Through the use of locks and keys, the DeltaV system provides security mechanisms at both the parameter and fields level and at the function level. At the parameter and fields level, the DeltaV system allows you to control which users can write to specific parameters and parameter fields in the run-time information. At the function level, the DeltaV system allows you to control which users can perform certain functions.
The DeltaV User Manager application provides an interface to the five essential components of security:
In the DeltaV system, locks prevent users from changing the parameters and parameter fields assigned to the lock and prevent users from performing certain functions.
Locks for parameters are assigned to parameter names rather than to specific instances of parameters. In other words, a lock on HI_LIM applies to all instances of parameters named HI_LIM. To lock a specific instance of a parameter, you must create a unique name for that parameter, such as HI_LIM1.
Locks and keys assigned at the field level override those on the parameter itself. This means that specific parameter fields can be open to a large number of users while the parameter as a whole remains generally restricted.
Note Because security settings on fields have precedence over parameter security settings, you must be very careful when defining access to fields. For example, if access to GAIN is restricted, but access to the CV field has been defined as less restricted, users with the less restrictive access will be able to change the GAIN parameter.
When users make write requests to a specific parameter field, the system checks for a lock on the field. If there is no lock, the system checks for a lock on the parameter itself. When there is no lock on the parameter, the default lock is used. Users can write to the field of the parameter only when they have a key corresponding to the lock. Additionally, the workstation properties can restrict parameter writes by area. That is, the parameter can only be written to if the user has the key for the area and that area is assigned to the current workstation.
Locks are also assigned to various user functions such as downloading, uploading, changing the configuration database and so on. Functions are assigned to default locks initially. You can change the lock associated with a function.
Security is located under the setup component in the Explorer hierarchy. Assign locks to parameters and parameter fields through the Parameter Security and Field Security properties under the Security section. Assign locks to functions through the Function Security properties under the Security section. You can also assign a default lock (keep in mind that many users might have a key to this lock). When you do not assign a lock to a parameter or field, the default lock applies.
If you want to remove all security from a parameter, the lock specified for that parameter must be assigned to all users. For example:
The result is that all DeltaV users get the "Everyone" key in all defined plant areas. This enables them to write to parameters associated with the Everyone key unless a field name lock exists.
If you create a new parameter in Control Studio with a unique name, you must add the parameter to the Parameter Security section in Explorer in order to assign a lock to it. Otherwise, the default lock applies.
Note that there might be locks on the fields of a parameter you create. Field locks are determined by the parameter type on which the parameter is based.
Any function block parameter that is writable has a lock assigned to it. You can change the lock assignments made by the system. Keys to all of the parameter and field locks (except Diagnostic) can be granted to specific plant areas. Refer to the following table for a default list of the parameter and field locks and a description of each lock's function:
Parameter and Field Locks
Lock |
Assigned to parameters that... |
| Alarms | concern alarms and the alarm horn. The Alarms lock affects access to the HORN parameter and the HENAB, MACK, and NALM fields. |
| Control | an operator needs to write to in order to control the process. Examples of parameters with the Control lock are MODE, SETPOINT, and OUTPUT. |
| Restricted Control | supervisors and engineers write to in order to configure the process. Operators typically do not write to these parameters. Examples of parameters with the Restricted Control lock are CONTROL_OPTS and DISABLE. |
| Tuning | maintenance technicians and supervisors write to in order to tune performance. Typically (although not always), operators do not write to these parameters. Examples of parameters with the Tuning lock are GAIN, RESET, and HIGH_LIM. |
| Diagnostic | affect diagnostic information maintained by the system, such as parameters that reset instance counts. |
| System Records | affect the records kept by the system, such as parameters that turn off the recording of event records. |
| User Locks 1 through 10 | you specify. These locks provide flexibility to your security scheme. Note When Recipe Authorization is enabled, User Lock 06 through User Lock 10 are reserved for recipe approval signers. |
Locks are assigned to various user functions, such as downloading, uploading, changing the configuration database, and so on. Functions are assigned to default locks initially. Use the DeltaV Explorer to change the lock associated with a function. Refer to the Batch Functions Security and Campaign Manager Security topics for information about the batch functions and locks. Refer to the History Data Set Security topic for information on Continuous Historian data set security functions and locks. Refer to the Event History Data Set Security topic for information on Event History data set security functions and locks. Refer to the following table for a list of the function locks, the default function to which each lock is assigned, and descriptions of the tasks that users with a key to the lock can perform:
Locks and Associated Functions
Function |
Default Associated Lock |
Operation Function |
Can Apply to Specific Area? |
| ACTION_VERIFY | Restricted Control | verify an action in Control Studio online and DeltaV Operate which requires a verifier's Electronic Signature. (Usually supervisors are granted the key to the lock associated with this operation.) | Yes |
| ADMIN_CONFIG_DB | System Admin | use the database administrator tools to create, copy, and rename databases. | No |
| CHANGE_CONFIG_DB | Can Configure | make changes to the configuration database, access a module in debug mode. | No |
| CHANGE_DEVICE_DB | Can Calibrate | use AMS Device Manager device configuration and calibration features. | No |
| CHART_SAVE | Can Configure | save Process History View configuration. | No |
| DIAGNOSTIC_DATA_CLEAR | Diagnostic | reset all communication, port, and device statistics; clear integrity history. | No |
| DIAGNOSTIC_SWITCHOVER | Diagnostic | initiate a
controller switchover. Note: Users must have the key to the Control lock to perform a controller switchover. |
No |
| DOWNLOAD_CONFIG | Can Download | download configuration and setup data to system nodes. | No |
| INSPECT_TUNE | Tuning | within Inspect: change the Enabled/Disable flag for a areas, modules and blocks. Change the alarming flag for a block. Set items on the View | Options property sheet. Set the limits. | Yes |
| REPLACE_DEVICE | Can Calibrate | make
changes to the Fieldbus
device in the
configuration database.
This key allows the user
to:
• Replace FF device • Decommission FF device • Commission FF device • Download FF device • Download FF port • Modify resource and transducer blocks using AMSinside dialogs • Modify device properties This key is not needed if the user already can CHANGE_CONFIG_DB. |
No |
| UPDATE_FIRMWARE | System Admin | use the controller upgrade utility to upgrade firmware for controllers, I/O cards, and other devices. | No |
| UPLOAD_CONFIG | Can Configure | upload configuration, setup data to system nodes. | No |
| USER_SECURITY_ATTACH_LOCKS | Can Configure | attach functions to locks in DeltaV Explorer. | No |
| USER_SECURITY_USERMANAGER | Can Configure | make changes in the User Manager. | No |
| VC_ADMINISTRATOR | System Admin | undo the check out of items checked out by other users. | No |
| VC_CHECKOUT_CHECKIN | Can Configure | check items in and out of a version control database. | No |
| VC_DEVICE_CHECKOUT_CHECKIN | Can Calibrate | check Fieldbus device in and out of a version control database. Not needed if the user already has VC_CHECKOUT_CHECKIN. | No |
| VC_DOWNLOAD_CHECKEDOUT | System Admin | download items that have been checked out of the version control database. | No |
| VC_DOWNLOAD_UNAUTHORIZED | System Admin | download recipes that are not authorized. | No |
| VC_PURGE_RECOVER_ITEMS | System Admin | use the DeltaV Explorer to purge and recover items from the version control database. | No |
| VC_ROLLBACK_ITEMS | System Admin | use the DeltaV Explorer to rollback to a previous version. | No |
| VC_SET_LABEL | Can Configure | label items in the version control database. | No |
Removing a parameter or field from the security dialog lists in DeltaV Explorer may have unintended consequences. The following examples illustrate the effect of removing parameters and fields from the security dialog lists.
Example 1: Attempt to write FIC101/MYPARAM.CV
Result: The lock in effect is Control. Users with the Control key in FIC101's plant area can write it.
Example 2: Attempt to write FIC101/MYPARAM.CV
Result: The lock in effect is Tuning. Users with the Tuning key in FIC101's plant area can write it. Users with the Control key in FIC101's plant area cannot write it.
Example 3: Attempt to write FIC101/MYALARM.PRI
Result: The lock in effect is System Records. Users with the System Records key in FIC101's area can write it. Users with the Tuning key in FIC101's plant area cannot write it. Users with the Control key in FIC101's plant area cannot write it.