Security

Security

Ray VerhoeffVice President – Engineering

Security

Agenda

• Operating System Security

• PI Server Security

• PI Clients

• Auditing

• “Best Practices” White Paper

Security

Motivation

• Widely held misconceptions

• Pharmaceutical Industry audits

Security

What do these have in common?

• Complete Works of Shakespeare

• The Bible

• California Tax Code

• Tao Te Ching

• 21CFR11

Security

Answers…

• None are clear or specific

• Subject to interpretation

• Have inspired great minds to debate the issues for hours

• Commentaries now outweigh the original document

Security

21CFR11

• Electronic Records

• “Code of Federal Regulations”• Not Law• Not Standard

• Subject to interpretation

• Details will be shaped by FDA rulings

Security

Examples

• Electronic Signature

• Human Readable

Security

21CFR11 Tug-of-War

• Users want software to handle everything

• Vendors push for Standard Operating Procedures (SOP)

Security

Misconceptions

• PI files are installed “Everyone/Full Control”

• piadmin/pidemo have no password

• No login prompt when on Server console

• “PI does not support Windows integrated login”

Security

PI Installation

• “Setup” is a starting point

• Site must configure PI for its own environment

Security

Physical Security

• This means locking the computer room

• Access to the hardware can always compromise security• Reboot• Power off• Pull network wire

Security

Operating System Security

• Groups, Users & Passwords• control access to privileged accounts

• File Permissions

• Auditing

Security

Usernames & Passwords

• Domain users• Independently validated by Domain

Controller

• Passwords:• Lifetime: min & max• Length• History• Complexity

Security

Windows Auditing

• You can track just about any operation• Login/Logout• File Operations

• creation• deletion• execution• change permissions/take ownership• “Traverse Folder”

Security

Windows Event Log

• All audit messages go here• Security group

• Do not configure “Overwrite as Needed”• Loss of audit trail• SOP must be in place:

• backup audit trail• manually purge

Security

File Permissions

• PI Server will run with D:\PI set to:• Local Administrators/Full Control• Everyone else/Nothing

Security

Standard Operating Procedures

• Control access to Domain Administrator account

• No auto-login• Don’t expose PI directory as File

Share• You may expose the PI backup

directory• read-only

Security

PI Server Security

• PI Firewall• restrict access to your IP domain

• PI Trust• don’t map to “piadmin”

• PI Users and Groups

Security

Connecting to PI

• PI API vs. PI SDK

• Connecting vs. Logging In

• The Default User

Security

The Default User

• no name, can’t assign one

• no group, can’t assign one

• gets “world” access• Disable this in PI 3.3 SR2• if disabled, PI Server appears empty

• Degrade to this if you attempt a login and fail!

Security

Windows Integrated Login

• “Login to Windows = Login to PI”

• You still need to:• Control which Windows users are PI

users• Assign ownership and permissions of PI

points, etc.

Security

PI Trust

• Strong start with PI Trust table• Supports Windows domain membership

as well as TCP/IP credentials

• “Domain,User,PIuser” as “OSI,$,$” is powerful

• PI ICE uses this exclusively

Security

PI Client User Experience

• PI API clients attempt a login• Gives perception that PI does not support

Windows login

• PI SDK clients attempt a trust lookup• If trust is Domain-based, you have

integration

Security

PI SDK Clients

• PI Point Builder

• PI Tag Configurator

• PI Auto Point Sync

• PI ICE 1.0

• PI ProcessBook 3.0

• PI Datalink 3.0

Security

21CFR11 Audit Requirements

• Record Windows username of editor

• Contents are unreadable

• Contents cannot be tampered with

• Maintained outside primary data store

Security

PI Audit Requirements

• Cannot detract from the primary function of the PI Server

• To support this:• Audit trail cannot be read on-line• PI does not process or format the trail

• pidiag -xa

• PI Audit Viewer

Security

PI Audit Viewer – Edit

Security

PI Audit Viewer – Detail

Security

PI Audit Database additions

• PI Batch database auditing

• PI Module Database auditing

Security

PI Audit Database futures

• Auditing of new events for specific points• Workaround: code using “replace” mode

when inserting data

Security

Best Practices White Paper

• Gives details of Windows and PI configuration• Many thanks to OSIsoft Field Service

• Supplements “PI in Compliance”

Security

Questions?

ASSIGN CONTEXT

ANALYZE

DISTRIBUTE

VISUALIZE

ACT

GATHER EVENTS & DATA Data Collection from Inside and Outside the Corporation

Make the data relevant to users

Aggregation, Analysis, Reconciliation, Calculation, Cases

Get the Information to people who need it

People Need Pictures, Graphs, Trends specific to their Role

Without Action, there is no Benefit. Empowered people take better Actions!