Apparatus, system, and method for providing access security for process control systems

Abstract

Provides access security for process control systems. Current biometric data representing a user may be obtained and compared to stored biometric data representing previously identified users, and access to a process control system may be granted if the current biometric data matches the stored biometric data.

Description

【Technical Field】 【0001】 This disclosure generally relates to access security of process control systems. More particularly, this disclosure relates to access security of process control systems based on biometric data. 【Background Art】 【0002】 Verifying and implementing user authorization to access a process control system generally occupies a large part of the relevant security architecture. In process plant operator applications, system access is typically authenticated each time a user attempts to interact with the process control system. In a typical implementation, the user logs in to the system, and the corresponding user's credentials are cached and stored until the user logs out and another user logs in. 【0003】 When using an electronic signature (ESIG) policy, authorization to access the system can be more complex. For example, it may be necessary to enter a login and password each time a user attempts access. Even more troublesome, two user logins and passwords may be required. Such systems have several issues, namely: 1) if a user leaves without logging out, someone else can perform operations as that person; 2) the user password can be hacked, stolen, or forgotten, and additional password security (complexity, frequency of change, etc.) can make this even more difficult; 3) entering credentials is often slow, repetitive, and painful, and this is even more cumbersome when two signatures for ESIG are required. 【0004】 Related system logins often require sequential input, resulting in wasted time associated with switching input blocks to type the corresponding inputs. This could lead users who are not legally required to use system access authorization to simply turn off security features to avoid the hassle. [Overview of the Initiative] [Problems that the invention aims to solve] 【0005】 What is needed are apparatus, methods, and systems for improving the access security of known process control systems. [Means for solving the problem] 【0006】 A method for operating a process control system for a process plant may include obtaining biometric data of a user authorized to interact with the process control system via a sensor in the user interface. This method may also include comparing the obtained biometric data with stored data of the user authorized to interact with the process control system to determine the user's identity based on the match between the obtained biometric data and the stored data. The method may further include granting user access to the process control system once the user's identity has been determined. 【0007】 In another embodiment, a system for operating a process control system for a process plant includes a communication network, one or more processors connected to the communication network by communication, and one or more processors connected to and storing instructions on them. It may include temporally computer-readable memory. When executed by one or more processors, the instruction can cause the system to acquire biometric data of a user authorized to interact with the process control system via sensors in the user interface. When executed by one or more processors, the instruction can further cause the system to compare the acquired biometric data with stored data of a user authorized to interact with the process control system and determine the user's identity based on the match between the acquired biometric data and the stored data. When executed by one or more processors, the instruction can also cause the system to provide user access to the process control system once the user's identity has been determined. 【0008】 In a further embodiment, a tangible, computer-readable medium can store a number of instructions, which, when executed by one or more processors of a process control system, cause the process control system to acquire biometric data of a user associated with the processing of the process control system using one or more sensors, and to cause one or more processors to determine the level of user authorization based on the acquired biometric data. Further executed by one or more processors of the process control system, the instructions can cause the process control system to provide user access to the process control system when the user's identity has been determined. 【0009】 In yet another embodiment, a system for operating a process control system for a process plant may include a communication network, one or more processors connected to the communication network by communication, and a non-temporary computer-readable memory connected to one or more processors, which stores instructions on which, when executed by one or more processors, causes the system to acquire first biometric data of a first user authorized to interact with the process control system via user interface sensors. By executing the instructions by the processors, the system can compare the first biometric data with the stored data of the user authorized to interact with the process control system and determine the identity of the first user based on the match between the first biometric data and the stored data. By executing the instructions, the system may further acquire second biometric data of a second user authorized to interact with the process control system via user interface sensors, determine the arrangement of one or more limbs or voiceprint of the second user based on the second biometric data, and provide an output signal including the second user's digital signature based on the determined arrangement. By executing instructions by the processor, the system can provide first user access to the process control system based on an output signal once the identity of the first user has been determined. [Brief explanation of the drawing] 【0010】 [Figure 1] Figure 1 shows a block diagram of an exemplary process control system, including access security. [Figure 2] Figure 2 shows an exemplary process control system workstation, including access security. [Figure 3] Figure 3 shows a block diagram of an exemplary process control system workstation, including access security. [Figure 4] Figure 4 illustrates an exemplary method for providing access security in a process control system. [Figure 5]Figure 5 illustrates an exemplary method for providing access security in a process control system. [Modes for carrying out the invention] 【0011】 The apparatus, methods, and systems of this disclosure include a camera and facial and / or gesture recognition Recognition technology can be used. For example, a relevant process control access security system can be trained to recognize a person standing in front of a relevant camera. 【0012】 More broadly, biometric devices (e.g., cameras, fingerprint scanners, microphones) and associated computers can be used to acquire and store previously classified biometric data. This previously classified biometric data can represent process control system users who have been verified to be authorized to access the associated process control system or a portion thereof. Subsequently, when an individual attempts to perform a secure operation, the biometric device can acquire current biometric data, and the associated computing device can compare this current biometric data with the previously classified biometric data to determine whether the individual is an authorized user. For verification purposes, the individual's current biometric data (e.g., images, fingerprints, voice recordings, etc.) can be stored as a record of the user's access to the process control system. 【0013】 Therefore, for example, when a user leaves a process control system workstation and another user attempts to access that workstation, the associated process control system security device can automatically determine that the user has changed. Consequently, there is no risk of incorrect trust information being used in relation to the actions performed. 【0014】 The security verification method for the biometric database in this disclosure can be used as a substitute for a publicly known login session, or a publicly known login session may be combined with manual trust information that replaces the security access based on biometric data. In other words, the security access for the biometric database in this disclosure can be combined with publicly known manual login security to provide an additional layer of security. 【0015】 Assuming that biometric data associated with a user can replace the associated username / password, the associated username / password rules and / or issues can be eliminated. 【0016】 For process control system security requiring electronic signatures (ESIG), gesture recognition can be employed as a form of security system for biometric databases. For example, a gesture can be defined as a temporary, static pose of a user's limbs (e.g., arms, hands, fingers). Thus, in an ESIG system, a distinction can be made between a verifier and a certifier (i.e., using DeltaV Batch terminology). In particular, whenever the relevant individual wishes to access a given process control system, the verifier can use a gesture, for example, by raising their arm, hand, or fingers. Alternatively, biometric data can be generated using voiceprints by adding a voice recording device (e.g., a microphone). When a distinction must be made between users, the verifier utters a word, for example, "verify." 【0017】 The security of the biometric database in this disclosure can be incorporated into other security technologies for further enhanced security. For example, a Host Intrusion Detection (HID) badge or a visual-based badge provided by camera image processing software (e.g., Microsoft Kinect, Microsoft Kinect Application Programming Interface (API)) can be used as additional evidence of identity. Alternatively, facial and / or gesture recognition may be performed in a proprietary manner or using other existing off-the-shelf technologies. 【0018】 In no event can the security devices, methods, and systems of the biometric databases of this disclosure provide more secure logins than known security accesses and enable more effective logins than known security accesses. This allows for more secure initial setup by training access requirements, reduces human error, and enables multiple users to share a set of process control system computers (e.g., workstations, user interfaces, etc.). Thus, process control system users can move between process control system access devices without the risk of using incorrect credentials. 【0019】 Moving to Figure 1, for example, a process control system 10 used to control an industrial process (e.g., a refinery, a pharmaceutical manufacturing process, a power plant, etc.) may include a data historian 14 and a process controller 12 connected to one or more host workstations or computers 16 via a communication network 11. The host workstations or computers 16 may include a first biometric device 18 (e.g., a digital camera, a fingerprint scanner, a microphone, etc.) and a second biometric device 19 (e.g., a digital camera, a fingerprint scanner, a microphone, etc.). The data historian 14 may store, for example, previously classified biometric data. The previously classified biometric data may represent the identity of at least one individual authorized to access the process control system 10. The security of the biometric database of this disclosure can be used to verify and authorize user access to any of the devices illustrated in Figure 1. Furthermore, the security of the biometric database of this disclosure can be used to restrict access to the configuration, monitoring, and / or control of the process control system 10 to authorized individuals only. 【0020】 The host workstation or computer 16 may be any type of personal computer, workstation, etc., each having a display screen 17. The controller 12 may also be connected to field devices 20-27 via input / output (I / O) cards 28 and 29. The communication network 11 may be, for example, an Ethernet® communication network or any other suitable or desirable communication network. The data historian 14 may be any desired type of data acquisition unit having any desired type of memory for storing data and any desired or known software, hardware or firmware. For example, the controller 12 may be a DeltaV® controller or ER5000 controller sold by Emerson Process Management. The controller 12 can communicate with field devices 20-27 using, for example, standard 4-20mA devices and / or any desired hardware and software associated with any smart communication protocol such as the FOUNDATION® Fieldbus protocol, HART® protocol, etc. 【0021】 The field devices 20 - 27 can be any type of process device such as sensors, valves, regulators, transmitters, positioners, etc. that perform a physical function within the process and / or measure process variables. The I / O cards 28 and 29 can be any type of I / O device compliant with any desired communication or controller protocol. In the embodiment illustrated in FIG. 1, the field devices 20 - 23 can be standard 4 - 20 mA devices that communicate with the I / O card 28 through an analog line, or HART devices that communicate with the I / O card 28 through a combined analog and digital line. The field devices 24 - 27 can be smart devices such as Fieldbus field devices that communicate through a digital bus with the I / O card 29 that uses Fieldbus protocol communication. Generally, the Fieldbus protocol can be a fully digital, serial, two-way communication protocol that provides a standardized physical interface to a two-wire loop or bus interconnecting field devices. The Fieldbus protocol can substantially provide a local area network to the field devices within the process, which allows the field devices to execute process control functions using function blocks (e.g., PID function blocks) defined according to the Fieldbus protocol at distributed positions throughout the process facility and communicate with each other before and after the execution of these functions to implement an overall control strategy. Alternatively, or in addition, the field devices 20 - 27 can also comply with any other desired standard or protocol, including any existing or future-developed wired or wireless standard and any existing or future-developed protocol. At distributed positions throughout the process facility, execute process control functions using function blocks (e.g., PID function blocks) defined according to the Fieldbus protocol and communicate with each other before and after the execution of these functions to enable the implementation of an overall control strategy. 【0022】 The controller 12 can include a processor 12a that can implement or execute one or more process control routines (e.g., modules), which can include a control loop (e.g., a PID loop) or a portion of a control loop stored in a computer-readable memory 12b, and can communicate with devices 20-27, host computer 16, and / or data historian 14 to control the process in any desired manner. 【0023】 It should be noted that any of the control routines or elements described herein can, if desired, have portions that are implemented or executed by a processor of a different controller or other device, such as one or more field devices 20-27. Similarly, in the present specification, the control routines or elements implemented within the process control system 10 that are described can take any form, including software, firmware, hardware, etc. A process control element can be any part or portion of a process control system, for example, including a routine or module per block stored in any computer-readable medium. A control routine, which can be any part of a module or control procedure, such as a subroutine, a portion of a subroutine (e.g., a line of code), etc., can be implemented in any desired software format, such as using ladder logic, sequential function charts, function block diagrams, or any other software programming language or design method. Similarly, the control routine can be hard-coded into, for example, one or more EPROMs, EEPROMs, application-specific integrated circuits (ASICs), or any other arbitrary hardware or firmware elements. Additionally, the control routine can also be designed using any design tool, including graphic design tools or any other type of software / hardware / firmware programming or design tool. As a result, it will be understood that the controller 12 can be configured to implement a control strategy or control routine in any desired manner. 【0024】 The controller 12 can implement a control strategy using what are generally called functional blocks, where each functional block is part of an overall control routine (e.g., a subroutine) and works in conjunction with other functional blocks (via communication called a link) to implement the process control loop within the process control system 10. A functional block typically performs one of the following: an input function, such as one associated with a transmitter, sensor, or other process parameter measuring device; a control function, such as one associated with a control routine that performs control such as PID or fuzzy logic; or an output function, which controls the operation of several devices, such as a valve or regulator, to perform several physical functions within the process control system 10. Hybrid and other types of functional blocks exist. Functional blocks can be stored in the controller 12 and executed by them, which is the usual case when these functional blocks are used for or associated with some types of high-function field devices, such as standard 4-20mA devices and HART and Fieldbus devices. Alternatively, or in addition, functional blocks can be stored in the field device itself and executed by it, which may be the case with some types of Fieldbus devices. While the description of the control system in this specification is made using a functional block control strategy, the control strategy, control loop, or module may be defined by other rules, such as ladder logic or sequential function diagrams. This can also be done or designed using, or any other desired programming language or method. 【0025】 As shown in exploded block 30 of Figure 1, the controller 12 includes a number of control loops 32, 34, and 36, with control loop 36 being shown as including an adaptive control routine, i.e., block 38. Each control loop 32, 34, and 36 is typically referred to as a control module. Control loops 32, 34, and 36 are shown as performing single-loop control using single-input / single-output PID control blocks connected to appropriate analog input (AI) and analog output (AO) function blocks, and can be associated with control devices such as valves, measuring devices such as temperature and pressure transmitters, or any other devices in the process control system 10. In the exemplary system of Figure 1, the adaptive control loop 36 includes an adaptive PID control block 38, which determines and provides to apply adjustment parameters to a typical PID routine, and adapts the operation of the PID control routine during the online operation of the control loop 36 when controlling a process, for example, when controlling the operation of a process using valves and / or other control devices, controlling the physical parameters of the process based on measuring signals such as sensor signals indicating measured or sensed process parameters. Although control loops 32, 34, and 36 are illustrated as performing PID control with an input communicatively connected to one AI function block and an output communicatively connected to one AO ​​function block, control loops 32, 34, and 36 can contain more than a single input and single output, and the inputs and outputs of these control loops may be connected to any other desired function block or control element to receive other types of inputs and provide other types of outputs. Furthermore, adaptive control block 38 can implement other types of control strategies such as PI control, PD control, neural network control, fuzzy logic control, model predictive control, or any type of feedforward / feedback control technique. 【0026】 The function blocks shown in Figure 1, such as the PID function block and the adaptive PID function block 38, may be implemented as one or more interconnected function blocks themselves, may be executed by the controller 12, or may be partially or entirely located on any other suitable processing device, such as one of the workstations 16, one of the I / O devices 28 and 29, or one of the field devices 24-27, and executed by them. 【0027】 As illustrated in Figure 1, one of the workstations 16 may include one or more adaptive support routines used to design, control, implement, and / or display an adaptive control block 38 or control loop 36. For example, workstation 16 may include a processor 40 that can generate a user interface that allows a user to input parameters to an adaptive PID control block 38, start, stop, and control the functions of the adaptive control loop 36 or its block, and provide setpoints and other adjustments to the control block 38. Furthermore, workstation 16 may include a routine or block 42 that, when executed by the processor 40, provides process control system access security based on biometric authentication data. 【0028】 Referring to Figure 2, the process control system 200 may include a workstation 217 having a first biometric device 218 (e.g., a digital camera, fingerprint scanner, microphone, etc.) and a second biometric device 219 (e.g., a digital camera, fingerprint scanner, microphone, etc.). For example, the workstation 217 may be either a host workstation or similar to computer 16 in Figure 1. 【0029】 In any case, when individual 211 attempts to access the process control system 200, the current biometric data can be automatically obtained via the first biometric device 218 and / or the second biometric device 219. For example, the current biometric data 215 may represent at least a portion of individual 211 (e.g., face, arms, hands, fingers, voiceprint, gestures). The workstation 217 can automatically compare the current biometric data 215 with previously classified biometric data (e.g., previously classified biometric data stored in the data historian 14 in Figure 1). If the workstation 217 determines that the current biometric data 215 matches previously classified biometric data stored in the data historian 14, the workstation 217 can automatically authorize individual 211 to access the process control system 200. On the other hand, if workstation 217 determines that the current biometric data 215 does not match previously classified biometric data stored in data historian 14, workstation 217 can automatically deny individual 211 access to process control system 200. In either case, workstation 217 can store the current biometric data 215 (along with date / time stamp) as a record of authorization or denial. 【0030】 Moving to Figure 3, the process control system 300 may include a workstation 305. The workstation 305 may be similar to either the workstation or computer 16 in Figure 1 or the workstation 217 in Figure 2. The workstation 305 may include a previously identified biometric data receiving module 315, a current biometric data receiving module 320, a biometric data comparison module 325, a previously identified electronic signature (ESIG) data receiving module 330, a current ESIG data receiving module 335, an ESIG data comparison module 340, a process control system access "level" determination module 345, an electronic signature data receiving module 350, and a user identity data storage module 355, which are stored, for example, in the form of computer-readable instructions on a non-temporary computer-readable medium 310. Modules 315-355 may be similar to, for example, routine 42 in Figure 1. 【0031】 While previously identified biometric data receiving module 315, current biometric data receiving module 320, biometric data comparison module 325, previously identified electronic signature (ESIG) data receiving module 330, current ESIG data receiving module 335, ESIG data comparison module 340, process control system access "level" determination module 345, electronic signature data receiving module 350 and user identity data storage module 355 can be stored in non-temporary computer-readable medium 310 in the form of computer-readable instructions, previously identified biometric data receiving module 315, current biometric data receiving module 320, biometric data comparison module 325, previously identified electronic signature (ESIG) data receiving module 330, current ESIG data receiving module 3 Any one, all, or any combination of the following modules can be implemented by hardware (e.g., one or more discrete component circuits, one or more application-specific integrated circuits (ASICs), etc.), firmware (e.g., one or more programmable application-specific integrated circuits (ASICs), one or more programmable logic devices (PLDs), one or more field-programmable logic devices (FPLDs), one or more field-programmable gate arrays (FPGAs), etc.) and / or any combination of hardware, software and / or firmware. Furthermore, the workstation 305 in Figure 3 may include one or more elements, processes and / or devices in addition to, or instead of, the elements shown in Figure 3, and / or may include two or more, any number, or all of the elements, processes and devices shown. 【0032】 Referring to Figure 4, in the process control system 400, a method for providing access security can be implemented, for example, by a processor (e.g., processor 40 of the workstation or computer 16 in Figure 1) that is running at least a portion of modules 315-355 in Figure 3. In particular, the processor 40 is made to receive previously identified biometric data by running a previously identified biometric data receiving module 315 (block 415). The previously identified biometric data can, for example, represent the identity of at least one individual authorized to access the process control system. The previously identified biometric data may be, for example, image data, voice recording data, fingerprint data, gesture data, etc. The processor 40 can receive previously identified biometric data from, for example, a data historian (e.g., data historian 14 in Figure 1). 【0033】 The processor 40 executes the current biometric data receiving module 320 to allow the processor 40 to receive current biometric data (block 420). Current biometric data can, for example, represent the identity of at least one individual attempting to access the process control system. Current biometric data may also be, for example, image data, voice recording data, fingerprint data, gesture data, etc. The processor 40 can receive current biometric data from, for example, a digital camera, microphone, fingerprint scanner, etc. 【0034】 The processor 40 can execute the biometric data comparison module 325 to allow the processor 40 to compare the current biometric data with previously identified biometric data (block 425). For example, the processor 40 can determine whether the current biometric data matches previously identified biometric data (block 430). 【0035】 If the processor 40 determines that the current biometric data does not match previously identified biometric data (block 430), the processor 40 can deny the individual access to the process control system and receive the current biometric data again (block 420). If the processor 40 determines that the current biometric data matches previously identified biometric data (block 430), the processor 40 can grant the individual access to the process control system, execute the process control system access "level" determination module 345 to determine the access "level" for the individual based on, for example, the individual's role with respect to the relevant process plant (e.g., supervisor, manager, engineer, plant operator, maintenance personnel, etc.) (block 435), and execute the user identity data storage module 355 to cause the processor 40 to store a record representing the individual attempting access and / or related date / time stamp (block 440). For verification purposes, the individual's current biometric data (e.g., image, fingerprint, voice recording, etc.) can be stored, for example, as a record (or "confirmation") of which user is accessing the process control system. 【0036】 As described above, Method 400 may include a program (or module) for execution by a processor. The program (or module) may be implemented as software stored on a tangible (or non-temporary) computer-readable storage medium, such as a read-only compact disk ("CD-ROM"), floppy disk, hard drive, DVD, Blu-ray disk, or memory associated with a personal electronic device (PED) processor. The entire program (or module) and / or parts thereof may instead be executed by a device other than a personal electronic device (PED) processor and / or implemented in firmware or dedicated hardware (e.g., one or more discrete component circuits, one or more application-specific integrated circuits (ASICs)). Furthermore, While an example program (or module) is provided for the flowchart illustrated in Figure 4, many other methods for implementing Method 400 can be used instead. For example, the order in which the blocks are executed can be changed, and / or some of the blocks described can be modified, removed, or combined. 【0037】 Moving to Figure 5, a method for providing access security to the process control system 500 can be implemented, for example, by a processor (e.g., processor 40 of the workstation or computer 16 in Figure 1) running at least a portion of modules 315-355 in Figure 3. For process control system security requiring electronic signatures (ESIG), gesture recognition can be used according to method 500 as a form of a security system for a biometric database. A gesture can be defined, for example, as a temporary static pose of the limbs (e.g., arms, hands, fingers, etc.) of a first user (e.g., verifier) ​​and / or a second user (e.g., confirmer). Thus, in an ESIG system, a distinction can be made between the confirmer and the verifier (i.e., using DeltaV Batch terminology). In particular, a gesture can be used whenever the confirmer and / or confirmer can raise, for example, an arm, hand, or fingers, when the relevant individuals wish to access the communicated process control system. In any case, electronic signatures can be used to meet regulatory compliance efforts (e.g., FDA 21 CFR PART 11, OSHA, ISO 9000, etc.). 【0038】 Alternatively, or in addition, biometric data can be generated using voiceprints by adding a voice recording device (e.g., a microphone). Thus, when distinction is required between users, the verifier can utter a first word (e.g., verify or verifier) ​​and the certifier can utter a second word (e.g., certify or certifier). The processor 40 can perform speech recognition to identify the first user (e.g., certifier) ​​and / or the second user (e.g., verifier). Method 500 can incorporate certifying / verifying operations via digital signatures from, for example, a batch operator interface and a campaign manager. Any operation performed can be configured to require a first username and password (e.g., certifier username and password) and a second username and password (e.g., verifier username and password) to perform. 【0039】 More specifically, the processor 40 executes the previously identified biometric data receiving module 315 to allow the processor 40 to receive previously identified biometric data (block 515). The previously identified biometric data may, for example, represent the identity of at least one individual authorized to access the process control system. The previously identified biometric data may, for example, be image data, voice recording data, fingerprint data, gesture data, etc. The processor 40 can receive the previously identified biometric data from, for example, a data historian (for example, data historian 14 in Figure 1). 【0040】 The processor 40 executes the current biometric data receiving module 320, which allows the processor 40 to receive current biometric data (block 520). Current biometric data can represent, for example, the identity of at least one individual attempting to access the process control system. Current biometric data may also be, for example, image data, voice recording data, fingerprint data, gesture data, etc. The processor 40 can receive current biometric data from, for example, a digital camera, microphone, fingerprint scanner, etc. 【0041】 The processor 40 executes the biometric data comparison module 325, allowing the processor 40 to compare the current biometric data with previously identified biometric data ( (Lock 525). For example, the processor 40 can determine whether the current biometric data matches previously identified biometric data (block 530). 【0042】 If the processor 40 determines that the current biometric data does not match previously identified biometric data (block 530), the processor 40 denies the individual's access to the process control system and can receive the current biometric data again (block 520). If the processor 40 determines that the current biometric data matches previously identified biometric data (block 530), the processor 40 executes the previously identified electronic signature (ESIG) data receiving module 330, which can cause the processor 40 to receive the previously identified ESIG data (block 535). For example, the processor 40 can receive previously identified ESIG data from a data historian (e.g., data historian 14 in Figure 1). The previously identified ESIG data may represent, for example, the identity of at least one individual authorized to access the process control system. The previously identified ESIG data may represent a gesture (e.g., arm gesture, hand gesture, finger gesture, etc.) previously associated with the individual authorized to access the process control system. The processor 40 executes the current ESIG data receiving module 335 to allow the processor 40 to receive the current ESIG data (block 540). The processor 40 executes the ESIG data comparison module 340 to allow the processor 40 to compare the current ESIG data with previously identified ESIG data (block 545). For example, the processor 40 can determine whether the current ESIG data matches previously identified ESIG data (block 550). 【0043】 If the processor 40 determines that the current ESIG data does not match previously identified ESIG data (block 550), the processor 40 can deny the individual's access to the process control system and receive the current biometric data (block 520). If the processor 40 determines that the current ESIG data matches previously identified ESIG data (block 550), the processor 40 can grant the individual access to the process control system, execute the process control system access "level" determination module 345 to determine the access "level" for the individual based on, for example, the individual's role with respect to the relevant process plant (e.g., supervisor, manager, engineer, plant operator, maintenance personnel, etc.) (block 555), and execute the user identification data storage module 355 to cause the processor 40 to store a record representing the individual attempting access and / or related date / time stamp (block 560). For review purposes, the individual's current biometric data (e.g., image, fingerprint, voice recording, etc.) can be stored as, for example, a record (or "confirmation") of which user is accessing the process control system. 【0044】 As described above, Method 500 may include a program (or module) for execution by a processor. The program (or module) may be implemented as software stored on a tangible (or non-temporary) computer-readable storage medium, such as a read-only compact disk ("CD-ROM"), floppy disk, hard drive, DVD, Blu-ray disk, or memory associated with a personal electronic device (PED) processor. The entire program (or module) and / or parts thereof may instead be executed by a device other than a personal electronic device (PED) processor and / or by firmware or dedicated hardware (e.g., one or more discrete component circuits, one or more application-specific integrated circuits (ASICs)). Furthermore, while an exemplary program (or module) is described with respect to the flowchart illustrated in Figure 5, many other methods for implementing Method 500 can be used instead. For example, the order of execution of blocks may be changed, and / or some of the described blocks may be modified, removed, or combined. 【0045】 As described above, the exemplary processes in Figures 4 and 5 can be implemented using encoded instructions (e.g., computer-readable instructions) stored in tangible (e.g., non-temporary) computer-readable media such as hard disk drives, flash memory, read-only memory (ROM), compact discs (CDs), digital multipurpose discs (DVDs), caches, random access memory (RAM), and / or any other storage media, where information is stored for any period of time (e.g., long-term, permanently, short-term, or temporarily for buffering, and / or for information caching). Where used herein, the term tangible computer-readable media is explicitly defined to include any type of computer-readable storage media and exclude propagating signals. In addition, or alternatively, the exemplary processes in Figures 4 and 5 can be implemented using encoded instructions (e.g., computer-readable instructions) stored in fixed computer-readable media such as hard disk drives, flash memory, read-only memory, compact discs, digital multipurpose discs, caches, random access memory, and / or any other storage media, where information is stored for any period of time (e.g., long-term, permanently, short-term, temporarily for buffering, and / or for information caching). In this specification, when the phrase “at least” is used as a transitional term preceding a claim, it is not restrictive, just as the term “including” is not restrictive. Thus, a claim that uses “at least” as a transitional term preceding it may include elements in addition to those explicitly detailed in that claim. 【0046】 The following aspects of this disclosure are illustrative and are not intended to limit the scope of this disclosure. 【0047】 [Aspect 1] A method for operating a process control system for a process plant, comprising: obtaining biometric data of a user authorized to interact with the process control system via a sensor of a user interface; comparing the obtained biometric data with stored data of the user authorized to interact with the process control system; determining the user's identity based on the match between the obtained biometric data and the stored data; and, once the user's identity has been determined, providing the process control system with user access. 【0048】 [Aspect 2] The method according to aspect 1, wherein the acquired biometric data includes an image that includes at least a portion of the user's face, and comparing the acquired biometric data with stored data includes determining the characteristics of one or more faces in the image and comparing the characteristics of one or more faces with stored data of a user authorized to interact with the process control system. 【0049】 [Aspect 3] The method according to aspect 1 or aspect 2, wherein the acquired biometric authentication data includes a voice recording, and comparing the acquired biometric authentication data with stored data includes determining one or more sound characteristics of the voice recording and comparing the one or more characteristics of the voice recording with stored data of a user authorized to interact with the process control system. 【0050】 [Aspect 4] The method according to aspect 3, wherein determining the one or more sound characteristics of the voice recording includes analyzing one or more of the tone, pitch, prosody or frequency associated with the voice recording. 【0051】 [Aspect 5] Granting access to the process control system includes an input to the user interface which is a request for an electronic signature, and the user interface A method according to any one of embodiments 1 to 4, further comprising: acquiring an image of the user via the sensor; determining the arrangement of one or more limbs of the user based on the acquired image; and providing an output signal including the user's electronic signature based on the determined arrangement. 【0052】 [Aspect 6] The method according to any one of aspects 1 to 5, further comprising determining the level of authorization based on the user's identity and switching one or more elements of the user interface based on the determined level of authorization. 【0053】 [Aspect 7] The method according to any one of aspects 1 to 6, wherein granting access to the process control system includes enabling one or more components of the user interface to selectively facilitate one or more changes in response to user input. 【0054】 [Aspect 8] The method according to any one of aspects 1 to 7, wherein granting access to the process control system includes adjusting the setpoint of the process control system to selectively facilitate one or more changes in response to user input. 【0055】 [Aspect 9] The method according to any one of aspects 1 to 8, wherein granting access to the process control system comprises configuring a module of the process control system to selectively facilitate one or more changes in response to user input. 【0056】 [Aspect 10] The method according to any one of aspects 1 to 9, wherein granting access to the process control system includes providing an output signal including the determined identity of the user, thereby facilitating the selective modification of one or more changes in response to user input. 【0057】 [Aspect 11] A system for operating a process control system for a process plant, comprising: a communication network; one or more processors connected by communication to the communication network; and a non-temporary computer-readable memory connected to the one or more processors, which, when executed by the one or more processors, stores instructions causing the system to acquire biometric authentication data of a user authorized to interact with the process control system via a user interface sensor; to compare the acquired biometric authentication data with stored data of a user authorized to interact with the process control system; to determine the user's identity based on the match between the acquired biometric authentication data and the stored data; and, once the user's identity has been determined, to provide the user with access to the process control system. 【0058】 [Aspect 12] The system according to aspect 11, wherein the acquired biometric data includes an image that includes at least a portion of the user's face, and the instruction that causes the system to compare the acquired biometric data with stored data when executed by the one or more processors includes determining the characteristics of one or more faces in the acquired biometric data and comparing the one or more characteristics with stored data of an authorized user associated with the process. 【0059】 [Aspect 13] An aspect in which, when executed by the one or more processors, the instruction that selectively facilitates the one or more steps further causes the system to determine the arrangement of one or more limbs of the user based on the acquired biometric data, and to provide an output signal including the user's electronic signature based on the determined arrangement. The system according to embodiment 11 or embodiment 12. 【0060】 [Aspect 14] The system according to any one of aspects 11 to 13, wherein, when executed by one or more processors, the instruction further causes the system to acquire actions related to the user via the sensors of the user interface, and to provide output signals in response to the acquired actions based on those actions. 【0061】 [Aspect 15] The system according to aspect 14, wherein the output signal includes a command to log off the user from the user interface. 【0062】 [Aspect 16] The system according to any one of aspects 11 to 15, wherein the instruction that, when executed by the one or more processors, selectively facilitates the one or more steps, further causes the system to enable the user to access the process control system via a user interface. 【0063】 [Aspect 17] The system according to any one of aspects 11 to 16, wherein, when executed by one or more processors, the instruction further causes the system to activate a user profile based on the determined identity of the user. 【0064】 [Aspect 18] The system according to any one of aspects 11 to 17, wherein, when executed by one or more processors, the instruction selectively facilitates one or more steps corresponding to user input, causing the system to adjust the setpoint of the process control system. 【0065】 [Aspect 19] The system according to any one of aspects 11 to 18, wherein, when executed by one or more processors, the instruction selectively facilitates one or more steps corresponding to user input, causing the system to configure a module of the process control system. 【0066】 [Aspect 20] A tangible computer-readable medium that stores an instruction, when executed by one or more processors of a process control system, to cause the process control system to acquire biometric authentication data of a user associated with a process of the process control system using one or more sensors, to cause the one or more processors to determine the level of authorization of the user based on the acquired biometric authentication data, and, once the identity of the user has been determined, to provide the user access to the process control system. 【0067】 [Aspect 21] A tangible computer-readable medium according to aspect 20, wherein, when executed by one or more processors of a process control system, the process control system further stores instructions that cause the one or more processors to receive input corresponding to the process from the user, and that, based on the determined level of authorization, allow the one or more processors to selectively facilitate one or more steps corresponding to the input. 【0068】 [Aspect 22] A tangible computer-readable medium according to aspect 21, wherein the input corresponding to the process is a request for an electronic signature, and the instruction which, when executed by the one or more processors, selectively facilitates the one or more steps, further causes the process control system to cause the one or more processors to determine the arrangement of one or more limbs of the user based on the acquired biometric data, and to provide an output signal including the user's electronic signature based on the determined arrangement. 【0069】 [Aspect 23] A tangible computer-readable medium according to either aspect 21 or aspect 22, wherein the instructions, when executed by the one or more processors, selectively facilitate the one or more steps corresponding to the input, further enable the process control system to allow the user to access the process control system via a user interface. 【0070】 [Aspect 24] A tangible computer-readable medium according to any one of aspects 21 to 23, wherein, when executed by the one or more processors, the instruction that selectively facilitates the one or more steps corresponding to the input further causes the process control system to adjust the setpoint of the process control system. 【0071】 [Aspect 25] A tangible computer-readable medium according to any one of aspects 21 to 24, wherein, when executed by the one or more processors, the instructions that selectively facilitate the one or more steps corresponding to the input cause the process control system to further constitute a module of the process control system. 【0072】 [Aspect 26] A system for operating a process control system for a process plant, comprising: a communication network; one or more processors connected by communication to the communication network; and a non-temporary computer-readable memory connected to the one or more processors, which, when executed by the one or more processors, causes the system to acquire first biometric data of a user authorized to interact with the process control system via a user interface sensor; compare the first biometric data with stored data of a user authorized to interact with the process control system; determine the identity of the first user based on the match between the first biometric data and the stored data; acquire second biometric data of a second user authorized to interact with the process control system via a user interface sensor; determine the arrangement of one or more limbs or voiceprint of the second user based on the acquired biometric data; provide an output signal including the electronic signature of the second user based on the determined arrangement; and, once the identity of the first user is determined, provide the first user access to the process control system based on the output signal, storing such an instruction thereon. 【0073】 [Aspect 27] The system according to aspect 26, wherein the first biometric data includes an image that includes at least a portion of the face of a first user, the first user is a verifier, and the instruction that causes the system to compare the first biometric data with stored data when executed by the one or more processors includes determining the characteristics of one or more faces in the first biometric data and comparing the one or more characteristics with stored data of authorized users associated with the process. 【0074】 [Aspect 28] The system according to either aspect 26 or aspect 27, wherein when the instruction is executed by one or more of the processors, the system further causes the system to acquire an action related to the second user via the sensor of the user interface, and based on the acquired action, the system causes the output signal to be output in response to the acquired action, with the second user being a verifier. 【0075】 [Aspect 29] The system according to any one of aspects 26 to 28, wherein the output signal includes a command to log off the first user from the user interface. 【0076】 [Aspect 30] When the instruction is executed by the one or more processors, the system causes the one or more steps to be selectively facilitated, and the The system according to any one of embodiments 26 to 29, further comprising allowing the first user to access the process control system via a user interface. 【0077】 [Aspect 31] The system according to any one of aspects 26 to 30, wherein when the instruction is executed by one or more processors, the system further causes the system to activate a user profile based on the determined identity of the first user. 【0078】 [Aspect 32] The system according to any one of aspects 26 to 31, wherein when the instruction is executed by one or more processors, the system selectively facilitates one or more steps corresponding to user input and causes the system to adjust the setpoint of the process control system. 【0079】 [Aspect 33] The system according to any one of aspects 26 to 32, wherein when the instruction is executed by one or more processors, the system selectively facilitates one or more steps corresponding to user input, and the system configures a module of the process control system. 【0080】 While various functions and / or systems of field devices are described in this specification as “modules,” “components,” or “functional blocks,” it should be noted that these terms are not limited to a single, integrated unit. Furthermore, while the present invention is described with reference to specific embodiments, those embodiments are intended for illustrative purposes only and not to limit the present invention. It will be apparent to those skilled in the art that modifications, additions, or deletions can be made to the disclosed embodiments without departing from the spirit and scope of the invention. For example, one or more parts of the above methods can be performed in a different order (or in parallel) and still achieve the desired results.

Claims

[Claim 1] A method for operating a process control system for a process plant, The method involves obtaining biometric data of a user authorized to interact with the process control system at a first level of authorization via a sensor in the user interface, wherein the obtained biometric data represents the arrangement of one or more limbs of the user. Based on the arrangement of the user's one or more limbs, an output signal including the user's electronic signature is provided. The acquired biometric authentication data is compared with stored data of a user authorized to interact with the process control system. The user's identity is determined based on the match between the acquired biometric authentication data and the stored data, Once the identity of the user is determined, the user is provided with access to the process control system based on the output signal. The current biometric data of the modified user authorized to interact with the process control system at a second level of authorization is obtained via the sensor. The determination of user changes based on the difference between the current biometric authentication data and the stored data, Based on the second authorization level corresponding to the modified user, one or more elements of the user interface are switched to prevent the modified user from performing secure operations within the process control system. A method that includes this. [Claim 2] The acquired biometric data includes an image containing at least a portion of the user's face, and the acquired biometric data is compared with stored data. To determine the characteristics of one or more faces in the aforementioned image, Comparing the characteristics of one or more faces with stored data of a user authorized to interact with the process control system. The method according to claim 1, including the method described in claim 1. [Claim 3] The acquired biometric authentication data includes a voice recording, and the acquired biometric authentication data is compared with the stored data. To determine one or more sound characteristics of the aforementioned audio recording, Comparing one or more sound characteristics of the aforementioned audio recording with stored data of a user authorized to interact with the process control system. The method according to claim 1 or 2, including the method according to claim 1 or 2. [Claim 4] Providing access to the process control system includes requesting input to the user interface, which is a request for the electronic signature. The aforementioned method, The user's image is acquired via the sensor of the user interface, Based on the acquired image, the arrangement of the user's one or more limbs is determined. The method according to any one of claims 1 to 3, further comprising: [Claim 5] Providing access to the process control system includes facilitating the selective modification of one or more changes in response to user input, The aforementioned method, Enable one or more components of the aforementioned user interface. The method according to any one of claims 1 to 4, including the method described in any one of claims 1 to 4. [Claim 6] Granting access to the process control system includes selectively facilitating one or more changes in response to user input, The aforementioned method, Adjusting the setpoint of the process control system. The method according to any one of claims 1 to 5, including the method described in any one of claims 1 to 5. [Claim 7] Providing access to the process control system includes facilitating the selective modification of one or more changes in response to user input, The aforementioned method, To constitute a module of the aforementioned process control system. The method according to any one of claims 1 to 6, including the method described in any one of claims 1 to 6. [Claim 8] Providing access to the process control system includes facilitating the selective modification of one or more changes in response to user input, The aforementioned method, To provide an output signal including the determined identity of the user. The method according to any one of claims 1 to 7, including [Claim 9] A system for operating a process control system for a process plant, Communication networks and One or more processors connected to the aforementioned communication network via communication, When connected to the one or more processors and executed by the one or more processors, the system will The system obtains biometric data of a user authorized to interact with the process control system at a first level of authorization via a sensor in the user interface, and the obtained biometric data represents the arrangement of one or more of the user's limbs. Based on the arrangement of the one or more limbs of the user, the user's electronic signature Provide an output signal that includes the name, The acquired biometric authentication data is compared with the stored data of a user authorized to interact with the process control system. The user's identity is determined based on the match between the acquired biometric authentication data and the stored data. Once the user's identity is determined, the system will provide the user with access to the process control system based on the output signal. The sensor is used to obtain the current biometric data of the modified user authorized to interact with the process control system at a second level of authorization. Based on the difference between the current biometric authentication data and the stored data, a change in the user is determined. Based on the second authorization level corresponding to the modified user, one or more elements of the user interface are switched to prevent the modified user from performing secure operations within the process control system. Non-temporary computer-readable memory that stores instructions on it and A system that includes this. [Claim 10] When executed by the one or more processors, the instruction is further transmitted to the system. The user interface acquires actions related to the user via the sensor, Based on the acquired operation, an output signal is provided in response to the acquired operation. The system according to claim 9. [Claim 11] When executed by the one or more processors, the instruction selectively facilitates one or more steps corresponding to user input, and the system A module for the process control system is configured as follows: The system according to claim 9 or 10. [Claim 12] When executed by one or more processors of the process control system, the process control system One or more sensors are used to acquire biometric data of a user associated with the process of the process control system at a first level of authorization, and the acquired biometric data represents the arrangement of one or more limbs of the user. Based on the arrangement of the user's one or more limbs, an output signal including the user's electronic signature is provided. The one or more processors are used to determine the user's authorization level based on the acquired biometric authentication data. Once the user's identity is determined, the system will prompt the user to provide access to the process control system based on the output signal. The system obtains the current biometric data of a modified user authorized to interact with the process control system at a second level of authorization via one or more of the sensors. Based on the difference between the current biometric authentication data and the stored data of the user authorized to interact with the process control system, the system determines whether the user has changed. Based on the second authorization level corresponding to the modified user, one or more elements of the user interface are switched to prevent the modified user from performing secure operations within the process control system. A tangible, computer-readable medium for storing instructions. [Claim 13] A system for operating a process control system for a process plant, Communication networks and One or more processors connected to the aforementioned communication network via communication, When connected to one or more of the aforementioned processors and executed by one or more of the aforementioned processors, the system will, The system obtains first biometric authentication data of a user authorized to interact with the process control system via a sensor in the user interface, and the obtained biometric authentication data represents the arrangement of one or more of the user's limbs. The first biometric authentication data is compared with stored data of a user authorized to interact with the process control system. The identity of the first user is determined based on the match between the first biometric authentication data and the stored data. The system obtains second biometric authentication data of a second user authorized to interact with the process control system via a sensor in the user interface. Based on the acquired biometric authentication data, the second arrangement of one or more limbs of the second user is determined. Based on the second arrangement, an output signal including the electronic signature of the second user is provided. Once the identity of the first user is determined, the system provides the first user with access to the process control system based on the output signal. Non-temporary computer-readable memory that stores instructions on it. A system that includes this. [Claim 14] The system according to claim 13, wherein when the instruction is executed by one or more processors, the system selectively facilitates one or more steps corresponding to user input, and the system configures a module of the process control system.

Images