Important Announcement
PubHTML5 Scheduled Server Maintenance on (GMT) Sunday, June 26th, 2:00 am - 8:00 am.
PubHTML5 site will be inoperative during the times indicated!

Home Explore 8906_02_Tristation 1131 Project Administration _PG_ RevA.1_NA_Final

8906_02_Tristation 1131 Project Administration _PG_ RevA.1_NA_Final

Published by Nouran Anwer, 2019-11-19 01:29:49

Description: 8906_02_Tristation 1131 Project Administration _PG_ RevA.1_NA_Final

Search

Read the Text Version

Participant Guide Project Administration Lab 6: Specifying TriStation 1131 Options Introduction In this lab, you will specify the TriStation 1131 options including properties that affect the TriStation 1131 interface. Objectives After completing this lab, you can: • Specify directory locations. • Specify drawing colors. • Specify FBD Editor options. • Specify LD Editor options. • Specify CEM Editor options. Lab Procedure Specify Directory Locations 1. On the Tools menu, click TriStation 1131 Options, and then click the Directories tab. 8906 Trident/TriStation 1131 Comprehensive Course 2–51 Schneider Electric Proprietary and Confidential Information © 2019 Schneider Electric Systems USA, Inc. All Rights Reserved

Project Administration Participant Guide 2. Enter the Project Files, Data Files, and Temporary Files paths as follows: Project Files The default path is: Data Files: Temporary Files: • Windows XP/2003: C:\\Documents and Settings\\All Users\\Application Data\\Triconex\\TriStation 1131 4.8.0\\Projects • Windows Server 2008 and Windows 7: C:\\Program Data\\Triconex\\TriStation 1131 4.8.0\\Projects The default path is: • Windows XP/2003: C:\\Documents and Settings\\All Users\\Application Data\\Triconex\\TriStation 1131 4.8.0\\Data • Windows Server 2008 and Windows 7: C:\\Program Data\\Triconex\\TriStation 1131 4.8.0\\Data The default path is: • Windows XP/2003: C:\\Documents and Settings\\All Users\\Application Data\\Triconex\\TriStation 1131 4.8.0\\Temp • Windows Server 2008 and Windows 7: C:\\Program Data\\Triconex\\TriStation 1131 4.8.0\\Temp 3. Click the Use Defaults button to return the settings to the default paths. Note: TriStation 1131 projects must always be run from a local drive. You should not enter directory paths that point to a location on your network. 4. Click OK to save the settings. Specify Drawing Colors 5. On the Tools menu, click TriStation 1131 Options, and then click the Drawing Colors tab. 2–52 8906 Trident/TriStation 1131 Comprehensive Course Schneider Electric Proprietary and Confidential Information © 2019 Schneider Electric Systems USA, Inc. All Rights Reserved

Participant Guide Project Administration 6. In the Drawing Item drop-down list, click an item to be shown in a color. 7. Click Change Colors to display a color palette from which to choose a color for the selected drawing item. 8. Click Default Colors to change the colors of all items to the default colors. 9. Click OK to save the settings. Specify FBD Editor Options 10. On the Tools menu, click TriStation 1131 Options, and then click the FBD Editor tab. 11. Check the Double Space Function (Block) Terminals by Default check box to automatically have the spacing doubled between terminals (inputs and outputs) on the function block, which creates additional space for annotation. 12. Check the Enable EN/ENO Terminals on Functions by Default check box to automatically enable EN/ENO terminals on functions. The default is cleared. 13. Check the Left-Handed Wire Tool check box to enable the wire tool for left-handed use. 14. Click OK to save the settings. 8906 Trident/TriStation 1131 Comprehensive Course 2–53 Schneider Electric Proprietary and Confidential Information © 2019 Schneider Electric Systems USA, Inc. All Rights Reserved

Project Administration Participant Guide Specify LD Editor Options 15. On the Tools menu, click TriStation 1131 Options, and then click the LD Editor tab. 16. Check the Double Space Function (Block) Terminals by Default check box to automatically have the spacing doubled between terminals (input and output parameters) on the function block, which adds space for annotation. 17. Check the Compiler Warning When Right Power Rail is Missing check box to display a compiler warning if the right (power) rail is missing from a Ladder Diagram function. 18. Check the Left-Handed Link Tool check box to enable the link tool for left-handed use. 19. Click OK to save the settings. Specify CEM Editor Options 20. On the Project menu, click TriStation 1131 Options, and then click the CEM Editor tab. 2–54 8906 Trident/TriStation 1131 Comprehensive Course Schneider Electric Proprietary and Confidential Information © 2019 Schneider Electric Systems USA, Inc. All Rights Reserved

Participant Guide Project Administration 21. Check the Cause Header Functions On by Default check box to automatically add input and function columns. 22. Check the Effect Header Functions On by Default check box to automatically add output and function columns. 23. Check the Intersection Functions On by Default check box to automatically add function columns. 24. In the Default Number of Cause Rows field, enter the number of rows to include in a new matrix. 25. In the Default Number of Effect Columns field, enter the number of columns to include in a new matrix. 26. Click OK to save the settings. 8906 Trident/TriStation 1131 Comprehensive Course 2–55 Schneider Electric Proprietary and Confidential Information © 2019 Schneider Electric Systems USA, Inc. All Rights Reserved

Project Administration Participant Guide Managing User Access This section explains how to provide user access to controller and TriStation 1131 operations. Multiple levels of access control help prevent unauthorized access to TriStation 1131. Security Setting The security setting defines the type of authentication used to identify users upon log in. Choose the security setting that is right for your implementation: • Standard Security uses a simple username/password scheme. This is the default setting. • Enhanced Security adds another layer of protection against unauthorized access by requiring Windows domain user authentication. User security levels define what operations a user can perform while using TriStation 1131. Access is based on the security level assigned to the user, from the highest level (01) to the lowest level (10). Each level of security includes default settings for the operation privileges allowed for that level. For example, the Manager level (03) includes privileges for operations associated with managing a TriStation 1131 project. Only users assigned to levels 01, 02, or 03 can access the security controls for controller and TriStation 1131 operations. Each new TriStation 1131 project is created with a default username (MANAGER) and password (PASSWORD). Once you have created a project, you must immediately add at least one more level 01 user. This ensures that if you forget the password for the default level 01 user, you will still be able to log in as the secondary level 01 user, and have the ability to add or modify users, or change the security setting. To ensure unauthorized users do not access the project, you should create a user account for each person who will be working with the project before application development begins, and not allow multiple users to access the project using the default level 01 user information. Note: If a TriStation 1131 project was created by a user with restricted or administrator- level rights in Windows, other users may be unable to access that project. Windows security file access rules apply to all TriStation 1131 project files. Your network or system administrator can assist with changing the access rights for the selected project file and/or file location. Access to a project can be further restricted by settings on documents and operating parameters. If you are trying to edit a user document created by another user, and you unable to do so even when you have the correct user level and access privileges, check the document’s access property. If it is locked, you must ask the user who created the document to change the access property. Note: If you have a Trident 2.x CM installed in your system, access to the controller through TriStation 1131 can also be managed through the optional access control list. 2–56 8906 Trident/TriStation 1131 Comprehensive Course Schneider Electric Proprietary and Confidential Information © 2019 Schneider Electric Systems USA, Inc. All Rights Reserved

Participant Guide Project Administration The topics included are: • “Changing the Security Setting”. • “Managing Users”. • “Recommended Rules for Passwords”. • “Recommended Rules for Passwords” on page 1-71. • “Changing the Security Level for Privileges”. • “Changing Security Level Names”. • “Viewing User Access Logs”. Changing the Security Setting TriStation 1131 uses one of two application-level security settings: Standard or Enhanced. You should choose the security setting you want to use before you begin creating user accounts. You must be a level 01 user to change the security setting. The security setting defines the type of authentication used to identify users upon log in to a project: • Standard Security: When selected, a username and password are required to open the TriStation 1131 project. No other user authentication is required. This is the default setting. If you used a version of TriStation 1131 earlier than 4.7.0, this security setting is the same as the username/password log in used in previous versions. • Enhanced Security: When selected, Windows and TriStation 1131 user authentications are required to log in. The username for each TriStation 1131 user must be the same as the user’s Windows username. Note: If you change the security setting from Standard to Enhanced, make sure that at least one level 01 user has a valid Windows username before closing the project. Failure to do so will prevent you from opening the project again and/or changing the security setting back to Standard. Each TriStation 1131 project has its own security setting. Each time you change the security setting for a project, the change is captured in the project history. If you need to send a project file that uses Enhanced Security to Schneider Electric Technical Support for troubleshooting purposes, you must perform the following: • Make a copy of the project file. • In the copy file, change the security setting to Standard. • Send the copy file (with Standard Security enabled) to Technical Support. Leaving your project file set to use Enhanced Security may prevent technical support personnel from being able to open the project file. 8906 Trident/TriStation 1131 Comprehensive Course 2–57 Schneider Electric Proprietary and Confidential Information © 2019 Schneider Electric Systems USA, Inc. All Rights Reserved

Project Administration Participant Guide Managing Users The Managing Users procedure includes creating, modifying, and deleting TriStation 1131 users. Only users assigned to security levels 01, 02, or 03 can access the Security window and view user access settings. Adding and Modifying User Access You can add or modify access properties for the TriStation 1131 user. If you change an existing user’s logon name, you will also need to enter a new password for the user, or re- enter the user’s existing password. Recommended Rules for Passwords Schneider Electric recommends configuring your Windows domain authentication settings to support the following minimum requirements for passwords as set forth in the NERC Cyber Security standards. Passwords should: • Be a minimum of six (6) characters. • Consist of a combination of alpha, numeric, and special characters. Special characters include the following: ! \" # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \\ ] ^ _ ` { | } ~ • Include at least one number. • Include at least one letter. • Include at least one lowercase letter and one uppercase letter. • Include at least one special character. • Be changed at least annually, or more frequently based on risk. These rules will NOT be validated by TriStation 1131 when you enter or change the user’s password, so it is up to you to ensure user passwords meet these requirements. Schneider Electric recommends you check the latest NERC Cyber Security standards (available at www.nerc.com) for all the latest applicable password requirements. If Enhanced Security is enabled, Windows passwords will be used. As a result, these password rules should be enforced at the Windows domain/Active Directory level. Ask your network administrator for more information about how to enforce requirements for Windows passwords. Note: When Enhanced Security is enabled, all TriStation 1131 passwords are protected from unauthorized read or copy access because they are stored and protected by Windows security mechanisms. This meets the NERC Cyber Security standards regarding password security. However, when Standard Security setting is enabled, this level of password protection is not provided. 2–58 8906 Trident/TriStation 1131 Comprehensive Course Schneider Electric Proprietary and Confidential Information © 2019 Schneider Electric Systems USA, Inc. All Rights Reserved

Participant Guide Project Administration Changing the Security Level for Privileges This section explains how to change the security level required for privileges to controller and TriStation 1131 operations. By default, each operation is assigned a security level, from the highest level (01), to the lowest level (10). Each security level includes a set of privileges for that level, that also includes the privileges for lower levels. For example, if the operation is set to level 04, users with level 01, 02, and 03 privileges also have access to the operation. Only users with level 01, 02, or 03 access can change security level privileges. Note: If a CM is installed in the Trident 2.x controller, access to the controller through the TriStation protocol can also be managed through the optional access control list (Except TCM models 4351 and 4352, that do not have the access control list feature). For example, even if a user has the correct security level privileges to perform a Download All command, if they do not have Read/ Write TriStation access through the TCM or CM, they will be unable to perform the Download All command. Using the Print All command, you can print a Project Security Levels report, that lists the security levels currently assigned to each operation. Changing Security Level Names You can change the names associated with security levels. If you change a name on this tab, it is reflected on the other security tabs. Changing the name does not affect the security level assignments. Table 4 explains the Level Names tab in the Security window: Table 4 Level Level Name Name 01 Corporate Manager 06 Maintenance Manager 02 Site Manager 07 Maintenance Engineer 03 Project Manager 08 Operations Manager 04 Project Engineer 09 Operator 05 Project Programmer 10 Level 10 Viewing User Access Logs When Enhanced Security is enabled, TriStation 1131 keeps a log of all user log in attempts, whether they are successful or not. These access logs are required for compliance with NERC Cyber Security standards. Note: For more information about the Enhanced Security option, see “Change the Security Setting”. 8906 Trident/TriStation 1131 Comprehensive Course 2–59 Schneider Electric Proprietary and Confidential Information © 2019 Schneider Electric Systems USA, Inc. All Rights Reserved

Project Administration Participant Guide TriStation 1131 uses the Windows System Events Log to store the following information about user login and log out attempts: • Successful log in using Windows username and password. • Login failure due to an incorrect Windows username and/or password. • Login attempt cancelled by the user. • Login failure due to the user forgetting to enter their Windows username and/or password (this is referred to as an incorrect parameter error).. • Successful log out (when the user closes the TriStation 1131 project) You can view this log to determine if an unauthorized user is attempting to log in to TriStation 1131 projects. You can also use this log as a troubleshooting tool when helping a user who is having login problems. Note: If you are logged into Windows using a Guest account, you will be unable to view the Windows System Events Log. For more information, see Microsoft Knowledge Base Article 842209 (http://support.microsoft.com/kb/842209). The topics included are: • “View the User Access Log In Windows Event Viewer • “Save the User Access Log to a File”. • “View the User Access Log In Windows Event Viewer”. • “Clear the User Access Log”. Viewing the User Access Log In Windows Event Viewer This procedure describes how to view TriStation 1131 user access information in the Windows System Events Log using the Windows Event Viewer. You must be logged on to Windows as an administrator to perform this procedure. Saving the User Access Log to a File This procedure describes how to save the user access event information to a file. You must be logged on to Windows as an administrator to perform this procedure. When you save a log file, the entire log is saved, regardless of filtering options. You cannot save a log file with just the events related to TriStation 1131. Also, the sort order is not retained when logs are saved. Changing Event Logging Options Using the Windows Event Viewer, you can set the maximum size of the log and specify whether events are overwritten or stored for a certain period of time. The default logging policy is that if a log is full, the oldest events are deleted to make room for new events. Schneider Electric recommends that you change this setting to ensure that user login event information is not lost. 2–60 8906 Trident/TriStation 1131 Comprehensive Course Schneider Electric Proprietary and Confidential Information © 2019 Schneider Electric Systems USA, Inc. All Rights Reserved

Participant Guide Project Administration Clearing the User Access Log When the Windows System Events Log reaches its maximum size, you will see the following error message in TriStation 1131: The event log file is full. You must manually clear all events from the event log file before new entries can be added Note: Clearing the log file will clear ALL application event information, not just events related to TriStation 1131. Schneider Electric highly recommends saving the file prior to clearing it. 8906 Trident/TriStation 1131 Comprehensive Course 2–61 Schneider Electric Proprietary and Confidential Information © 2019 Schneider Electric Systems USA, Inc. All Rights Reserved

Project Administration Participant Guide Lab 7: Managing User Access Introduction In this lab, you will provide user access to controller and TriStation 1131 operations. Multiple levels of access control help prevent unauthorized access to TriStation 1131. Objectives After completing this lab, you can: • Change the security setting. • Manage users. • Add and modifying user access. • Change the security level for privileges. • Change security level names. • Save the user access log to a file. • Change event logging options. • Clear the user access log . Lab Procedure Change the Security Setting 1. On the Project menu, click Security. The Security dialog box appears. 2. On the Security Setting tab, click the setting you want to use: Standard Security or Enhanced Security. Note: If both options are unavailable, you are not a level 01 user. You must be a level 01 user to change the security setting. 2–62 8906 Trident/TriStation 1131 Comprehensive Course Schneider Electric Proprietary and Confidential Information © 2019 Schneider Electric Systems USA, Inc. All Rights Reserved

Participant Guide Project Administration 3. Click OK. 4. If you downgraded the security setting from Enhanced to Standard, this procedure is complete. proceed to step 14 to edit users as needed. 5. If you upgraded the security setting from Standard to Enhanced, proceed to the next step. 6. When prompted, enter your Windows username and password, and then click OK. 7. If your Windows username was previously added to the project user list, and TriStation 1131 was able to successfully authenticate your Windows username and password, this procedure is complete. proceed to step 14 to edit users as needed. 8. If this is the first time you have upgraded the security setting from Standard to Enhanced, and TriStation 1131 was able to successfully authenticate your Windows username and password, the Add User dialog box appears so you can add yourself as a Windows user to the project user list. proceed to the next step. 9. In the Add User dialog box, in the Full Name field, enter or change the user’s full name. 10. In the Description field, enter or change the description for the user (for example, their job title or function). 8906 Trident/TriStation 1131 Comprehensive Course 2–63 Schneider Electric Proprietary and Confidential Information © 2019 Schneider Electric Systems USA, Inc. All Rights Reserved

Project Administration Participant Guide Note: You cannot change the username, because it must be the same as the user’s Windows username. 11. In the Password field, enter the user’s password. This is not the same as the user’s Windows password. You should select a different password, unique to the user’s TriStation 1131 account. See “Recommended Rules for Passwords” for minimum requirements. 12. In the Verify Password field, enter the new password again for verification. Note: You cannot change the security level. Enhanced Security requires at least one level 01 Windows user. 13. Click OK to save your changes. Manage Users This procedure explains how to manage users, which includes creating, modifying, and deleting TriStation 1131 users. Only users assigned to security levels 01, 02, or 03 can access the Security dialog box and view user access settings. Note: If Enhanced Security is enabled, a quick way to prevent a user from accessing TriStation 1131 is to add their Windows user account to the Windows Local Security Policy \"Deny access to this computer from the network\" list. Using the Print All command, you can print a Project Users report, which lists all the users that have been added to the project's user list. 14. On the Project menu, click Security, and then click the Users tab. 15. On the Users tab, click New to create a new user. For further instructions, see \"Adding and Modifying User Access\". 2–64 8906 Trident/TriStation 1131 Comprehensive Course Schneider Electric Proprietary and Confidential Information © 2019 Schneider Electric Systems USA, Inc. All Rights Reserved

Participant Guide Project Administration 16. Click Modify to modify a user. For further instructions, see \"Adding and Modifying User Access\". 17. Click Delete to delete a user. The default level 01 user (MANAGER) can be deleted only if another level 01 user has already been created. If Enhanced Security has ever been enabled (even if it is not the current security setting), you cannot delete the last level 01 Windows user. Note: Unless you have level 01 access, you cannot add, modify, or delete users who have the same or higher security level as yourself. Thus, if you have level 03 access, you cannot add, modify, or delete users with level 03, 02, or 01 access. If you have level 02 access, you cannot add, modify, or delete users with level 02 or 01 access. If you have security level 01 access, you can add, modify, or delete other level 01 users, but you cannot delete yourself. 18. Click OK to save your changes. Add and Modify User Access 19. On the Project menu, click Security, and then click the Users tab. 20. To add a user, click Add. 21. To modify a user, click the username, and then click Modify. 22. Click OK to save your changes. 2–65 8906 Trident/TriStation 1131 Comprehensive Course Schneider Electric Proprietary and Confidential Information © 2019 Schneider Electric Systems USA, Inc. All Rights Reserved

Project Administration Participant Guide Change the Security Level for Privileges 23. In the Project menu, click Security, and then click the Privileges tab. 24. On the Privileges tab, in the Operation Type area, click Controller Operations or TriStation 1131 Operations, depending on the operations you want to specify. 25. In the Operations area, click the operation, and then click the check box for the level of security to be assigned to the operation. − Press Shift and click to select multiple contiguous items − Press Ctrl and click to select multiple non-contiguous items 26. Click OK to save your changes. Note: Because they cannot access the Privileges tab, users with security levels 04– 10 cannot perform the following tasks: Security: Add/modify users, Security: Change level descriptions, Security: Change level privileges. Additionally, you cannot remove privileges from your own security level. For example, if you are a level 03 user, you cannot remove privileges from security level 03. Change Security Level Names 27. On the Project menu, click Security, and then click the Level Names tab. 2–66 8906 Trident/TriStation 1131 Comprehensive Course Schneider Electric Proprietary and Confidential Information © 2019 Schneider Electric Systems USA, Inc. All Rights Reserved

Participant Guide Project Administration 28. Enter the name to associate with each security level. 29. Click OK to save your changes. View the User Access Log In Windows Event Viewer 30. On the Start menu, click Control Panel, and then double-click Administrative Tools. 31. Double-click the Event Viewer icon. The Event Viewer window opens. 32. In the console tree, click Application. Event information appears in the details pane. 33. In the details pane, click the Source column header to sort the events by application. 34. Look for TriStation 1131 as the source type. 35. To view detailed information about a specific event, double-click the event. 8906 Trident/TriStation 1131 Comprehensive Course 2–67 Schneider Electric Proprietary and Confidential Information © 2019 Schneider Electric Systems USA, Inc. All Rights Reserved

Project Administration Participant Guide Save the User Access Log to a File 36. In the Windows Event Viewer, display the event log with the user access information that you want to save to a file. 37. On the Action menu, click Save Log File As. 38. In File name, enter a name for the archived log file. 39. In Save as type, select a file format, and then click Save. − If you archive a log in log-file format, you can re-open it in Event Viewer. Logs saved as event log files (.evt) retain the binary data for each event recorded − If you archive a log in text (.txt) or comma-delimited (.csv) format, you can re- open the log in other programs, such as word processing or spreadsheet programs. Logs saved in text or comma-delimited format do not retain the binary data. Change Event Logging Options 40. On the Start menu, click Control Panel, and then double-click Administrative Tools. 41. Double-click the Event Viewer icon. The Windows Event Viewer appears. 42. In the console tree, right-click Application. The Application Properties dialog box appears. 43. To increase the maximum size of the event log file, enter the value (in KB) in the Maximum log size field. 44. Click Do not overwrite events (clear log file manually). 45. Click OK to save your changes. 2–68 8906 Trident/TriStation 1131 Comprehensive Course Schneider Electric Proprietary and Confidential Information © 2019 Schneider Electric Systems USA, Inc. All Rights Reserved

Participant Guide Project Administration Clear the User Access Log 46. On the Start menu, click Control Panel, and then double-click Administrative Tools. Double-click the Event Viewer icon. 47. The Windows Event Viewer dialog box appears. 48. In the console tree, right-click Application, and then select Clear all events. 49. When prompted to save the log before clearing it, click Yes. 50. Select the location where you want to save the file, and then click Save. The file is saved to your selected location, and the current log file is cleared. 8906 Trident/TriStation 1131 Comprehensive Course 2–69 Schneider Electric Proprietary and Confidential Information © 2019 Schneider Electric Systems USA, Inc. All Rights Reserved

Project Administration Participant Guide 2–70 8906 Trident/TriStation 1131 Comprehensive Course Schneider Electric Proprietary and Confidential Information © 2019 Schneider Electric Systems USA, Inc. All Rights Reserved


Like this book? You can publish your book online for free in a few minutes!
Create your own flipbook