Through the use of locks and keys, the DeltaV system provides security mechanisms at both the parameter and fields level and at the function level. At the parameter and fields level, the DeltaV system allows you to control which users can write to specific parameters and parameter fields in the run-time information. At the function level, the DeltaV system allows you to control which users can perform certain functions.
The DeltaV User Manager application provides an interface to the five essential components of security:
Locks - Prevent users from changing the parameters and parameter fields assigned to the lock and prevent users from performing certain functions. You use the Explorer to assign locks to parameters, parameter fields and functions. It is helpful to think of a lock as something that specifies the name of the key that grants access.
Keys - Provide permissions to individual users or whole groups of users. Each key is associated with a lock. You grant keys under the group and user properties dialogs. Users can be granted any number of keys or none at all. Some keys are area-based and others are node-based.
Groups - Enable you to classify users together and grant keys to everyone in the group.
Users - Are DeltaV system and Windows users. You can assign users to one or more groups. The DeltaV User Manager application also allows you to create new Windows users without accessing the Windows User Manager application. When you create a new user, you can specify whether the user is a Windows user, a DeltaV system user, or both.
Areas - Some keys can be granted to DeltaV users for specific areas. Use this feature to grant write access to operators for control modules within the operators' responsibility and withhold access to other similar modules outside their responsibility. Other keys apply to all areas and the only choice when granting these keys is <Sitewide>.
Nodes - Some keys can be granted to DeltaV users for specific nodes. The node must exist in the DeltaV database before you can assign keys to the user for the node. You can use a placeholder node until the actual node is commissioned in place of the placeholder. Use this feature to grant write access to operators for node-specific functions within the operators' responsibility and withhold access to other node-specific functions outside their responsibility. Additionally, you can grant keys for these node-specific functions as <Sitewide> (all nodes).
The status bar in DeltaV Explorer shows the following for node-specific functions.
| Displayed | The user has this combination of keys | Or, the user has this combination of keys | Or, the user has this combination of keys | Or, the user has this combination of keys |
|---|---|---|---|---|
| Node Scoped Non-SIS | Can Edit and Can Setup Device |
------ |
------ |
------ |
| Node Scoped SIS | SIS Can Edit and SIS Can Setup Device |
------ |
------ |
------ |
| Node Scoped Both | Can Configure/SIS Can Configure combined with either Can Edit or SIS Can Edit | Can Edit combined with SIS Can Edit | Can Download/SIS Can Download combined with either Can Setup Devices or SIS Can Setup Devices. | Can Setup Devices combined with SIS Can Setup Devices |