Jump to content
  • entries
    7
  • comments
    18
  • views
    16,150

Hey, you - what's the password?

Sign in to follow this  
Phil Salkie

3,254 views

One of the requirements I frequently find in customer specifications is that Operator Terminals shall have eight hierarchical levels of password protection. The idea there is that an operator, for example, enters the level 1 password to do operator things, and a supervisor can enter a level 2 password to do anything the operator can do, plus supervisor stuff. I have yet to actually see an application where all eight levels were used for anything, but somebody somewhere once decided that eight would be the number, and it's now engraved in stone.

So, when I started using the V570, one of the first things I did was to come up with a way to implement those eight levels of password, In today's blog entry I'll walk through creating and implementing a multi-level password system, and throw in automatic screen-blanking and a password-protected "Info Mode" for good measure.

I always like to start by defining as many PLC variables as I can, so that as I program I can immediately tell if I've made a typo as I enter operand addresses. So, let's define eight MIs to store the passwords for level 1 through 8 (we'll use MI271 through 278) plus another for the user to enter their password into (MI270). (I usually set the passwords permanently using "Power Up Values" in the Operands table - you could also permanently set only the level 8 password, then make a level 8 password protected page to let the user change the values for the first 7 levels.) We'll define eight MBs for the password status - is level 1 enabled, or level 2 enabled, and so on, at MB271 through 278, plus a "Process Password" bit at MB270 and a "Clear Password" bit at MB279. As it happens, the password status bits will actually be logically inverted - Level 2's bit will be OFF if the level 2 password has been entered (as will Level 1's bit.) The reason for this has to do with the way screen items are controlled, which we'll see a bit later.

VisiLogic supports a blind entry field, which allows the user to type in a password that is not shown on the screen - that was obviously built with password entry in mind, so that's what we'll use. Here's a screen with a place to enter the password, a multi-text to show which level of password is currently active, and a button to cancel the password level. (We will put that same multi-text on our menu screen, to show what level is entered, and if no password has been entered yet, to prompt the user to put in a password.)

pwd1.png

Now, if we have a display component we want to password protect, there are two different ways we might protect it. The most obvious thing is to just make it disappear from the screen if the entered password is not sufficient. That's what the "Hide" variable does for us - we put the MB corresponding to the desired level into the "Hide" field, and if the user has not entered a password at or above that level, the display item will just not show up on the screen. Since the control variable is "Hide" rather than "Show", we make our password bits normally ON, and turn them OFF when the password gets entered.

pwd2.png

That's great for hiding a menu button that takes us to some restricted configuration page, but what about when I want to let a lower-level user see a value, but not be able to change it without entering a password? That's where the "Disable view" variable comes in. A variable whose "Disable view" bit is on will still show up, but it will be shown in the "Disable view" color (gray by default.) Once the proper password is put in, the variable will then show in its selected color (I usually use blue for variables which can be set by the user) and will be active to touch.

pwd3.png

Now that we've figured out how our screens will work, let's look at the associated ladder code. Here's the first part of a series of rungs which check the entered password against the various stored passwords, and determines which level has been entered (if any):

pwd4.png

Here we convert that number to a pattern of eight bits for the various levels:

pwd5.png

And on this rung, we put in a timeout so that if the password has been entered for more than a preset time, we clear it back out:

pwd6.png

As I mentioned above, it would also be nice to prevent the user from accidentally switching to the Info Mode password screen (that's caused by touching a blank area the screen for a few seconds.) We can disable Info Mode by putting a Zero into SI 50 - but we'll want to be able to get into Info Mode somehow, so we can re-enable it when a level eight password is entered. I've also put in a 10 second "back door" timer so that Info Mode is enabled for a short time just after power-up - that way, if something goes wrong with the passwords, I can still get into Info Mode:

pwd7.png

And, lastly, here's a rung which turns off the backlight if the screen hasn't been touched for five minutes - that's less important on the LED backlight than on the CFL, but it's still not a bad idea to turn it off when not in use - I also re-enable it if an unacknowledged alarm is present (indicated here by MB 197):

pwd8.png

This is a downloadable link to a V570 application file containing all these items - it has been released into the public domain, feel free to use it as a starting-point for making your own V570 projects.

To learn more about Howman Controls, visit our web page at www.howman.com

Sign in to follow this  


3 Comments


Recommended Comments

Working as a support engineer, I have noticed quite a few customers looking for this "multi-level" password feature. Now we have a nice walk through and example to point them to!

Share this comment


Link to comment

Thanks! Glad to help - I've just posted an updated project file and a new screenshot for the Info Mode rung, I had "Level 2" instead of "Level 8" in the comment and on the first line of ladder.

Share this comment


Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
http:///