA TechED 2019 - CL05 Reduce Waste with LogixaiRA TechED 2019 - CL05 Reduce Waste with Logixai
RA TechED 2019 - CL05 Reduce Waste with LogixaiRockwell Automation
 
RA TechED 2019 - CL02 - Integrated Architecture System Software What's New
RA TechED 2019 - CL02 - Integrated Architecture System Software What's NewRA TechED 2019 - CL02 - Integrated Architecture System Software What's New
RA TechED 2019 - CL02 - Integrated Architecture System Software What's NewRockwell Automation
 
RA TechED 2019 - CL01 - Integrated Architecture System Hardware - what's new
RA TechED 2019 - CL01 - Integrated Architecture System Hardware - what's newRA TechED 2019 - CL01 - Integrated Architecture System Hardware - what's new
RA TechED 2019 - CL01 - Integrated Architecture System Hardware - what's newRockwell Automation
 
Robert Murphy Driving Value from Smart Manufacturing
Robert Murphy Driving Value from Smart ManufacturingRobert Murphy Driving Value from Smart Manufacturing
Robert Murphy Driving Value from Smart ManufacturingRockwell Automation
 
Exploring the Functionality of the Rockwell Automation® Library of Process Ob...
Exploring the Functionality of the Rockwell Automation® Library of Process Ob...Exploring the Functionality of the Rockwell Automation® Library of Process Ob...
Exploring the Functionality of the Rockwell Automation® Library of Process Ob...Rockwell Automation
 
Designing Machine-level HMI with Studio 5000 View Designer® Demonstration
Designing Machine-level HMI with Studio 5000 View Designer® DemonstrationDesigning Machine-level HMI with Studio 5000 View Designer® Demonstration
Designing Machine-level HMI with Studio 5000 View Designer® DemonstrationRockwell Automation
 
FactoryTalk® AssetCentre: Overview
FactoryTalk® AssetCentre: OverviewFactoryTalk® AssetCentre: Overview
FactoryTalk® AssetCentre: OverviewRockwell Automation
 
Virtual Plant Design with Arena® Simulation
Virtual Plant Design with Arena® SimulationVirtual Plant Design with Arena® Simulation
Virtual Plant Design with Arena® SimulationRockwell Automation
 
Leverage Virtual Design to Build a Better System
Leverage Virtual Design to Build a Better SystemLeverage Virtual Design to Build a Better System
Leverage Virtual Design to Build a Better SystemRockwell Automation
 
ThinManager® Delivering and Managing The Connected Enterprise: Introduction
ThinManager® Delivering and Managing The Connected Enterprise: IntroductionThinManager® Delivering and Managing The Connected Enterprise: Introduction
ThinManager® Delivering and Managing The Connected Enterprise: IntroductionRockwell Automation
 
Studio 5000 Architect®: Introduction and Demostration
Studio 5000 Architect®: Introduction and DemostrationStudio 5000 Architect®: Introduction and Demostration
Studio 5000 Architect®: Introduction and DemostrationRockwell Automation
 
Exploring New Features that Allow for Simulation and Offline Development Oppo...
Exploring New Features that Allow for Simulation and Offline Development Oppo...Exploring New Features that Allow for Simulation and Offline Development Oppo...
Exploring New Features that Allow for Simulation and Offline Development Oppo...Rockwell Automation
 
Project Design Considerations for Integration
Project Design Considerations for IntegrationProject Design Considerations for Integration
Project Design Considerations for IntegrationRockwell Automation
 
Migration Tools to Convert Your Legacy DCS
Migration Tools to Convert Your Legacy DCSMigration Tools to Convert Your Legacy DCS
Migration Tools to Convert Your Legacy DCSRockwell Automation
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidPhilip Schwarz
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 

More Related Content

More from Rockwell Automation

RA TechED 2019 - SS08 - What's New and Coming Soon in Safety Automation Archi...
RA TechED 2019 - SS08 - What's New and Coming Soon in Safety Automation Archi...RA TechED 2019 - SS08 - What's New and Coming Soon in Safety Automation Archi...
RA TechED 2019 - SS08 - What's New and Coming Soon in Safety Automation Archi...Rockwell Automation
 
RA TechED 2019 - NT03 - Building Converged Plantwide Ethernet Architectures
RA TechED 2019 - NT03 - Building Converged Plantwide Ethernet ArchitecturesRA TechED 2019 - NT03 - Building Converged Plantwide Ethernet Architectures
RA TechED 2019 - NT03 - Building Converged Plantwide Ethernet ArchitecturesRockwell Automation
 
RA TechED 2019 - IN12 Microsoft - Digitalize Your Production to Capitalize on...
RA TechED 2019 - IN12 Microsoft - Digitalize Your Production to Capitalize on...RA TechED 2019 - IN12 Microsoft - Digitalize Your Production to Capitalize on...
RA TechED 2019 - IN12 Microsoft - Digitalize Your Production to Capitalize on...Rockwell Automation
 
RA TechED 2019 - IN10 - What Machine Learning can do for you using FactoryTal...
RA TechED 2019 - IN10 - What Machine Learning can do for you using FactoryTal...RA TechED 2019 - IN10 - What Machine Learning can do for you using FactoryTal...
RA TechED 2019 - IN10 - What Machine Learning can do for you using FactoryTal...Rockwell Automation
 
RA TechED 2019 - IN03 - Develop Analytics That Scale Using FactoryTalk Innova...
RA TechED 2019 - IN03 - Develop Analytics That Scale Using FactoryTalk Innova...RA TechED 2019 - IN03 - Develop Analytics That Scale Using FactoryTalk Innova...
RA TechED 2019 - IN03 - Develop Analytics That Scale Using FactoryTalk Innova...Rockwell Automation
 
RA TechED 2019 - IN02 - Empower Your Connected Enterprise with FactoryTalk In...
RA TechED 2019 - IN02 - Empower Your Connected Enterprise with FactoryTalk In...RA TechED 2019 - IN02 - Empower Your Connected Enterprise with FactoryTalk In...
RA TechED 2019 - IN02 - Empower Your Connected Enterprise with FactoryTalk In...Rockwell Automation
 
RA TechED 2019 - CL05 Reduce Waste with Logixai
RA TechED 2019 - CL05 Reduce Waste with LogixaiRA TechED 2019 - CL05 Reduce Waste with Logixai
RA TechED 2019 - CL05 Reduce Waste with LogixaiRockwell Automation
 
RA TechED 2019 - CL02 - Integrated Architecture System Software What's New
RA TechED 2019 - CL02 - Integrated Architecture System Software What's NewRA TechED 2019 - CL02 - Integrated Architecture System Software What's New
RA TechED 2019 - CL02 - Integrated Architecture System Software What's NewRockwell Automation
 
RA TechED 2019 - CL01 - Integrated Architecture System Hardware - what's new
RA TechED 2019 - CL01 - Integrated Architecture System Hardware - what's newRA TechED 2019 - CL01 - Integrated Architecture System Hardware - what's new
RA TechED 2019 - CL01 - Integrated Architecture System Hardware - what's newRockwell Automation
 
Robert Murphy Driving Value from Smart Manufacturing
Robert Murphy Driving Value from Smart ManufacturingRobert Murphy Driving Value from Smart Manufacturing
Robert Murphy Driving Value from Smart ManufacturingRockwell Automation
 
Exploring the Functionality of the Rockwell Automation® Library of Process Ob...
Exploring the Functionality of the Rockwell Automation® Library of Process Ob...Exploring the Functionality of the Rockwell Automation® Library of Process Ob...
Exploring the Functionality of the Rockwell Automation® Library of Process Ob...Rockwell Automation
 
Designing Machine-level HMI with Studio 5000 View Designer® Demonstration
Designing Machine-level HMI with Studio 5000 View Designer® DemonstrationDesigning Machine-level HMI with Studio 5000 View Designer® Demonstration
Designing Machine-level HMI with Studio 5000 View Designer® DemonstrationRockwell Automation
 
FactoryTalk® AssetCentre: Overview
FactoryTalk® AssetCentre: OverviewFactoryTalk® AssetCentre: Overview
FactoryTalk® AssetCentre: OverviewRockwell Automation
 
Virtual Plant Design with Arena® Simulation
Virtual Plant Design with Arena® SimulationVirtual Plant Design with Arena® Simulation
Virtual Plant Design with Arena® SimulationRockwell Automation
 
Leverage Virtual Design to Build a Better System
Leverage Virtual Design to Build a Better SystemLeverage Virtual Design to Build a Better System
Leverage Virtual Design to Build a Better SystemRockwell Automation
 
ThinManager® Delivering and Managing The Connected Enterprise: Introduction
ThinManager® Delivering and Managing The Connected Enterprise: IntroductionThinManager® Delivering and Managing The Connected Enterprise: Introduction
ThinManager® Delivering and Managing The Connected Enterprise: IntroductionRockwell Automation
 
Studio 5000 Architect®: Introduction and Demostration
Studio 5000 Architect®: Introduction and DemostrationStudio 5000 Architect®: Introduction and Demostration
Studio 5000 Architect®: Introduction and DemostrationRockwell Automation
 
Exploring New Features that Allow for Simulation and Offline Development Oppo...
Exploring New Features that Allow for Simulation and Offline Development Oppo...Exploring New Features that Allow for Simulation and Offline Development Oppo...
Exploring New Features that Allow for Simulation and Offline Development Oppo...Rockwell Automation
 
Project Design Considerations for Integration
Project Design Considerations for IntegrationProject Design Considerations for Integration
Project Design Considerations for IntegrationRockwell Automation
 
Migration Tools to Convert Your Legacy DCS
Migration Tools to Convert Your Legacy DCSMigration Tools to Convert Your Legacy DCS
Migration Tools to Convert Your Legacy DCSRockwell Automation
 

More from Rockwell Automation (20)

RA TechED 2019 - SS08 - What's New and Coming Soon in Safety Automation Archi...
RA TechED 2019 - SS08 - What's New and Coming Soon in Safety Automation Archi...RA TechED 2019 - SS08 - What's New and Coming Soon in Safety Automation Archi...
RA TechED 2019 - SS08 - What's New and Coming Soon in Safety Automation Archi...
 
RA TechED 2019 - NT03 - Building Converged Plantwide Ethernet Architectures
RA TechED 2019 - NT03 - Building Converged Plantwide Ethernet ArchitecturesRA TechED 2019 - NT03 - Building Converged Plantwide Ethernet Architectures
RA TechED 2019 - NT03 - Building Converged Plantwide Ethernet Architectures
 
RA TechED 2019 - IN12 Microsoft - Digitalize Your Production to Capitalize on...
RA TechED 2019 - IN12 Microsoft - Digitalize Your Production to Capitalize on...RA TechED 2019 - IN12 Microsoft - Digitalize Your Production to Capitalize on...
RA TechED 2019 - IN12 Microsoft - Digitalize Your Production to Capitalize on...
 
RA TechED 2019 - IN10 - What Machine Learning can do for you using FactoryTal...
RA TechED 2019 - IN10 - What Machine Learning can do for you using FactoryTal...RA TechED 2019 - IN10 - What Machine Learning can do for you using FactoryTal...
RA TechED 2019 - IN10 - What Machine Learning can do for you using FactoryTal...
 
RA TechED 2019 - IN03 - Develop Analytics That Scale Using FactoryTalk Innova...
RA TechED 2019 - IN03 - Develop Analytics That Scale Using FactoryTalk Innova...RA TechED 2019 - IN03 - Develop Analytics That Scale Using FactoryTalk Innova...
RA TechED 2019 - IN03 - Develop Analytics That Scale Using FactoryTalk Innova...
 
RA TechED 2019 - IN02 - Empower Your Connected Enterprise with FactoryTalk In...
RA TechED 2019 - IN02 - Empower Your Connected Enterprise with FactoryTalk In...RA TechED 2019 - IN02 - Empower Your Connected Enterprise with FactoryTalk In...
RA TechED 2019 - IN02 - Empower Your Connected Enterprise with FactoryTalk In...
 
RA TechED 2019 - CL05 Reduce Waste with Logixai
RA TechED 2019 - CL05 Reduce Waste with LogixaiRA TechED 2019 - CL05 Reduce Waste with Logixai
RA TechED 2019 - CL05 Reduce Waste with Logixai
 
RA TechED 2019 - CL02 - Integrated Architecture System Software What's New
RA TechED 2019 - CL02 - Integrated Architecture System Software What's NewRA TechED 2019 - CL02 - Integrated Architecture System Software What's New
RA TechED 2019 - CL02 - Integrated Architecture System Software What's New
 
RA TechED 2019 - CL01 - Integrated Architecture System Hardware - what's new
RA TechED 2019 - CL01 - Integrated Architecture System Hardware - what's newRA TechED 2019 - CL01 - Integrated Architecture System Hardware - what's new
RA TechED 2019 - CL01 - Integrated Architecture System Hardware - what's new
 
Robert Murphy Driving Value from Smart Manufacturing
Robert Murphy Driving Value from Smart ManufacturingRobert Murphy Driving Value from Smart Manufacturing
Robert Murphy Driving Value from Smart Manufacturing
 
Exploring the Functionality of the Rockwell Automation® Library of Process Ob...
Exploring the Functionality of the Rockwell Automation® Library of Process Ob...Exploring the Functionality of the Rockwell Automation® Library of Process Ob...
Exploring the Functionality of the Rockwell Automation® Library of Process Ob...
 
Designing Machine-level HMI with Studio 5000 View Designer® Demonstration
Designing Machine-level HMI with Studio 5000 View Designer® DemonstrationDesigning Machine-level HMI with Studio 5000 View Designer® Demonstration
Designing Machine-level HMI with Studio 5000 View Designer® Demonstration
 
FactoryTalk® AssetCentre: Overview
FactoryTalk® AssetCentre: OverviewFactoryTalk® AssetCentre: Overview
FactoryTalk® AssetCentre: Overview
 
Virtual Plant Design with Arena® Simulation
Virtual Plant Design with Arena® SimulationVirtual Plant Design with Arena® Simulation
Virtual Plant Design with Arena® Simulation
 
Leverage Virtual Design to Build a Better System
Leverage Virtual Design to Build a Better SystemLeverage Virtual Design to Build a Better System
Leverage Virtual Design to Build a Better System
 
ThinManager® Delivering and Managing The Connected Enterprise: Introduction
ThinManager® Delivering and Managing The Connected Enterprise: IntroductionThinManager® Delivering and Managing The Connected Enterprise: Introduction
ThinManager® Delivering and Managing The Connected Enterprise: Introduction
 
Studio 5000 Architect®: Introduction and Demostration
Studio 5000 Architect®: Introduction and DemostrationStudio 5000 Architect®: Introduction and Demostration
Studio 5000 Architect®: Introduction and Demostration
 
Exploring New Features that Allow for Simulation and Offline Development Oppo...
Exploring New Features that Allow for Simulation and Offline Development Oppo...Exploring New Features that Allow for Simulation and Offline Development Oppo...
Exploring New Features that Allow for Simulation and Offline Development Oppo...
 
Project Design Considerations for Integration
Project Design Considerations for IntegrationProject Design Considerations for Integration
Project Design Considerations for Integration
 
Migration Tools to Convert Your Legacy DCS
Migration Tools to Convert Your Legacy DCSMigration Tools to Convert Your Legacy DCS
Migration Tools to Convert Your Legacy DCS
 

Recently uploaded

Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidPhilip Schwarz
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionSolGuruz
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...OnePlan Solutions
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
VTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnVTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnAmarnathKambale
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️Delhi Call girls
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfkalichargn70th171
 
8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech studentsHimanshiGarg82
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerThousandEyes
 
10 Trends Likely to Shape Enterprise Technology in 2024
10 Trends Likely to Shape Enterprise Technology in 202410 Trends Likely to Shape Enterprise Technology in 2024
10 Trends Likely to Shape Enterprise Technology in 2024Mind IT Systems
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...Health
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsAndolasoft Inc
 
Define the academic and professional writing..pdf
Define the academic and professional writing..pdfDefine the academic and professional writing..pdf
Define the academic and professional writing..pdfPearlKirahMaeRagusta1
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsJhone kinadey
 

Recently uploaded (20)

Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with Precision
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
VTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnVTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learn
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
10 Trends Likely to Shape Enterprise Technology in 2024
10 Trends Likely to Shape Enterprise Technology in 202410 Trends Likely to Shape Enterprise Technology in 2024
10 Trends Likely to Shape Enterprise Technology in 2024
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
Define the academic and professional writing..pdf
Define the academic and professional writing..pdfDefine the academic and professional writing..pdf
Define the academic and professional writing..pdf
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 

Logix Security for Machine Builders and End Users

  • 1. PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 1Rockwell Automation TechED 2017 @ROKTechED #ROKTechED
  • 2. Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 2Rockwell Automation TechED 2017 @ROKTechED #ROKTechED PUBLIC Logix Security for Machine Builders and End Users
  • 3. PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 3Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Agenda Tamper Protection License Protection FactoryTalk® Security Source Protection Security Overview
  • 4. PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 4Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Secure Automation Environment Network hardware that provides the foundation of a secure environment Who, what, where and when… access is allowed to an application or device Tamper ProtectionInfrastructure Authentication & Policy Management Detecting and recording unwanted activity and modifications to the application Content Protection Protecting the viewing, editing, and use of specific pieces of control system content Mitigate enterprise risk & monetize intellectual property
  • 5. PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 5Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Studio 5000 Logix Designer® Content Protection History Password Source Protection License Source and Execution Version 8 Version 30Version 20
  • 6. PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 6Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Summary of the Options – Before V30 Tags AOI’s Routines Modules More… Wide range of user permissions applied to vast range of objects. Source Protection User Permissions Applied to AOI’s and Routines: Protect, Edit, Copy, Export, View Password/ Source Key Legacy Protection
  • 7. PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 7Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Source Execution* Summary of the Options – V30 Source Protection User Permissions Applied to AOI’s and Routines: Protect, Edit, Copy, Export, View Tags AOI’s Routines Modules More… Wide range of user permissions applied to vast range of objects Password / Source Key Legacy Protection License New!! – Hardened Security Protection *Supported by ControlLogix® 5580, CompactLogix™ 5480, CompactLogix 5380 controllers
  • 8. PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 8Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Password Source Protection Simple Control of Who Accesses Content Some control over who accesses content, but chief concern is simplicity USE CASE SOLUTION REQUIRES USER TYPE User 1 User 2 User 3 CUSTOMERS WITH FEW USERSStudio 5000 Logix Designer® Password Source Protection LEVEL OF SECURITYMODERATE HIGHEST
  • 9. PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 9Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Password Source Protection ASSIGN A PASSWORD TO ANY ROUTINE OR ADD-ON INSTRUCTION
  • 10. PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 10Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Demo Source Protection
  • 11. PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 11Rockwell Automation TechED 2017 @ROKTechED #ROKTechED LEVEL OF SECURITYMODERATE HIGHEST FactoryTalk® Security Flexible, Manageable Policies for Content Flexible, manageable policies for who can access my content USE CASE SOLUTION REQUIRES USER TYPE Operator RESTRICTED ACCESS Engineer CONTROLLED ACCESS Developer FULL ACCESS END USERS
  • 12. PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 12Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Directory FactoryTalk® Security • Authenticate the User • Authorize Use of Applications • Authorize Access to Specific Devices FACTORYTALK SECURITY ENABLED SOFTWARE EXAMPLES Enterprise
  • 13. PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 13Rockwell Automation TechED 2017 @ROKTechED #ROKTechED  Secure a project file with a Permission Set to use the same policies for many controllers Permission Sets for Securing Projects
  • 14. PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 14Rockwell Automation TechED 2017 @ROKTechED #ROKTechED  Apply Permission Sets to Routines, AOIs and Tags to have different policies for different components Permission Sets for Securing Routines, AOIs and Tags
  • 15. PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 15Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Guest User Access  With Guest Users, grant limited permissions to users who aren’t members of your FactoryTalk® Directory
  • 16. PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 16Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Secondary Security Authority  Guest Users can further limit access to a project file with a Secondary Security Authority
  • 17. PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 17Rockwell Automation TechED 2017 @ROKTechED #ROKTechED FactoryTalk® Temporary Users  Use FactoryTalk Temporary Users to temporarily give someone access to privileges of a different user group
  • 18. PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 18Rockwell Automation TechED 2017 @ROKTechED #ROKTechED FactoryTalk® Security Machine Builder Environment Machine builder FactoryTalk directory VPN FIELD ENGINEER LAPTOP END USER’S MACHINE NETWORK Project file secured by machine builder Controller secured by machine builder Machine builder Active Directory MACHINE BUILDER’S NETWORK
  • 19. PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 19Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Demo FactoryTalk Security
  • 20. PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 20Rockwell Automation TechED 2017 @ROKTechED #ROKTechED LEVEL OF SECURITYMODERATE HIGHEST License Source & Execution Protection Secure Hardened IP Protection of Content Most secure protection possible for intellectual property. USE CASE SOLUTION REQUIRES USER TYPE Activated Secure Device Subscription to License Portal OEMS HIGHLY SENSITIVE IP END USERS THEFT OF CONTENT IS CONCERN License Source and Execution
  • 21. PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 21Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Content License Protection Robust protection of Intellectual Property END USER RESTRICTED ACCESS MAINTENANCE ENGINEER CONTROLLED ACCESS • Can Diagnose / Modify unprotected parts of the program • Add new content as needed • Force IO, modify a signal, replace/add devices, manage performance data, etc • Uptime! Less support needed • Easily Edit and Deploy IP protected content • Can still use FT Security (V28+) for additional control / access regulation • Multiple IP Owners in one system • Retains Access to Unprotected Content DEVELOPER FULL ACCESS
  • 22. PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 22Rockwell Automation TechED 2017 @ROKTechED #ROKTechED WORKING TOGETHER CONTENT PROTECTION CAN EXIST TOGETHER LIKE MULTIPLE DIFFERENT LOCKS ON A DOOR Password Source Protection License Source and Execution Protection
  • 23. PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 23Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Demo FactoryTalk Security
  • 24. PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 24Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Which Do I Choose? USE CASE SECURITY OPTION I want limited control over who accesses my content, but my chief concern is simplicity I want flexible, manageable policies for who can access my content I want the most secure protection possible for my content I want to control the use of my content Password Source Protection License Source Protection License Execution Protection
  • 25. PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 25Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Logix 5580 & 5380 – Controller MSG to SELF User configurable functionality for an additional layer of security  Programmatic ability enable/disable via Message to “SELF”  Configurable “Masking” of Scrolled Fields 4-Char LCD  Knowledgebase article KB869648  Embedded Web Page Disable/Enable  Knowledgebase article KB869649, KB869651  Embedded Ethernet port Disable/Enable  Knowledgebase article KB869650, KB869652
  • 26. PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 26Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Logix 5580 & 5380 4-Char LCD User configurable “Masking” for an additional layer of security  Normal Scrolling Messages on the LCD Display:  1.) Controller Name - ( )  2.) Link Status - ( )  3.) Port Status - ( )  Configurable “Masking” of Scrolled Fields with a MSG to SELF  Default (All shown)  Controller Name and Link Status (only)  Port & IP Address (only)  Completely OFF Knowledgebase article KB869648
  • 27. PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 27Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Logix 5580 & 5380 Embedded Web Page User configurable Disable/Enable for an additional layer of security  Configurable Disable/Enable of Controller Embedded Web Page Knowledge Base article KB869649, KB869651
  • 28. PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 28Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Logix 5580 & 5380 Embedded Ethernet Port User configurable Enable/Disable for an additional layer of security  Configurable Disable/Enable of Controller Ethernet Port Knowledgebase article KB869650, KB869652
  • 29. PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 29Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Component Change Detection Determine if the state of key components in a program have changed (5570)  Quickly determine if changes were made to a program offline.  New Tracking Group setting enables the tracking of changes on a granular basis for tags, I/O modules, and routines within a program.  In the event that changes are made to components within a “Tracked Group”, the group signature will change.  Tracked State Value can be accessed from the Security Tab in the Controller Properties  List of items tracked is located on the View Components page
  • 30. PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 30Rockwell Automation TechED 2017 @ROKTechED #ROKTechED  Detailed log files created and stored to the SD Card  As detailed as the records that Logix Designer currently sends to AssetCentre  The Controller “cryptographically” signs the log files that are written to the SD card, as well as verify the authenticity of those log files. Controller Based Audit Log Updates to the Controller Logs (5570)
  • 31. PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 31Rockwell Automation TechED 2017 @ROKTechED #ROKTechED Please take a moment to complete the brief session survey on our mobile app and let us know how we’re doing! Username: Last name Password: Email address used to register  Locate the session in the “Schedule” icon  Click on the “Survey” icon in the lower right corner of the session details  Complete survey & submit  Download the ROKTechED app and login: Thank you! Complete A Survey
  • 32. www.rockwellautomation.com Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 32Rockwell Automation TechED 2017 @ROKTechED #ROKTechED PUBLIC Thank you

Editor's Notes

  1. Use Case: Some control over who accesses content, but chief concern is simplicity Solution: Password Based – Source Protection Requires: Only Logix Designer Ideal: Customers with few users
  2. Use Case: I want flexible, manageable policies for who can access my content Solution: FactoryTalk Security Requires: Central Server. Similar to Windows Domain functionality. Can also restrict users not part of FactoryTalk Security. Ideal: OEM’s with many users with different permissions Mid to Large end customers with many users with different permissions
  3. Provides a centralized authority to verify identity of each user and grants or deny user's requests to perform a particular set of actions on resources within the system.
  4. Normally when securing a controller’s project file, a Logical Name is created in the FactoryTalk Directory with the same name as the controller. This means that every time a new controller is secured, a new object is created in the factorytalk directory, and the security admin must do something with this logical name to ensure it has the correct security policies applied – put it in a particular Application or Area, or set its permissions directly. This works OK in end user situations, but not well for machine builders. Now, the security administration will create permission sets for large categories of controllers – based on product line, protection level, etc. – and when the product develop secures a project file, he’ll simply select the appropriate permission set to use. The directory does not get modified whether 1 or 1,000 controllers are secured with this permission set.
  5. Before V28, when a controller was secured, when policies were established for routines, AOIs or tags, the same policies were used for all routines, AOIs or tags in the entire project. In V28, permission sets can be applied to individual Routines, AOIs and Tags, meaning that different Routines, AOIs and Tags can have different policies. Additionally, new actions were added to allow control over the viewing of Routines or AOIs. Technicians can edit Routine1, view Routine2, but has not access to Routine3 for example. For Tags, these permissions only control access within Logix Designer, not access from something like an HMI. This should be used in conjunction with External Access and Constant attributes.
  6. Often, a machine builder wants to control access to a project file, but still give their end customer some level of access. With Guest Users, this is possible. The machine builder will give the desired level of access to the pre-defined group called Guest Users. Then, any user who is log logged into the machine builder’s FactoryTalk directory will get the access given to Guest Users. To use this function, the “Require Matching Security Authority ID for Authentication and Authorization” checkbox must be selected when securing the project file.
  7. If the End User in the previous scenario wants to further limit access to the project file, they can specify a Secondary Security Authority. So, if the Machine Builder specified that Guest Users are permitted to go online, but the end user wants to restrict this to only a particular set of users, they’ll use a Secondary Security Authority. The Secondary Security Authority can only allow or deny things permitted to Guest Users – it can not allow actions that have been denied to Guest Users. The FacotryTalk Directory used as the Secondary Security Authority must have the Permission Sets and/or logical name used in the project file.
  8. A special account that can use temporary passwords is created ahead of time. Privileges are assigned to this account like any other account. As part of defining the account, the admin specifies how long the temporary passwords work, and what groups of users are permitted to generate them. A challenge response process is ued for getting a temporary password. Allows password to be created with only phone communication between the requestor and grantor. The requestor must be a member of the directory in order to request and validate the password.
  9. Use Case: I want the most secure protection possible for my intellectual property. Concern over external and internal theft of IP. Solution: Licensed Based Source Protection Requires: Activated Secure Device and Subscription to License Portal Ideal: OEM’s who have highly sensitive IP End-Users in heavily regulated industries where theft or modification of content is a concern
  10. Content Protection can exist together like multiple different locks on a door - complimentary FactoryTalk Security Password Source Protection License Source/Execution Protection Logix Projects can have all three variations of protection BUT you should select the right level of protection to meet your needs (see next slide) Both License and Password cannot exist on the same routine or AOI
  11. License source need USB and server ….and execution protection needs SD card with controller
  12. Programmatic ability enable/disable via Message to “SELF” Configurable “Masking” of Scrolled Fields 4-Char LCD Knowledge Base article KB869648 Embedded Web Page Disable/Enable Knowledge Base article KB869649, KB869651 Embedded EtherNet port Disable/Enable Knowledge Base article KB869650, KB869652
  13. The 5580 and 5380 series of controllers has a new capability to provide a user configurable masking of certain lines that come across the 4-Char LCD Display on the front of the controller to provide another layer of security. Normal Operation of the LCD Display is as follows when scrolling: 1.) Controller Name (Processor_Name) 2.) Link Status (i.e. Link 1 - Down) 3.) Port Status (Port A - 192.168.1.1) This ability to provide a user configurable masking of the display via a MSG to SELF. This MSG to Self is a way that a controller can send a configuration message to itself to customize your controller display and add that additional layer of security for your application. -------------------------------------------------------------------------------------------------------------  Line_MASK Decimal value: (i.e. a Source Element in a Message to SELF) When 0 is set, default all on lines are shown When 1 is set, the only thing shown is the IP Address (i.e. item 3 above) When 2 is set, only Controller Name and Link Status are shown (1 & 2 above) When 3 is set, (it also blanks the LCD most likely due to the bit pattern of both bits 0 and 1 being set at the same time)   NOTE: When you cycle power the default operation is NOT restored. A download or reset message (i.e default values above) are needed to restore the default operation upon a memory dump, it will clear out the MSG and settings that have the LCD blanked and the LCD will work again
  14. The 5580 and 5380 series of controllers has a new capability to provide a user configurable disable/enable for the embedded web page of the controller to provide another layer of security. Default for the webpage is enabled so there is nothing that you have to do in order to view the page. However, if you desire to disable the web page a simple MSG to Self with the details called out in the Knowbase document can guide you through how to disable and then also enable it as well. When disabled the browser will display the standards cannot find web page message that the browser uses to alert that the page cannot be reached. NOTE: When you cycle power the default operation is NOT restored. A download or reset message (i.e default values above) are needed to restore the default operation Upon a memory dump, it will clear out the MSG and settings that have the Embedded Web Page enabled again.
  15. The 5580 and 5380 series of controllers has a new capability to provide a user configurable disable/enable for the EtherNet port of the controller to provide another layer of security. Default for the EtherNet port is enabled so there is nothing that you have to do in order to utilize the port out of the box. However, if you desire to disable the EtherNet Port a simple MSG to Self with the details called out in the Knowbase document can guide you through how to disable and then also enable it as well. NOTE: When you cycle power the default operation is NOT restored. A download or reset message (i.e default values above) are needed to restore the default operation Upon a memory dump, it will clear out the MSG and settings that have the EtherNet port will be enabled again.
  16. All Language Editors support tracked group All the properties in the routine will be part of the signature except the description, metadata, tag values, and the radix. Major Components of each editor as follows Ladder - Neutral Text Function Block - Sheet Number and FBD Elements Structured Text – Line Number and Neutral Text SFC- Steps, Actions, Transitions, Branches, SBR/RET, Stops and Links Changes to AOI’s or UDT’s associated as part of a tracked routine will be included as part of the signature. Program and Task properties of a tracked routine are part of the signature When an IO module is tracked configuration data becomes part of the signature Communication modules will need to be tracked if communicating with tracked remote modules Tags that are tracked need to be designated constant tags The value of the constant tags will be monitored and any change in value will change the signature Multiple tracked groups is deferred functionality
  17. Logs are stored on the SD Card not the controller memory