The invention relates generally to the field of automation control systems. More particularly, embodiments of the present disclosure relate to a system and method for controlling access of components to automation system resources by exploiting the unique characteristics of industrial automation systems.
Industrial automation system components have traditionally been interconnected by specialized networks using standard industrial protocols for access and data exchange. While there has been increasing interest in remote access to systems, components, and data, the unique environment of industrial production and material handling has made adoption of conventional technologies used in other areas difficult and challenging. One particular challenge with traditional industrial automation systems involves how best to manage the permission allowed to the individual systems, components, and individuals attempting access to an automation system or resource. Industrial automation environments often include numerous components that must have the ability to locate each other and to communicate with one another in normal operation. A properly implemented access control system for use in an industrial automation system should allow all essential interaction but disallow any unknown or unwanted interactions. The numbers of possible interactions can increase exponentially with each additional component in a system, thereby also increasing the complexity of administration of an access control system. As a result, these access control systems are often under-utilized and at times completely neglected, leaving industrial automation systems either open to substantially uncontrolled access, or tightly locked down in a manner that may limit the effectiveness of the system, or tax administrative personnel who must review and permit access when needed.
There is therefore a need for improved techniques for controlling access to automation system resources.