Security
Security
Ray VerhoeffVice President – Engineering
Security
Agenda
• Operating System Security
• PI Server Security
• PI Clients
• Auditing
• “Best Practices” White Paper
Security
Motivation
• Widely held misconceptions
• Pharmaceutical Industry audits
Security
What do these have in common?
• Complete Works of Shakespeare
• The Bible
• California Tax Code
• Tao Te Ching
• 21CFR11
Security
Answers…
• None are clear or specific
• Subject to interpretation
• Have inspired great minds to debate the issues for hours
• Commentaries now outweigh the original document
Security
21CFR11
• Electronic Records
• “Code of Federal Regulations”• Not Law• Not Standard
• Subject to interpretation
• Details will be shaped by FDA rulings
Security
Examples
• Electronic Signature
• Human Readable
Security
21CFR11 Tug-of-War
• Users want software to handle everything
• Vendors push for Standard Operating Procedures (SOP)
Security
Misconceptions
• PI files are installed “Everyone/Full Control”
• piadmin/pidemo have no password
• No login prompt when on Server console
• “PI does not support Windows integrated login”
Security
PI Installation
• “Setup” is a starting point
• Site must configure PI for its own environment
Security
Physical Security
• This means locking the computer room
• Access to the hardware can always compromise security• Reboot• Power off• Pull network wire
Security
Operating System Security
• Groups, Users & Passwords• control access to privileged accounts
• File Permissions
• Auditing
Security
Usernames & Passwords
• Domain users• Independently validated by Domain
Controller
• Passwords:• Lifetime: min & max• Length• History• Complexity
Security
Windows Auditing
• You can track just about any operation• Login/Logout• File Operations
• creation• deletion• execution• change permissions/take ownership• “Traverse Folder”
Security
Windows Event Log
• All audit messages go here• Security group
• Do not configure “Overwrite as Needed”• Loss of audit trail• SOP must be in place:
• backup audit trail• manually purge
Security
File Permissions
• PI Server will run with D:\PI set to:• Local Administrators/Full Control• Everyone else/Nothing
Security
Standard Operating Procedures
• Control access to Domain Administrator account
• No auto-login• Don’t expose PI directory as File
Share• You may expose the PI backup
directory• read-only
Security
PI Server Security
• PI Firewall• restrict access to your IP domain
• PI Trust• don’t map to “piadmin”
• PI Users and Groups
Security
Connecting to PI
• PI API vs. PI SDK
• Connecting vs. Logging In
• The Default User
Security
The Default User
• no name, can’t assign one
• no group, can’t assign one
• gets “world” access• Disable this in PI 3.3 SR2• if disabled, PI Server appears empty
• Degrade to this if you attempt a login and fail!
Security
Windows Integrated Login
• “Login to Windows = Login to PI”
• You still need to:• Control which Windows users are PI
users• Assign ownership and permissions of PI
points, etc.
Security
PI Trust
• Strong start with PI Trust table• Supports Windows domain membership
as well as TCP/IP credentials
• “Domain,User,PIuser” as “OSI,$,$” is powerful
• PI ICE uses this exclusively
Security
PI Client User Experience
• PI API clients attempt a login• Gives perception that PI does not support
Windows login
• PI SDK clients attempt a trust lookup• If trust is Domain-based, you have
integration
Security
PI SDK Clients
• PI Point Builder
• PI Tag Configurator
• PI Auto Point Sync
• PI ICE 1.0
• PI ProcessBook 3.0
• PI Datalink 3.0
Security
21CFR11 Audit Requirements
• Record Windows username of editor
• Contents are unreadable
• Contents cannot be tampered with
• Maintained outside primary data store
Security
PI Audit Requirements
• Cannot detract from the primary function of the PI Server
• To support this:• Audit trail cannot be read on-line• PI does not process or format the trail
• pidiag -xa
• PI Audit Viewer
Security
PI Audit Viewer – Edit
Security
PI Audit Viewer – Detail
Security
PI Audit Database additions
• PI Batch database auditing
• PI Module Database auditing
Security
PI Audit Database futures
• Auditing of new events for specific points• Workaround: code using “replace” mode
when inserting data
Security
Best Practices White Paper
• Gives details of Windows and PI configuration• Many thanks to OSIsoft Field Service
• Supplements “PI in Compliance”
Security
Questions?
ASSIGN CONTEXT
ANALYZE
DISTRIBUTE
VISUALIZE
ACT
GATHER EVENTS & DATA Data Collection from Inside and Outside the Corporation
Make the data relevant to users
Aggregation, Analysis, Reconciliation, Calculation, Cases
Get the Information to people who need it
People Need Pictures, Graphs, Trends specific to their Role
Without Action, there is no Benefit. Empowered people take better Actions!