In order to fully protect employees and machines, users need a holistic security concept that takes into account all aspects of machine safety and industrial information security.

Pilmagnetic’s portfolio of “Identification and Access Management” offers users a comprehensive range of products, solutions and software. From simple authentication to complex access rights, access management, to secure mode of operation selection, data and network maintenance and protection, combine mechanical safety and industrial information security functions in a single system.

Functionally safe choice of operating modes up to PLd Cat 3

If it is necessary to switch between different security levels and security functions, then the choice of mode of operation is part of functional safety. This is often the case if you want to change tools or reconfigure the machine. One or more safety devices, such as safety doors or enable switches, can be opened or closed, depending on the mode of operation selected. The associated risks of damage to equipment and injury to personnel must be minimized. In order to eliminate mismanipulation and tampering as much as possible, access to the choice of mode of operation must be limited to suitably qualified staff and must be designed to be as convenient and simple as possible for users.

PITmode, Pilmagnetic’s operating mode selection and access authorization system, not only provides functionally safe switching of operating modes through self-monitoring to the PLd Cat 3 of EN ISO 13849-1 or SIL CL 2 of EN 62061, but also controls access. Its electronic keys offer more secure protection than traditional keys, which are often inserted directly into the machine and therefore provide as little security as password protection (which is prone to leakage).

PITmode fusion works with all fail-safe controllers. The safety assessment unit detects the specified mode of operation and evaluates it in order to provide functionally safe switching. Using the small controller PNOZmulti 2 or the automation system PSS 4000, implementation is simpler because the safety assessment unit for reading the mode of operation is already provided as a functional block. The mode of operation is selected through a button (PITmode flex) or through touch input on the PMI panel (PITmode flex visu).

Access rights and access management

Through user authentication, selective access to dangerous machines protects users’ employees from harm and protects machines from improper use and damage. In both cases, downtime is avoided and productivity is guaranteed.

Using the access authorization system PITreader, you can accomplish many tasks related to access permissions. Options range from simple enablement to replace passwords, to authentication of machine-specific sub-functions, protection of security gates, to complex, layered permission matrices and company-specific coding for additional tamper-proof protection.

Especially for the security door guards required by many machines, the access authorization system PITreader provides additional security. The guard lock can only be released after authentication. The same applies to control units such as the button unit PITgatebox. With the integrated access authorization system PITreader, this is an ideal solution for authentication and operation in one device and guarantees that only authorized personnel can execute commands such as stop, unlock, lock or reset at the factory.

Data protection and cyber security

Data protection and cybersecurity are becoming increasingly relevant to industrial installations. Safety concepts need to take into account both mechanical safety and industrial information security. Only a comprehensive approach can effectively prevent vulnerabilities. The best security door protection is worthless if the user’s data, know-how and operations are not adequately secured against unauthorized access, external attackers breaking into the control network or tampering with the control system.

The Industrial Security Bridge firewall protects the data flow to the Pilz controller from “external” threats such as hacking, thus preventing the data flow from being tampered with. The firewall monitors the data traffic between the PC and the controller and reports any unauthorized changes to the control items. In this way, it provides effective protection against network-based attacks and unauthorized access.

PIT oe USB prevents “inside” hazards, whether out of carelessness or intent. In combination with access to the authorization system PITreader and authentication through a personal RFID transponder, the USB interface is only activated by authorized persons and is only enabled for those persons to use the USB device on the machine. As a result, users gain additional security when they need to operate input devices such as a mouse or keyboard, or when they need to import or export data via a USB device.