Lealtad de marca

TeleLab operates with real physical system hardware. When a system is monitored and controlled from remote location by a remote user in the absence of lab engineer at the experiment site then the safety and security aspects become significant. Lapses in implementation of safety and security of the equipment can result in damage to lab personnel and lab infrastructure. Figure 2.11 presents a view of safety and security concept of TeleLab.

Fig. 2.11 Security of TeleLab

Safety refers to safe operation of the experiment and safety of life of lab personnel. Security refers to protection from malicious attacks from hackers and security issues caused due to user faults or infrastructure faults. User faults could be in terms of wrong commands or wrong programming logic. Infrastructure faults could be faults due to internet delays or faults due to faulty sensor readings and actuator signals [49].

2.5.1 Information security

As discussed in [49], security could be classified as information security and operational security. Information security is caused by hackers by introducing malicious contents and the

35 probable targets in a TeleLab system could be the experiment server and the booking system. Operational security would be discussed in the consequent section. Information security can be implemented by controlling the login information of the user and by controlling the experiment booking system. The user authorization is important to ensure that user’s accountability is verified before he gets access to the experiment. The user is able to access documents related to the experiment, software and hardware and also has rights to implement his own program for testing and analysis purposes. Before giving all these rights to the user, it is important to assign the user with authorized login data. This login data consisting of username and password is generated by the administrator of the lab. The user has to send an email to request for authorized login information to the administrator. In his email, he has to provide information about his background like whether he is a student or an employee and the purpose of doing the experiment. If necessary, the administrator can also make some quick internet search about the user or his institution to which he is attached.

 Time limited use of login data

The password generated by the administrator will be of use only for one time. After using it once, it will be automatically deactivated and the user cannot login with same password again. This step ensures that the same password cannot be used by unauthorized user to access the experiment. Once the user is able to login, he is asked to reserve date and time for his experiment. During this time and date is the user allowed to perform the experiment.

Fig. 2.12 Safety and security of TeleLab

 Use of VMs, VPN and VNC

Virtual Machine (VM), Virtual Private Network (VPN) and Virtual Network Computing (VNC) protocol of a VNC-server could be used to ensure effective safety and avoid damage to the equipment. Virtual Machines reset the PC configurations to the original after the experiment is completed by the user. Thus, any errors from the user will not be transmitted to the experiment server. Additional access rights if required by the user could be assigned to the VM. VNC enables encoded data transfer between the client and the server [9][10].

 Remote monitoring of the user during experimentation

If required the administrator can monitor the user remotely while he is doing the experiment. If it is found that the user is involved in bad practices that may cause damage to the experiment then the administrator with higher priority can get control of the experiment and deactivate the user’s access in real time. This is usually done for those users who are performing the experiment for first time or who are representing certain institutions unknown

36 to the administrator. Passwords could be defined for devices separately. For example, network camera used for live images can be password protected. The user should know the password to use this camera after login. The experiment PC with all the required software installed can be secured with separate password.

 Regulation of user priority access

Priority access of the user could be defined to ensure secure operation. The user could be given guest access which allows the user to view and monitor the experiment but he cannot make any changes or cannot implement a new program into the system. A user can be given higher access rights where he can change certain experiment parameters to learn the experiment behavior but cannot make programming changes.

 Limited access to the experiment equipment

It is possible to secure the experiment from simultaneous access from other users. It is also possible to provide user access to limited programs installed in the PC. It is possible to design a questionnaire or a test which the user should attend before performing the experiment. This test will ensure that the user receives all the required basic knowledge like “dos and don’ts” during the experiment, parameter settings, parameter limits or technical specifications to perform the experiment securely.

 Periodic software maintenance

Safety of the equipment could be ensured by maintaining the software periodically. The lab administration ensures that the software versions are periodically updated and the antivirus software has the latest version to protect the experiment PC from virus attacks.

2.5.2 Operational security

Operational security refers to protecting the equipment from faults caused by user due to wrong commands or wrong programming. Since the user can prepare his own program and implement it in the PLC, care should be taken to ensure that the wrong commands could be filtered out automatically or wrong programming could be verified by defining internal program checks. For example, when the infrared light protection system from company “Pilz” gives an output signal due to interception of the beams, the signal sent to the motor should be off. If the user program sends signal “on” despite the active signal from protection system then it should be avoided by program checks. Operational security also refers to faults or insecurity introduced due to faulty infrastructure. This might be due to internet delay or internet disconnection. A local mechanism to monitor the inactive state of screen of experiment PC should be implemented to bring the experiment in safe mode in the event there is loss of internet connection. Faulty sensors or actuators could be another reason to introduce operational insecurity into the system. In this case, a sensor actuator diagnosis information could be used to ensure that there are no logical conflicts with the sensor-actuator signals and the functionality of the system. Maximum and minimum limits on the system parameters which the user can enter should be implemented. Fire alarms and emergency switches should be implemented to ensure immediate handling of insecure environment.