Security module manages user authentication, authorization, and access control.
Modules → Security | Tutorial | How-to Guide | Reference
Security Module Overview
It manages user authentication, authorization, and access control for both engineering and runtime environments, ensuring compliance with FDA 21 CFR Part 11 and other regulatory requirements.
Key Concepts
- *Users*: Individuals accessing the solution in Designer (engineering) or runtime (displays)
- *Permissions*: Access levels determining what users can view, modify, or execute
- *Policies*: Requirements for user identification, passwords, and session control
- *RuntimeUsers*: Dynamic users managed in external databases or authentication servers
- *Permission Groups*: Collections of users sharing common permission sets
What It Does
- Manages user authentication and authorization
- Controls access to engineering and runtime components
- Enforces password policies and session management
- Integrates with Active Directory and LDAP
- Maintains audit trails for compliance
- Supports electronic signatures
- Enables dynamic runtime user creation
Configuration Workflow
Security Module Configuration Workflow | ||
|---|---|---|
Step | Action | Description |
Define Groups | Create user groups | Set permission levels for each group |
Create Users | Add user accounts | Assign users to groups and set individual permissions |
Configure Policies | Set security rules | Define password requirements and session controls |
Setup External Auth | Configure AD/LDAP | Connect to enterprise authentication systems |
Define RuntimeUsers | Configure database | Setup encrypted SQL storage for dynamic users |
Runtime Behavior
Authentication
Users authenticate through local credentials, Active Directory, LDAP, or external databases. Session policies control timeout, concurrent logins, and automatic logoff.
Authorization
Permissions are evaluated at multiple levels:
- Global solution access
- Module-specific operations
- Display and object visibility
- Runtime actions and commands
Audit Trail
All security events are logged including logins, permission changes, and critical operations for compliance tracking.
Features Highlights
- *Group-Based Permissions* - Define access levels by user groups
- *Active Directory/LDAP Integration* - Enterprise authentication support
- *Runtime User Management* - Create/modify users without project changes
- *FDA 21 CFR Part 11 Compliance* - Electronic signatures and audit trails
- *NERC-CIP Support* - Critical infrastructure protection features
- *Multi-Level Security* - Global, module, display, and object-level permissions
- *Session Management* - Timeout, concurrent login, and auto-logoff policies
- *Encrypted Storage* - Secure credential storage in SQL databases
- *E-Signatures* - Electronic signature requirements for critical operations
- *.NET Security Framework* - Built on managed code security guidelines
- *Third-Party Integration* - Connect to external authentication systems
Security Module LinksExplanation - to understand concepts→ Modules / User Interactions / Security Module Tutorials - to learn by doing→ Tutorials / User Interactions / Security Module Tutorial How-to Guides - to accomplish specific tasks→ How-to Guides / User Interactions / Security Module How-to Guide Reference - technical details→ Technical Reference / User Interactions / Security Module Reference |