Security: 10 ways Our HMIs Protect Your Project
Security is a top priority, especially for today’s IIoT-enabled
world. Ensuring the safety of employees, protection of company
equipment, and intellectual property should be a top priority.
That’s why Maple Systems HMIs provide several layers of security
features that keep your control system safe, while remaining
accessible to personnel outside of the plant.
Protect Your HMI from Unauthorized Access
First and foremost, Maple Systems HMIs offer the ability to protect
your HMI data with extensive password control. Use a password to
restrict access to the HMI's local setup menus. Uploading or
downloading a new project to the HMI can be password-protected, as
well as retrieving stored data in the HMI. Access from connected
devices such as PCs, other HMIs, or smart devices, can also be
password-protected.
Protected and Secure Remote Access
Using
EasyAccess 2.0, remote PCs with an Internet connection can communicate to Maple
HMIs for screen monitoring or to change settings on the HMI or
connected PLC, lowering the cost of screen updates and minimizing
down time. It is of paramount importance that this connection be
secure. This is why Maple Systems employs a VPN (Virtual Private
Network) connection and SSL encryption for remote communication.
Wi-Fi access to select Maple HMIs using
cMT Viewer
is also password-protected. With the press of a button on the HMI,
remote access can be temporarily disabled.
Secure Password Authentication (SPA) is also an important factor
when sending predefined email messages from HMIs that contain
sensitive data or information about an alarm event. The email
function employs the SMTP protocol with the option for encrypting
login credentials using SSL or TLS.
Many of our HMIs include two Ethernet ports which provide a physical
separation between your local network and the web. Our HMI series
uses a proprietary operating system that further reduces
susceptibility to viruses or malware.
Role-Based User Permissions
Access to HMI screens, data objects (such as Video Player or Data
Block Displays), or input objects (i.e. momentary buttons, toggle
switches, or data entry) can be limited based on user permissions
and security classes on Maple HMIs. Objects with restricted access
are invisible or display an "access-denied" warning message to
unauthorized users. Up to 12 users (or 128 users with USB security
key) can be configured each with a unique username and alphanumeric
password. The administrator can add, delete, or modify the list of
users during HMI runtime. Easily select from a user list, then enter
the assigned password to change permissions.
Safety Comes First
Security is a necessity, but it’s just as important to ensure that
the operation of an HMI is conducted in a safe environment. All HMIs
can be temporarily taken offline with the press of a button using
the interlock feature, which monitors the status of a safety bit
when activating potentially dangerous equipment. Other safety
features include the option of a minimum press time before a button
is engaged, or the display of a confirmation window. The Operation
Log feature records each action of the HMI operator to help identify
incorrect action sequences and to reinforce proper HMI operation.
Enhanced Security Features

Manage access to your control system and keep your facility safe.
Our configuration software offers enhanced operational security
features to prevent unauthorized personnel from accessing windows in
the HMI or from operating critical functions including:
- Projects
- Screens
- Objects
- Adding/deleting accounts
- Modifying privileges
- Resetting passwords
- And more
Alphanumeric Usernames and Passwords
-
Identify users by name or functions using alphanumeric
characters
-
Longer alphanumeric login passwords, of up to 32 characters in
length, provide a higher level of security
Add/Delete Users at Any Time
-
Grant access to as many as 128 users, each with a unique
password
-
Temporary users can be added for a specified period of time
-
Usernames and passwords can be added or deleted on the HMI
screen, or from a USB flash drive or SD card using a Function
Key
USB Security Key Login
Login directly with a USB Security Key. Login information can be
stored on a USB flash drive and allow a user to be logged in using a
Function Key.
Project Protection
-
Project Password Feature: Secures a project and
prevents it from being modified without the proper password
-
Project Protection Feature: Sets a unique
password (Project Key) in the project that will cause the
project to run only on specific HMIs that have a matching
password (HMI Key)
-
Disable Upload Function Feature: Disables the
upload function, preventing a project from being uploaded from
your HMI
-
Decompiling Prohibited Feature: Prevents
decompiling of a project
-
XOB Password Feature: Allows you to set a
password when compiling your project to prevent unauthorized
decompiling
Operational Security
-
Password Protection: Stops unauthorized entries
into your HMI application
-
Security Levels: Provide up to 12 levels of
security for various levels of access to critical functions. An
"Access Denied" message can be configured to pop-up if an
attempt is made to access a function without the correct
security level
-
Object Level Security: Apply object level
security so only certain users can have access to the function
of an object
-
Object Security Disabled: An object's security
can be disabled after activation/use
-
Object Warning Message: Displays a warning
message if access to an object is denied
-
Object Invisibility: Set objects to turn
invisible while protected
-
Window Access: Limits access to pop-up windows
and screens, etc
-
Interlock Function: Control the visibility and
functionality of buttons, switches, and displays under PLC
control
-
Monitor User Actions:Record HMI input (such as
the press of a function key/switch, changing screens, or data
entry) or actions taken by the HMI operator along with date and
time of each action, current security level, and the specific
data that was entered. This action log can be viewed on the HMI
or stored in an SQLite database file. This feature enhances
security and helps to determine the sequence of events which may
have led to an operational error
-
Additional Features: Sound output for alarms
and auto logout
Secure Remote Access
-
EasyAccess 2.0: This feature provides a secure encrypted connection to your
HMI from remote PCs or smart devices. A VPN (Virtual Private
Network) connection that is encrypted with SSL (Secure Sockets
Layer) prevents unauthorized access to your HMI. This optional
feature is controlled by the domain administrator, who can limit
access to specific users and HMIs.
-
cMT Viewer:Provides password-protected remote control and monitoring of
select Maple HMIs.
-
Email Protection: Send predefined alarm
messages to a list of designated recipients via email when a
trigger condition occurs. Using the SMTP protocol, the HMI can
be configured to use SPA (Secure Password Authentication) and
authenticate to mail sending servers using SSL or TLS.
-
Hardware Protection: In addition to the
software features above, many Maple Systems HMIs have two
Ethernet ports to allow physical separation between the control
system (internal network) and the outside (corporate) network.
And finally, Maple Systems HMIs use a proprietary operating
system, further protecting the HMI from risk of infection by
viruses or malware that are common to Windows-based platforms.
⇐ Back To Solutions
Please Sign in or Register to continue reading this
solution.