|
Derived from AggreGate Platform, AggreGate SCADA/HMI inherits its powerful and flexible role-based security model. System operators have separate user accounts. These accounts may own resources (controller accounts, HMIs, alerts, reports, event filters). However, the system allow to share resource view/edit permissions between different accounts. See Security and Permissions for more information.
HMI Security
Some SCADA systems associate permission levels and checks with every component of HMI interfaces. AggreGate SCADA/HMI uses smarter method of controlling what a certain HMI can and cannot do:
| • | HMI components have no security-related information associated with them |
| • | The working HMI inherits permissions of a user who launched it |
| • | Every read or write request to the server data model uses the same effective permission level (i.e. permissions of user that started the HMI widget) |
| • | Permissions are checked on the server side, therefore compromising security by "hacking" the client-side widget it not possible |
| • | Fine-grained permission control is performed by giving system operators different levels of access to different system resources and devices |
|