This example aims to guide users in understanding and configuring the new “User Management & Access Control” (UMAC) introduced with TIA Portal V19. The focus is set on the configuration process of an S7-1500 PLC, with FW 3.1, in combination with an HMI panel. Additionally, it covers the workflow to set up new users and rights for the OPC UA and web servers running on the controller.
This document covers those security features that have undergone significant changes or that have been added with TIA Portal V19, which includes an update of the security wizard and a new approach to manage users and rights.
Security features with SIMATIC S7-1500 FW 3.1
To mitigate security risks and potential cyberattacks, several settings in SIMATIC controllers are pre-configured providing the highest security level by default. This ensures protection against unauthorized access and guarantees the integrity and confidentiality of communication data, preventing interception or manipulation.
As of TIA Portal V19 and firmware version FW 3.1 (FW 4.7 for S7-1200 PLCs), S7-1500 and S7-1200 controllers use a new and improved approach to manage users, roles and PLC function rights known as “User Management & Access Control” (UMAC).
From the versions mentioned above onwards, project users and their respective rights for all PLCs in the project can be managed from the “Users and roles” tab in the “Security Settings” of the TIA Portal project. This enables operators to assign different rights to the same user, such as access rights to the PLC, the OPC UA server, or the web server, offering a significant advantage by allowing all user management tasks to be handled from a single centralized location.
S7-1500 and S7-1200 controllers have an access control mechanism to restrict user access to specific PLC functionalities.