Industrial automation environments utilize machines during the industrial manufacturing process, such as drives, pumps, motors, and robots. These machines typically have various moving parts and other components that are driven by instructions received from industrial controller systems. Machine builders and solution providers typically produce the control logic needed to run on these controllers to control the machines. The machine builders and solution providers often attempt to restrict access to and usage of the controller logic they produce, both internally and by end users.
To configure security settings for a controller and other objects, a security administrator typically edits configuration settings for each individual object to define what actions various users are allowed to take with respect to the object. The administrator would typically manually configure each action associated with the object and select which types of users are allowed to perform which actions. The administrator would then repeat this process for every object in an industrial automation environment.
Overview
Provided herein are systems, methods, and software to facilitate controlling access to objects associated with an industrial automation environment. In at least one implementation, a policy set associated with an object type is created, wherein the policy set defines one or more actions that are allowed for at least one user group to perform with respect to the object type. An object of the object type is identified for security configuration, and a selection of the policy set associated with the object type to apply to the object is received. In response to the selection of the policy set, security is configured for the object by applying the policy set associated with the object type to the object.
This Overview is provided to introduce a selection of concepts in a simplified form that are further described below in the Detailed Description. It should be understood that this Overview is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to be used to limit the scope of the claimed subject matter.