KilnView Security Features
Log on..: The "Log On..." menu item provides a user the ability to log on to the system. Enter userID and password to login. If login fails, the user will be written to the audit trail and the system security defaults back to "Operator" level.
Log Off..: The "Log Off..." menu provides a user the ability to log off of the system. Enter userID and password to log off. If log off fails, the user will be written to the audit trail and the system security defaults back to "Operator" level.
The "Configure User Access" menu item provides a system administrator the ability to set security access for users assigned to Operator, Supervisor or Administrator levels. The following dialog will be displayed:
Configure User Access Items:
The "User level:" list box allows an administrator to select the user level to assign rights to.
The "Select rights for each user level:" check/list box allows the administrator to set the security options for the specific user level selected. Before moving to another user level, click on the "Accept" button to save the current user level settings.
The "Enable Security " checkbox allows an administrator to enable or disable the security features. If this checkbox is unchecked, all software functionality is available to any user on the system without login
or password check.
The "Enable Audit Trail " checkbox allows an administrator to enable or disable the audit trail. If this checkbox is unchecked, the audit trail data for each user action will not be written to the audit trail log and will not be accessible for viewing.
The "Enable Re-Authentication" checkbox allows an administrator to enable or disable the re-authentication feature. If this checkbox is unchecked, a user will not be required to re-authenticate his/her password before making a process change. If this feature is enabled, a user is required to login again (even if already logged on) before changing setpoints or other process changes in the system. This feature offers dual protection against unwanted system changes that might adversely affect the Kiln.
The"Select All and Deselect All" buttons allow an administrator to select or deselect all program options at one time.
This menu item gives a system operator (with proper access) the ability to write a message to an open data file. This can be used for comments, system upsets or tags that need to be related to the file. A data file must be running to add a message the file.
KilnView creates a daily audit trail and logs all user related actions to the log. Alarm acknowledgment, start/stop data files, setpoint changes, user logins and unauthorized attempts to gain access to the system are all logged to the audit trail. The audit trail is encrypted and can only be viewed within KilnView. Audit trails can also be printed or exported.
Audit Trail Toolbar:
The toolbar at the top of the audit trail window provides the following functions (left to right):
Open Audit Trail File: Allows the user to open an audit trail file and view the data in a grid type format. Audit trail logs are created and written to daily. To activate the audit trail, the user must click on the "Enable Security" checkbox in the "Configure Users" section of the program.
Export Audit Trail: Allows the user to export the audit trail file to a .csv file. Csv files can be read by Excel or any program capable of reading a comma-separated file.
Print Audit Trail: Allows the user to print the Audit Trail Log. Standard print dialog is used.
KilnView security is built around the standards required for the pharmaceutical industry. The security features were modeled around this standard to offer the most secure method of data collection as well as support for digital signing of data files. All data in KilnView is encrypted and tamperproof. Export functions provide access to data using standard PC programs without altering the original file.
21 CFR Part 11 began in 1991 when the pharmaceutical industry requested guidance from the FDA regarding the best way to implement electronic systems in the manufacturing process and meet FDA
approval. The FDA rule was announced in 1997 with 80% of the rule concerning electronic records with the remaining 20% covering electronic signatures.
Part 6 provides the definition for an electronic record, which covers any document or data that is created, maintained, modified, retrieved, archived or transmitted electronically. The electronic signature part of the Rule informs the reader about the requirements for acceptable electronic signatures.
A 21 CFR Part 11 system provides the means to audit and track all user interface and system operations. This ensures accurate repeatable electronic record keeping and verification of all steps in the electronic record keeping process.
KilnView Security features:
Getting used to security in KilnView:
The security in KilnView could seem a bit restrictive to operators using the software for the first time.
Example: If an operator is logged on and has access rights to change the controller setpoint, he must log in again during the setpoint change. This is done to protect the process from unauthorized changes if a "logged in" operator leaves the area for a short time and someone changes the setpoint while he is gone. The dual login also provides an audit trail of changes the process undergoes. This protection can be invaluable when trouble shooting batch or problem product runs.
After a short time the security will become "second nature" with operations personnel.
Since KilnView security uses the pharmaceutical industry model, the following overview describes compliance with each section of the rules.
All data below comes from the following document:
Department of Health and Human Services
Food and Drug Administration
21 CFR Part 11 Electronic Records;
Final Rule Electronic Submissions;
Establishment of Public Docket; Notice William B. Schultz,
Deputy Commissioner for Policy. [FR Doc. 97-6833 Filed 3/20/97; 8:45 am]
The complete document in text or .pdf format can be found at: http://www.fda.gov/ora/compliance_ref/part11
KilnView records are protected from changes by encrypting all data written to files. The responsibility of protecting directories, files and folders is in the hands of the personnel setting up the computer or system security.
KilnView Encrypted File Sample:
KilnView uses Windows built in security for user authentication so only the systems user database is required for operation. KilnView enforces all user related password security policies including password aging and lockout after (x) number of logins.
KilnView requires both components (userID and password) during all digital signatures of files.
For additional information on KilnView's security features download KilnView Manual.
Return to: Main KilnView Page
Additional Kiln Information Links below:
Registering KilnView Software & Obtaining Unlock Code: KilnView Software must be registered and an Unlock Code obtained to communicate with FDC-2010-K5C Kiln Control(s) and/or Series 300 Single Loop Controls.
KilnView Kiln Detail View.htm: Main Kiln Data View, Schedule Entry/Edit/Run/Stop View, Schedule Trend View, Export Schedules, Core/Monitor Probe View, Setup - Alarm Setpoints, Control Tuning/Vent Setpoint and IO Monitor
KilnView Kiln Views.htm: Digital Values View, System Alarm Log, Alarm Log Viewer, Control Trends, Bargraphs, Historical Data Viewer [view data log files], Historical Trend Plot [plot data log files] and Audit Trail Viewer.
KilnView Data Logging and Historical Data Views.htm: Configure, Start, Stop Data Logging, View Historical Data Log Files.
KilnView Setup: Configure FDC-2010-K5C & 300 Series DIN Control for KilnView, Data Logging, 300 Series PID Loop Tuning and 300 Series Alarm Setpoints.
KilnView Series 300 Single Loop Controls.htm: Series 300 Single Loop Control description, links, Views, etc.
KilnView Security Overview.htm: Logon, Log Off, Security Configuration, Operator Messages, Audit Trail, CFR21 Security Overview and sample screens & descriptions.
KilnView Alarm File Viewer.htm: View, Acknowledge, Silence, Print, Export, etc.
KilnView - Run Real Time or Simulation.htm: Run KilnView Real Time [default] or for Training in Simulation.
KilnView Project Based Software.htm: Menu System to Open, Close and Save KilnView Configuration as a Project.
KilnView Help Screens.htm: Screen Shot of Help Screens