Industrial automation environments utilize machines during the industrial manufacturing process, such as drives, pumps, motors, and robots. These machines typically have various moving parts and other components that are driven by instructions received from industrial controller systems. Machine builders and Solution Providers typically produce the control logic needed to run on these controllers to control the machines. The machine builders and Solution Providers often attempt to restrict access to and usage of the controller logic they produce, both internally and by end users.
In addition to controller logic, other content may be employed or generated during industrial automation operations, such as data sets, drive parameters, cam tables, product formulations, recipes, production data, and human-machine interface (HMI) components. An HMI receives and processes status data from the machines to generate various graphical displays. For example, an HMI graphical display might indicate status metrics of a drive, the pressure of a pump, the speed of a motor, or the output of a robot. The HMI may also provide a mechanism for an operator to send control instructions to an industrial controller system that controls a machine. For example, an operator might use the HMI to direct the control system to update drive parameters, turn on a pump, speed-up a motor, or stop a robot.
Overview
Provided herein are systems, methods, and software to facilitate temporary escalation of access privileges for a control program associated with a machine system in an industrial automation environment. In at least one implementation, a request is received from a user for a temporary access level increase to utilize protected functions of the control program. An encrypted string is generated comprising a temporary password authorized to access the protected functions of the control program. The encrypted string is provided to the user, wherein the user provides the encrypted string to an administrator and the administrator authenticates the user for the temporary access level increase, decrypts the temporary password, and provides the temporary password to the user. A login request is received from the user with the temporary password authorized to access the protected functions of the control program, and the temporary access level increase is responsively granted to allow the user to utilize the protected functions of the control program.
This Overview is provided to introduce a selection of concepts in a simplified form that are further described below in the Detailed Description. It should be understood that this Overview is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to be used to limit the scope of the claimed subject matter.