Transcription
Configuring ElectronicSignatures in SIMATICWinCCWinCC ew/67688514SiemensIndustryOnlineSupport
Warranty and liabilityWarranty and liability Siemens AG 2017 All rights reservedNoteThe Application Examples are not binding and do not claim to be completeregarding the circuits shown, equipping and any eventuality. The ApplicationExamples do not represent customer-specific solutions. They are only intendedto provide support for typical applications. You are responsible for ensuring thatthe described products are used correctly. These Application Examples do notrelieve you of the responsibility to use safe practices in application, installation,operation and maintenance. When using these Application Examples, yourecognize that we cannot be made liable for any damage/claims beyond theliability clause described. We reserve the right to make changes to theseApplication Examples at any time without prior notice.If there are any deviations between the recommendations provided in theseApplication Examples and other Siemens publications – e.g. Catalogs – thecontents of the other documents have priority.We do not accept any liability for the information contained in this document.Any claims against us – based on whatever legal reason – resulting from the use ofthe examples, information, programs, engineering and performance data etc.,described in this Application Example shall be excluded. Such an exclusion shallnot apply in the case of mandatory liability, e.g. under the German Product LiabilityAct (“Produkthaftungsgesetz”), in case of intent, gross negligence, or injury of life,body or health, guarantee for the quality of a product, fraudulent concealment of adeficiency or breach of a condition which goes to the root of the contract(“wesentliche Vertragspflichten”). The damages for a breach of a substantialcontractual obligation are, however, limited to the foreseeable damage, typical forthe type of contract, except in the event of intent or gross negligence or injury tolife, body or health. The above provisions do not imply a change of the burden ofproof to your detriment.Any form of duplication or distribution of these Application Examples or excerptshereof is prohibited without the expressed consent of the Siemens AG.SecurityinformationSiemens provides products and solutions with industrial security functions thatsupport the secure operation of plants, systems, machines and networks.In order to protect plants, systems, machines and networks against cyberthreats, it is necessary to implement – and continuously maintain – a holistic,state-of-the-art industrial security concept. Siemens’ products and solutions onlyform one element of such a concept.Customer is responsible to prevent unauthorized access to its plants, systems,machines and networks. Systems, machines and components should only beconnected to the enterprise network or the internet if and to the extent necessaryand with appropriate security measures (e.g. use of firewalls and networksegmentation) in place.Additionally, Siemens’ guidance on appropriate security measures should betaken into account. For more information about industrial security, please mens’ products and solutions undergo continuous development to make themmore secure. Siemens strongly recommends to apply product updates as soonas available and to always use the latest product versions. Use of productversions that are no longer supported, and failure to apply latest updates mayincrease customer’s exposure to cyber threats.To stay informed about product updates, subscribe to the Siemens IndustrialSecurity RSS Feed under http://www.siemens.com/industrialsecurity.WinCC electronic signatureEntry-ID: 67688514, V1.2,08/20172
Table of contentsTable of contentsWarranty and liability . 21Task . 52Solution. 62.12.23Solution overview . 6Description of the core functionality . 8Functional Mechanisms . 93.13.23.3“EsigWinCCInterface.dll” dynamic link library . 9Functions and modules for configuration . 9Functions and modules for Runtime . 114Installation . 125Description of the User Interface . 145.15.1.15.1.25.1.35.1.45.2 Siemens AG 2017 All rights reserved6Example Project . 226.16.1.16.1.26.26.2.16.2.26.2.36.2.47Preparation for using the sample project . 23Creating user groups and users in Windows . 23Changing the configured computer name . 25Description of the sample project . 26“Example 1” area button . 26“Example 2” area button . 27“Configuration” area button . 28WinCC message system – operation list . 29Applying Electronic Signatures to Specific Projects . 307.17.1.17.1.27.1.37.1.47.1.57.27.37.48User interface for configuration . 14Menu. 14“Electronic signature – configuration” dialog . 15“Reset Electronic Signature Parameters” dialog . 17“Configure Electronic Signatures in database” dialog . 18User interface in Runtime . 20Preparations of configuration . 30Importing macros. 30Adapting the template file . 32Integrating global scripts . 34Configuring the database . 37Configuring the messages in Alarm Logging . 37Configuring . 40Removing an electronic signature from an object . 50Qualification and test of the application in the project . 53Operator input message and simple electronic signature . 548.18.1.18.1.28.1.38.1.48.28.2.18.2.28.2.3WinCC electronic signatureEntry-ID: 67688514, V1.2,Description of the examples . 55WinCC Default Operator input message . 55Self-designed operator input message . 55Comparison of the default operator input message and the selfdesigned operator input message . 57Simple electronic signature . 57Configuration of the examples . 58WinCC default operator input message for an IO-field / Sliderobject . 58WinCC default operator input message when pushing a button . 59Self-designed operator input message . 6008/20173
Table of contents8.2.48.2.58.2.68.2.79Self-designed operator input message for the value change ofan IO-field . 61Self-designed operator input message for the operation of abutton. 63Self-designed operator input message for moving a slider object . 64Simple electronic signature . 66Appendix . 70Service and Support . 70Links & Literature . 71History . 71 Siemens AG 2017 All rights reserved9.19.29.3WinCC electronic signatureEntry-ID: 67688514, V1.2,08/20174
1 Task1TaskIn many branches, especially in the pharmaceutical and food industry it is often thecase that different critical operator actions have to be authorized via electronicsignature. Such kinds of operator actions may include, for example: changing a setpoint value executing a switching operation starting a sequence of operations starting a batchDepending on the requirement, an action complying with the two-man rule may benecessary. This means that the operation has to be authorized by at least twodifferent people. The approval will be acquired with the help of an electronicsignature and saved in a long-term archive for later traceability. Based on theentries in the archive it has to be clear, who carried out an operator action at whattime and when this was confirmed. Siemens AG 2017 All rights reservedFigure 1-1WinCC electronic signatureEntry-ID: 67688514, V1.2,08/20175
2 Solution2Solution2.1Solution overviewThe solution presented in this entry has the following functionality:In order to be able to carry out a critical operator action on the WinCC operatorsystem, one or several users have to provide an electronic signature. Theauthentication of individual users is polled via an input dialog and is carried out withthe help of SIMATIC Logon. The persons with electronic signature authorizationare defined in the different user groups. Only once all required signatures arepresent, is the critical operator action carried out. The data of the signaturesperformed (time, user, operator action, operator station) is written in the WinCCmessage archive as audit trail. Siemens AG 2017 All rights reservedAbbildung 2-1AdvantagesUsing this application offers the following advantages: dialog-supported configuration of multiple, role-based electronic signatures simple integration of the “electronic signature” function in a WinCC project reduced costs and minimized configuration time by using preconfiguredmodules the plant is operated only by authorized personnel, thus increasing theprotection against faults and errors excellent traceability of important operator actions simple documentation through automatically created audit trails in WinCC long-term archiving of electronic signatures through WinCC’s archiving conceptWinCC electronic signatureEntry-ID: 67688514, V1.2,08/20176
2 SolutionAlternativesThe solution described in this document is quite comprehensive and fulfills therequirements of multiple electronic signatures with a role concept.Solutions for simple electronic signatures can also be realized on the basis of thefollowing functions of SIMATIC Logon. Verify Logon Authenticate User Authenticate User no GUIFurther information on these functions and a detailed description of their use canbe found in the SIMATIC Logon Programming Guide Edition 03/2009(A5E00734600-03).For further information on SIMATIC, please refer to the following w/en/62563251 Siemens AG 2017 All rights reservedThe WinCC default operator input message, a user-defined operator message anda simple electronic signature which also fulfill the GMP requirements are presentedin chapter 8 of this description. The simple electronic signature uses the function“AuthenticateUserNoGui” which has been mentioned above. Both, the operatormessages and the simple electronic signature, are demonstrated in a separatescreen in the sample project.InstallationThe “67688514 WinCC ElectronicSignature setup e.exe” file includes all scriptsand modules required to use the electronic signature. A sample project willfurthermore be installed.ValidityThe electronic signature can be used with WinCC V7.4 SP1 UPD1 and SIMATICLogon V1.6. The function is also optionally available for the WinCC Web navigator.Assumed knowledgeBasic knowledge of SIMATIC WinCC, SIMATIC Logon and the Microsoft operatingsystems is assumed.WinCC electronic signatureEntry-ID: 67688514, V1.2,08/20177
2 Solution2.2Description of the core functionalityPrinciple of the core functionality Siemens AG 2017 All rights reservedAbbildung 2-2Table 2-1No.ActionDescription1.The operator would like to change thestatus of an object or the value of a tag.A dialog opens, requesting the entry ofan electronic signature.2.The authorized personnel confirm thechange with an electronic signature.If more than one signature is required, itcan be specified whether thesesignatures are entered in one session,or in several sessions.3.After successful entry of the signature,an audit trail message will begenerated.If the signature was enteredsuccessfully, a respective entry in theWinCC messages system is generated.If the signing process is aborted, awarning prompt will appear.4.Once all required signatures areavailable, the operation will beexecuted.In addition, an audit trail entry will begenerated in the WinCC messagesystem. It includes the information forthe actual object change.WinCC electronic signatureEntry-ID: 67688514, V1.2,08/20178
3 Functional MechanismsFunctional Mechanisms3In order to be able to use the functionality of the electronic signature, someprograms and scripts are required. They are installed on the system by theincluded setup file and are registered in the WinCC Graphics Designer.Furthermore, the file “EsigWinCCInterface.dll” will be copied to the installationdirectory of WinCC. These functions are briefly described in the following chapters.Note3.1The application example was also tested in a redundant system environment. Ifthe solution is be used in the context of such a system, it is absolutely necessarythat only on one system the project is configured. After that the project must betransferred to the redundant system with the WinCC Project duplicator.“EsigWinCCInterface.dll” dynamic link library Siemens AG 2017 All rights reservedThe “EsigWinCCInterface.dll” Dll file includes auxiliary functions for generating tagstructures. The prototypes of these structures are required for the instances of thedifferent electronic signatures which are also created with the help of dll functions.The DLL functions are used for generating an electronic signature in the“eSigConfDlgWithDb” VBA script.3.2Functions and modules for configurationThe table below lists the functions and modules that are required for theconfiguration of electronic signatures in the WinCC Graphics Designer. For theconfiguration, these functions can be called under the “eSignature” menu item.Table 3-1ModuleDescriptionMenuBar.basShows the user-specific “eSignature” menu in the Graphics Designer. Thefollowing menu items are created:eSignature Assign eSignature Reset eSignature parameters Configure the eSignature parameters in the DB Create eSignature table in DBWinCCTagDlg.basDisplays the WinCC tag dialog.The dialog is called from the “Reset eSignature parameters” function in orderto display and select tags.WinCCUserGroups.basIncludes various functions that are required to list the existing WinCC groupsfor the “Electronic signature configuration” function.TextLibrary.basIncludes various functions for switching over between different languages(German/English) in the different configuration dialogs.Common.basIncludes constants that are required throughout the project and which arereferenced by the individual modules.WinCC electronic signatureEntry-ID: 67688514, V1.2,08/20179
3 Functional MechanismsModuleDescriptionIncludes various functions to generate the configuration table in the WinCCdata base. The table includes the data for the electronic signature and it willbe created by the “Create eSignature table in DB” function, if not yetavailable.eSigConfDlgWithDB.frmDialog for electronic signature configuration.eSigResetParamDlg.frmDialog to reset the electronic signature.eSigConfigDB.frmDialog for the configuration of the electronic signature in the database. Siemens AG 2017 All rights reservedCreateTableInDB.basWinCC electronic signatureEntry-ID: 67688514, V1.2,08/201710
3 Functional Mechanisms3.3Functions and modules for RuntimeIn order to be able to use the function of the electronic signature during WinCCRuntime, some global scripts are required. The following functions were created inthe Global Script Editor: Siemens AG 2017 All rights reservedTable 3-2DeleteSignaturesFromCurrentSession.bmoGlobal project function, in order to delete an already performed signaturewithin a session, if there is a cancellation.CreateSigMsgs.bmoGlobal project function in order to create an audit trail message once asignature has been made or in the event of a cancellation.ResetESignatureParam.bmoGlobal project function in order to reset the parameters once the signaturewas successfully performed. This script is called from the project image ofthe automation object.GetSignatureRecordFromDatabase.bmoGlobal project function in order to read out configuration files from the WinCCdatabase and to write them into the respective tag structures. This functionhas to be called via the start screen using the “Open image” event. In thesample project, this function can also be executed from the administratorscreen.Init Esig Dlg.bmoGlobal project function in order to initialize and open the dialog for theelectronic signature.CreateESignatureAuditTrail.fctGlobal project function in order to create audit trail messages for theindividual signatures in the WinCC message system.OperatorMessage Value.bmoGlobal project function in order to create a self designed audit trail messageby changing a value.Operator Sign.bmoGlobal project function in order to create a self designed audit trail messagefor a simple electronic signature.WinCC electronic signatureEntry-ID: 67688514, V1.2,08/201711
4 InstallationInstallation4Install all required components for the electronic signature with the help of thesetup file. You then have the option to insert the functionality of the electronicsignature in a customer-specific WinCC project. Furthermore, the WinCC sampleproject will be installed with the setup.The installation of the components for the electronic signature requires Windowsadministrator rights.NoteThe sample project was created with WinCC V7.2 If the project is used with alater WinCC version it has to be converted beforehand with the “projectmigratory”.Functions and modulesAll WinCC modules and functions required are copied to the WinCC installationdirectory in the “eSignature” subdirectory.The following files are copied:Table 4-1 Siemens AG 2017 All rights reservedTypeFileVBA Module enuBar.basCommon.basCreateTableInDB.basForms (dialogs) esetParamDlg.frxGlobal C default function CreateESignature AuditTrail.fctGlobal VBS functions omDatabase.bmoInit SLEsig Dlg.bmoOperatorMessage Value.bmoOperator Sign.bmoDLL (Dynamic Link Library)The “EsigWinCCInterface.dll” DLL is used in VBA modules and is installed in theWinCC installation directory, in the “Bin” subdirectory.WinCC electronic signatureEntry-ID: 67688514, V1.2,08/201712
4 InstallationWinCC example project Siemens AG 2017 All rights reservedThe WinCC sample project is copied into the“C:\Users\Public\Documents\Siemens\eSig DemoProject\eSignature Demo WinCC V5” directory.WinCC electronic signatureEntry-ID: 67688514, V1.2,08/201713
5 Description of the User Interface5Description of the User Interface5.1User interface for configuration5.1.1MenuA separate menu was created for the configuration of the electronic signature. Thismenu list is added to the menu bar in Graphics Designer.Figure 5-1Table 5-1 Siemens AG 2017 All rights reservedFunctionDescriptionAssign eSignatureOpens the dialog for the configuration of a new electronicsignature for the selected object.Reset eSignature parametersOpens the dialog for the configuration of the “ReseteSignature parameters” function for the selected object.Configure the eSignatureparameters in the DBOpens the dialog to change the already configuredelectronic signatures in the database.Create eSignature table inDBCreates the configuration table for the data of theelectronic signature in the WinCC database, if it does notyet exist.WinCC electronic signatureEntry-ID: 67688514, V1.2,08/201714
5 Description of the User Interface5.1.2“Electronic signature – configuration” dialogFrom the “Electronic Signature Assign eSignature” menu command you get to theconfiguration dialog for the electronic signature. Siemens AG 2017 All rights reservedFigure 5-2Table 5-2FieldDescriptionUnique TagNameThe name of the electronic signature has to be unique throughout theentire project. The field has already been assigned as:eSig picture name object name The “eSig ” prefix cannot be changed.Object NameName of the automation object for which the electronic signature isbeing configured. This name will later appear in the audit trail for theelectronic signature in the WinCC message system.OperationDescribes the type of operation to be executed once the electronicsignature was successfully performed.Operation textwith source andtarget valuesIf this property has been selected, the operation text displayed will besupplemented by the source and target values for the electronicsignature in the Runtime dialog.AreaThis is where information regarding the plant area can be stored.UnitThis is where information regarding the unit of the value to bechanged can be stored.Quantity ofSignaturesSpecifies the number of signatures to be entered that are required tobe able to execute the operation. 1 to 3 signatures can be selected.The default value is “1”.WinCC electronic signatureEntry-ID: 67688514, V1.2,08/201715
5 Description of the User InterfaceFieldAudit TrailMessage No.Message number for the audit trail which is generated once asignature was successfully performed. If several signatures arepolled, a separate audit trail entry will be generated for eachsignature.The default message number is “1000”.TimeoutPeriod in seconds during which the electronic signature(s) have to beperformed.The default value is “0” (without time limit).Signature orderIf several signatures are expected, it can be specified whether theyhave to be entered in a specific order.The default setting is “any order”.Input SessionIf several signatures are expected, it can be specified whether theyare entered in one session or in several sessions.The default setting is “in different sessions”.If this option is selected, all signature parameters will be reset aftersuccessful completion of the signature process.This option is selected by default.Reset afterexecution of allsignatures Siemens AG 2017 All rights reservedDescriptionDetails of theuser informationThe following options can be selected: UserID Full Name UserID and Full NameThe default selection is “UserID“.Available WinCCuser groupsList of the user groups configured in the operator system (UserAdministrator).Selected groupsList of user groups that have to perform an electronic signature forthis object.Moves the selected group into the “Selected groups” list.Removes the selected group from the “Selected groups” list.Moves the selected user group in the “Selected group” list oneposition up.Moves the selected user group in the “Selected group” list oneposition down.AssigneSignatureConfigures the function of the electronic signature on the selectedobject. For this purpose, a VB script is generated on the “MouseAction” event which calls the input dialog and transfers the requiredparameters. Furthermore, an auxiliary object (rectangle) is generatedwhich is required for the creation of the audit trail messages.CancelCloses the dialog without any further actions.WinCC electronic signatureEntry-ID: 67688514, V1.2,08/201716
5 Description of the User Interface5.1.3“Reset Electronic Signature Parameters” dialogYou get to the configuration dialog for the “Reset Electronic Signature Parameters"function under the “Electronic Signature “Reset parameter” command. Siemens AG 2017 All rights reservedFigure 5-3Table 5-3FieldUnique Tag NameDescriptionThe name corresponds to the unique name specified in theconfiguration dialog for the electronic signature.This is the structure tag name of the electronic signature to be resetafter the electronic signature has been successfully applied.Opens the tag dialog.NoteIt is not possible to select the instance name of the structure tag.You may, however, select any tag from the structure, since theprogram will identify the structure automatically.Copies the current structure into the “selected Objects” list. Severalstructure tags can be added.Selected ObjectsList of the selected instances (automation objects), for which theparameters of the electronic signatures are to be reset.Reset parameterConfigures the “Reset Electronic Signature Parameters” function ofthe electronic signature at the selected object. For this purpose, aVB script is created on the “mouse action” event which resets thesignature parameters from the list.CancelCloses the dialog without any further actions.WinCC electronic signatureEntry-ID: 67688514, V1.2,08/201717
5 Description of the User Interface5.1.4“Configure Electronic Signatures in database” dialogYou get to the dialog for configuring the existing signatures in the database underthe “Electronic Signatures Configure Electronic Signatures in database” menucommand. Siemens AG 2017 All rights reservedFigure 5-4Table 5-4FieldDescriptionElectronicSignaturesThe list includes all electronic signatures of the current WinCCproject. When clicking an electronic signature from this list, therelevant parameters will be shown in the corresponding fields.Quantity ofSignaturesShows the number of required signatures. This parameter cannotbe changed.Signature orderShows whether a certain sequence is required or not. Thisparameter can be changed if more than one signature is required.Input SessionShows whether the signatures are to be entered in one session ornot. This parameter can be changed if more than one signature isrequired.Details of the userinformationShows the original configuration. The following options can beselected: UserID Full Name UserID and Full NameAudit Trail MessageNo.Displays the originally configured message number. A differentmessage number can be entered.NoteThe program does not check whether the entered message numberhas actually been configured.TimeoutDisplays the originally configured time in seconds. If a “0” is enteredin the input field, there is no time limit for entering the electronicsignature.WinCC electronic signatureEntry-ID: 67688514, V1.2,08/201718
5 Description of the User InterfaceFieldstndrdDescriptionDisplays the configured user groups which have to make anndrdelectronic signature. The selection fields of the 2 and 3 usergroup are only enabled if two or three was selected under “Quantityof Signatures”. You can select from all configured OS user groups.NoteIf the configured user group should no longer be available, forexample, because it was deleted in the User Administrator, it will bemarked as missing (red) in the selection field.ModifyCopies the changed configuration of the selected electronicsignature into the database.DeleteDeletes the selected signature from the database.NoteIn this case, the respective object and the tag structure has to bedeleted manually in the process image.CloseCloses the dialog without any further actions. Siemens AG 2017 All rights reserved1 /2 /3 WinCCuser groupsWinCC electronic signatureEntry-ID: 67688514, V1.2,08/201719
5 Description of the User Interface5.2User interface in RuntimeWhen clicking with the mouse on an automation object that was configured with anelectronic signature, a dialog field for entering the electronic signatures will open up. Siemens AG 2017 All rights reservedFigure 5-5Table 5-5FieldDescriptionElementDescribes the object for which an electronic signature will be acquired.OperationDescribes the action that will be executed once the signature wassuccessfully performed.EntryDisplays whether all required signatures can be entered in one sessionor in separate sessions (the dialog can be closed in the meantime).SequenceDisplays whether a certain sequence is require
a simple electronic signature which also fulfill the GMP requirements are presented in chapter 8 of this description. The simple electronic signature uses the function "AuthenticateUserNoGui" which has been mentioned above. Both, the operator messages and the simple electronic signature, are demonstrated in a separate
