KilnView -

KilnView Security Features

 

 

User Menu Options - Security

Login - Log Off

Log on..: The "Log On..." menu item provides a user the ability to log on to the system.  Enter userID and password to login.  If login fails, the user will be written to the audit trail and the system security defaults back to "Operator" level.

Log Off..: The "Log Off..." menu provides a user the ability to log off of the system.  Enter userID and password to log off. If log off fails, the user will be written to the audit trail and the system security defaults back to "Operator" level.

Return to top

Configure User Access

The "Configure User Access" menu item provides a system administrator the ability to set security access for users assigned to Operator,  Supervisor or Administrator levels.  The following dialog will be displayed:

Configure User Access Items:

The "User level:" list box allows an administrator to select the user level to  assign rights to.

The "Select rights for each user level:" check/list box allows the administrator to set the security options for the specific user level selected.  Before moving to another user level, click on the "Accept" button to save the current user level settings.

The "Enable Security " checkbox allows an administrator to enable or disable the security features.  If this checkbox is unchecked, all software functionality is available to any user on the system without login
or password check.

The "Enable Audit Trail " checkbox allows an administrator to enable or disable the audit trail.  If this checkbox is unchecked, the audit trail data for each user action will not be written to the audit trail log and will not be accessible for viewing.

The "Enable Re-Authentication" checkbox allows an administrator to enable or disable the re-authentication feature.  If this checkbox is unchecked, a user will not be required to re-authenticate his/her password before making a process change. If this feature is enabled, a user is required to login again (even if already logged on) before changing setpoints or other process changes in the system.  This feature offers dual protection against unwanted system changes that might adversely affect the Kiln.

The"Select All and Deselect All"  buttons allow an administrator to select or deselect all program options at one time.

Return to top

Operator Message For File

This menu item gives a system operator (with proper access) the ability to write a message to an open data file.  This can be used for comments, system upsets or tags that need to be related to the file.  A data file must be running to add a message the file.

Return to top

KilnView Audit Trail

KilnView creates a daily audit trail and logs all user related actions to the log. Alarm acknowledgment, start/stop data files, setpoint changes, user logins and unauthorized attempts to gain access to the system are all logged to the audit trail.  The audit trail is encrypted and can only be viewed within KilnView. Audit trails can also be printed or exported.

Audit Trail Toolbar:

The toolbar at the top of the audit trail window provides the following functions (left to right):

Open Audit Trail File:  Allows the user to open an audit trail file and view the data in a grid type format.  Audit trail logs are created and written to daily.  To activate the audit trail, the user must click on the "Enable Security" checkbox in the "Configure Users" section of the program. 

Export Audit Trail:  Allows the user to export the audit trail file to a .csv file.  Csv files can be read by Excel or any program capable of reading a comma-separated file.

Print Audit Trail:  Allows the user to print the Audit Trail Log.  Standard print dialog is used.

Return to top

KilnView CFR21 Security Features - Overview

KilnView security is built around the standards required for the pharmaceutical industry. The security features were modeled around this standard to offer the most secure method of data collection as well as support for digital signing of data files.  All data in KilnView is encrypted and tamperproof.  Export functions provide access to data using standard PC programs without altering the original file.

21 CFR Part 11 began in 1991 when the pharmaceutical industry requested guidance from the FDA regarding the best way to implement electronic systems in the manufacturing process and meet FDA
approval. The FDA rule was announced in 1997 with 80% of the rule concerning electronic records with the remaining 20% covering electronic signatures.

Part 6 provides the definition for an electronic record, which covers any  document or data that is created, maintained, modified, retrieved, archived or transmitted electronically.  The electronic signature part of the Rule informs the reader about the requirements for acceptable electronic signatures.

A 21 CFR Part 11 system provides the means to audit and track all user interface and system operations.  This ensures accurate repeatable electronic record keeping and verification of all steps in the electronic record keeping process.

KilnView Security  features:

  1. Security:  KilnView security  features can be enabled on WindowsNT4.0, Win2000 and WinXP professional operating system.  Although KilnView will run on Win98 (ver2), security features are disabled.  XP Home versions are not supported since the security features will be activated but the operation system is intended for home users and not business use
  2. User Database:  KilnView uses Windows built in security data base.  Administrators are required to make a single entry only for each user in the main Windows security database.  All logins from KilnView are checked against this database for user authentication.  All security policies assigned to password expiration and lockout apply, and will be enforced when logging on in KilnView.
  3. User Access:  All software functionality is controlled by the administrator in the"User Access" portion of the software.  Any software function that changes the processor creates data for the process requires a confirmation login to authenticate the user before the process change is made.
  4. Audit Trail:  KilnView keeps a daily audit trail of all functions initiated by the software or user. 
  5. UserID, full user name, user description and user comment as well as the action is written to the audit trail.  All login failures are written to the audit trail as well.
  6. Data Encryption:  All data files, signature files and audit trails are encrypted for tamper proof operation.  These files can only be decrypted by the KilnView software and are view only.Data files can be printed or exported from the KilnView software.  Original data files can not be altered.
  7. Electronic Signatures:  All data files can be electronically signed with the proper user access rights and authenticated login.  An encrypted "message digest" is also calculated for each file and is used for signature/file verification.  If a data file is tampered with or altered, the signature verification function will alert the user.

Getting used to security in KilnView:

The security in KilnView could seem a bit restrictive to operators using the software for the first time. 

Example: If an operator is logged on and has access rights to change the controller setpoint, he must log in again during the setpoint change.  This is done to protect the process from unauthorized changes if a "logged in" operator  leaves the area for a short time and someone changes the setpoint while he is gone.  The dual login also provides an audit trail of changes the process undergoes.  This protection can be invaluable when trouble shooting batch  or problem product runs.

After a short time the security will become "second nature" with operations personnel.

Return to top

KilnView CFR21 Security Compliance Overview

Since KilnView security uses the pharmaceutical industry model, the following overview describes compliance with each section of the rules.

All data below comes from the following document:

Part II
Department of Health and Human Services
Food and Drug Administration
21 CFR Part 11 Electronic Records;
Electronic Signatures;
Final Rule Electronic Submissions;

Establishment of Public Docket; Notice William B. Schultz,

Deputy Commissioner for Policy. [FR Doc. 97-6833 Filed 3/20/97; 8:45 am]

The complete document in text or .pdf format can be found at: http://www.fda.gov/ora/compliance_ref/part11

Return to Top

Sample Security Information

KilnView records are protected from changes by encrypting all data written to files.  The responsibility of protecting directories, files and folders is in the hands of the personnel setting up the computer or system security.

KilnView Encrypted File Sample:

 

KilnView uses Windows built in security for user authentication so only the systems user database is required for operation.  KilnView enforces all user related password security policies including password aging and lockout after (x) number of logins.

KilnView requires both components (userID and password) during all digital signatures of files.

Return to Top

For More Security Information

For additional information on KilnView's security features download KilnView Manual.

Return to Top

Return to: Main KilnView Page

Additional Kiln Information Links below:

Registering KilnView Software & Obtaining Unlock Code: KilnView Software must be registered and an Unlock Code obtained to communicate with FDC-2010-K5C Kiln Control(s) and/or Series 300 Single Loop Controls.

 

KilnView Kiln Detail View.htm: Main Kiln Data View, Schedule Entry/Edit/Run/Stop View, Schedule Trend View, Export Schedules, Core/Monitor Probe View, Setup - Alarm Setpoints, Control Tuning/Vent Setpoint and IO Monitor

 

KilnView Kiln Views.htm: Digital Values View, System Alarm Log, Alarm Log Viewer, Control Trends, Bargraphs, Historical Data Viewer [view data log files], Historical Trend Plot [plot data log files] and Audit Trail Viewer.

 

KilnView Data Logging and Historical Data Views.htm: Configure, Start, Stop Data Logging, View Historical Data Log Files.

 

KilnView Setup: Configure FDC-2010-K5C & 300 Series DIN Control for KilnView, Data Logging, 300 Series PID Loop Tuning and 300 Series Alarm Setpoints.

 

KilnView Series 300 Single Loop Controls.htm: Series 300 Single Loop Control description, links, Views, etc.

 

KilnView Security Overview.htm: Logon, Log Off, Security Configuration, Operator Messages, Audit Trail, CFR21 Security Overview and sample screens & descriptions.

 

KilnView Alarm File Viewer.htm: View, Acknowledge, Silence, Print, Export, etc.

 

KilnView - Run Real Time or Simulation.htm: Run KilnView Real Time [default] or for Training in Simulation.

 

KilnView Project Based Software.htm: Menu System to Open, Close and Save KilnView Configuration as a Project.

 

KilnView Help Screens.htm: Screen Shot of Help Screens

Return to Top

Future Design Controls 888.751.5444 csr@futuredesigncontrols.com