Sometimes its personnel
Sometimes it’s easy to forget about the people aspect of control systems. Multiple regulatory rules, laws, and internal procedures require that people who perform shop floor actions are unequivocally identified, are authorized to perform the actions, and have valid training or qualifications to perform the actions.
Sometimes it’s easy to forget about the people aspect of control systems. Multiple regulatory rules, laws, and internal procedures require that people who perform shop floor actions are unequivocally identified, are authorized to perform the actions, and have valid training or qualifications to perform the actions. Because personnel information is usually maintained in multiple IT and control systems, it is a key area of exchanged information.
Which system checks and confirms the identity of personnel in your environment? Is the master information in a network security system, in an IT user management system, in an HR system, in a control system, or in all four systems? Many organizations are moving to a single sign-on (SSO) environment in which a user logs in once and all applications have access to the user’s credentials through an SSO management application.
The leading SSO system is based on the Liberty Alliance consortium ( www.projectliberty.org ) and uses the OASIS XML based security services ( www.oasis-open.org ) called the Security Assertion Markup Language (SAML). Unfortunately, many control applications have their own user account management and require manual synchronization with the other systems. It is common, but not desirable, that control systems contain old accounts for people who have left the company or moved to other positions.
A critical Manufacturing IT function is to keep the control system security up-to-date with changes in personnel information. Manufacturing IT teams should have a “tickler” system to remind them to make periodic updates, or they may subscribe to RSS feeds from the HR system to be informed of pertinent personnel changes.
Identifying a person and determining if they are authorized to use a system to take a control action is often not enough. Regulations and company policies may also require that the person is qualified, or appropriately trained, to take the action. Some manufacturing execution systems (MESs) provide a training and qualification tracking function. This provides a real-time check of qualifications before a user is allowed to take an action.
No real-time availability
The qualification information may also be maintained in a corporate-training tracking system, or in the HR system. The corporate systems normally do not have the real-time availability or up-to-date data required for just-in-time qualification checking; therefore, MES and training-tracking systems must share information and be synchronized. Some corporate policies may also require that qualification certification information, such as state issued professional license numbers, are included in production records. This is another type of information that is usually maintained in HR systems but is required in the real-time operational systems.
There is a standard format for exchanging this information using the B2MML Personnel Schema standard ( www.wbf.org ), but few vendors currently support this functionality, so most synchronization of qualification information is performed manually.
In addition to authorization to take an action and qualification to take an action, there is also the question of who is nearby to take an action. Location information may be managed by a door or room security system that tracks entry and exit, or through geographic positioning system (GPS) tracking of cell phones tied to a physical security system. This information is extremely useful to assign actions, alarms, and events to operators based on their location. Personnel location information is also of vital importance in case of emergencies or hazardous conditions. The personnel schemas can also be used to exchange this information.
Often, keeping personnel information in sync between business and control systems is a low priority task—until inspectors or lawyers get involved. Make sure that the personnel information in your control systems is up to date and in sync with corporate systems to prevent any future personal problems with personnel information.
Dennis Brandl is president of BR&L Consulting in Cary, NC, firstname.lastname@example.org .
Case Study Database
Get more exposure for your case study by uploading it to the Plant Engineering case study database, where end-users can identify relevant solutions and explore what the experts are doing to effectively implement a variety of technology and productivity related projects.
These case studies provide examples of how knowledgeable solution providers have used technology, processes and people to create effective and successful implementations in real-world situations. Case studies can be completed by filling out a simple online form where you can outline the project title, abstract, and full story in 1500 words or less; upload photos, videos and a logo.
Click here to visit the Case Study Database and upload your case study.
Annual Salary Survey
In a year when manufacturing continued to lead the economic rebound, it makes sense that plant manager bonuses rebounded. Plant Engineering’s annual Salary Survey shows both wages and bonuses rose in 2012 after a retreat the year before.
Average salary across all job titles for plant floor management rose 3.5% to $95,446, and bonus compensation jumped to $15,162, a 4.2% increase from the 2010 level and double the 2011 total, which showed a sharp drop in bonus.