JP2013109619A - Process monitor control system - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a mechanism in the field of process monitor control systems which can improve security by preventing impersonation at the time of user authentication but does not burden a user.SOLUTION: An operation monitor console 10 has a mechanism 16 for acquiring location information of the operation monitor console 10 and portable terminals 36, 38, and the portable terminal 38 has mechanisms 40, 42 for acquiring biometrics information. The process monitor control system transmits the biometrics information to the operation monitor console 10, verifies biometrics, determines whether the difference between the location information of the operation monitor console 10 and that of the portable terminal 38 is within tolerance or not, permits login only if the biometrics match each other and the location information is within the tolerance, acquires location information of the portable terminals at a fixed interval after the login, and performs automatic logout when the location information of the operation monitor console and the portable terminals is out of the tolerance a fixed number of times or more in succession.

Description

  The present invention relates to a process monitoring control system including a process monitoring control device that performs process state monitoring, feedback control, sequence control, and process state monitoring, and an operation monitoring console.

  In the process monitoring control system, it is confirmed by user authentication that the operator has the authority to operate the operation console, and the operation authority is given to perform the operation. As a user authentication method for confirming the identity of the operator, there is generally a method in which an operator inputs a user ID and a password.

  As a related authentication method, Patent Document 1 discloses a technique in which a use card is associated with a mobile terminal in advance, and the use of the card is authenticated by an authentication server that the position of the registered mobile terminal matches the location used. It is disclosed.

JP-A-2005-216210

  However, with the technique described in Patent Document 1, it is necessary to register a personal portable terminal, and it is difficult for a plurality of users to share the portable terminal.

  An object of the present invention is to provide a device that increases safety by preventing impersonation in user authentication and, in addition, provides a device that does not place a burden on the user in the field of process monitoring control systems.

  The process monitoring control system of the present invention includes one or more operation monitoring consoles including processing devices, display devices, and key input devices, and one or more process monitoring control devices including processing devices and process input / output interfaces. In a process monitoring control system comprising a communication line connecting the operation monitoring console and the process monitoring control device, user authentication of an operator who logs in to the operation monitoring console based on position information and biometric information of a portable terminal It has the function to perform.

  The process monitoring control system according to the present invention includes an operation monitoring console on the operation monitoring console, a mechanism for acquiring position information of the mobile terminal, and a mechanism for acquiring biometric information on the mobile terminal. Check if the difference between the location information of the biometrics collation and the operation monitoring console and the mobile terminal is within the allowable error range, and login is allowed only when the biometrics match and the location information is within the allowable error range. To do.

  In addition, after logging in, position information of the portable terminal is acquired at a constant cycle, and automatic logout is performed when the position information of the operation monitoring console and the portable terminal is continuously outside the allowable error range for a certain number of times.

  According to the present invention, in the field of process monitoring and control systems, the security is improved by preventing impersonation in user authentication, and in addition, a mechanism for authenticating without imposing a burden on the user is provided, thereby improving the security of the system. effective.

FIG. 1 is a diagram showing an outline of processing in the process monitoring control system. FIG. 2 is a configuration example of a process monitoring control system. FIG. 3 is a processing flow of the position information setting unit. FIG. 4 is a processing flow of the biometric information setting unit. FIG. 5 is a processing flow of the position information acquisition unit. FIG. 6 is a processing flow of the position information / biometric determination unit. FIG. 7 is a processing flow of the post-login position information determination unit.

  Embodiments of the present invention will be described below with reference to FIGS.

  FIG. 1 shows an outline of processing in the process monitoring control system, and FIG. 2 shows a configuration example of the process monitoring control system. 3 to 7 show the processing flow of the main part of FIG.

  First, in FIG. 2, the process monitoring control devices 110 and 112 include flow rate detection ends 126 and 114 and reaction cans installed in a pipe 132 for supplying raw materials to the reaction can 120 and a pipe 116 for supplying hot / cold water to the jacket 122. 120, and signals from temperature detection ends 124 and 130 installed in the jacket 122 are monitored, and the control valves 128 and 118 are controlled to monitor and control the chemical reaction in the reaction vessel 120 to perform process control to obtain a product.

  The process monitoring control devices 110 and 112 are connected to the operation monitoring console 102 via the communication line 100. Accordingly, the flow rate of the raw material flowing into the reactor 120 detected by the flow rate detection ends 126 and 114 and the flow rate of hot / cold water flowing into the jacket 122 are taken into the operation monitoring console 102 via the process monitoring control devices 112 and 110. The flow values are displayed on the display. In addition, the degree of opening of the control valves 118 and 128 by the process monitoring control devices 110 and 112 is also displayed on the display of the operation monitoring console 102 via the communication line 100.

  Therefore, the operator can grasp the inflow situation of the raw materials and the like into the reaction can 120 and the jacket 122 by monitoring the display screen of the operation monitoring console 102. Further, when the opening degree of the control valves 118 and 128 is to be controlled manually, the control can be performed from the operation monitoring console 102.

  Recently, there has been a tendency to reduce the number of operators and expand the scope of work per person. Utilizing the network infrastructure of telecommunication companies as a means of daily work communication and quick response by operators in the event of an emergency. However, it is supported by mobile phones. From the operation monitoring console 102, various process information can be transmitted to the mobile terminals 36 and 38 through the network infrastructure 34 of the telecommunications carrier company via the host line 108.

  The operation monitoring console 102 is provided with GPS receivers 104 and 106 that communicate with the GPS satellite 45 that is the global positioning system, and the operation monitoring console 102 itself is installed at any position on the earth. Can recognize.

  FIG. 1 shows an information communication method with a driving monitoring console 102, a network infrastructure 34 of a communication company, a GPS satellite 45, and mobile terminals 36 and 38 such as a mobile phone. When logging in to the operation monitoring console 102, the operator inputs biometric information such as fingerprints and facial photographs on the portable terminals 36 and 38, and the operation monitoring operation is performed via the network infrastructure 34 of the communication company. It transmits to the table 102.

  The biometric information of the sent data is compared with the biometric information file 18 to determine whether or not the operator is registered. Further, the position information acquisition unit 16 acquires the position information of the portable terminals 36 and 38, compares the position information stored in the apparatus position information storage unit 20 with the position information of the portable terminals 36 and 38, and the difference is found. Judge whether it is within the allowable error range.

  If the operator is specified and the position information is within an allowable error range, it is interpreted as an operation request from an operable operator, login is permitted, and the operation monitoring console 102 can be operated in accordance with the given operation authority. . After login, the post-login position information determination unit 24 periodically acquires the position information of the mobile terminals 36 and 38, confirms whether the position information with the operation monitoring console 102 is within an allowable error range, and is continuously allowed a certain number of times. If the error is out of range, the user is automatically logged out and the operation is not permitted.

  FIG. 3 shows a processing flow of the apparatus position information setting unit 14 in FIG. This process relates to the acquisition and storage of device position information that is operated and executed by the operator when the operation monitoring console 102 is installed. In step S301, a setting request operation is waited. If there is an operation, the position information acquisition unit 16 is activated in step S302.

  FIG. 4 shows a processing flow of the biometric information setting unit 12 in FIG. This process is executed by an operator's operation. In step S401, an ID is input. In step S402, it is determined whether the ID is an already registered ID or a new ID. If the ID is an existing ID, the operation authority is updated in step S403.

  The operation authority is to set a screen that can be operated according to the operator and an operation that can be operated, and the set operation authority is given to the operator. In step S404, biometrics are taken in, and in step S405, biometric information is updated. If it is a new ID, the ID and operation authority are registered in step S406. In step S407, biometrics are taken in, and in step S408, biometric information is registered.

  FIG. 5 shows a processing flow of the position information acquisition unit 16 in FIG. This process is started from the apparatus position information setting unit 14 or the position information / biometrics determination unit 22 and the post-login position information determination unit 24. In step S501, position information is acquired from the GPS satellite 45 through the GPS receiver 104. In step S502, it is determined whether the processing is started for the purpose of setting the device position information or for the purpose of acquiring the current position information of the portable terminals 36 and 38. In step S503, the acquired position information is stored in the apparatus position information storage unit 20.

  If it is the purpose of acquiring the current position information of the portable terminals 36 and 38, it is determined whether or not login to the operation monitoring console 102 has been performed or not in step S504. In step S505, the acquired position information is transmitted to the position information / biometrics determination unit 22. If login has been completed, the information is transmitted to the post-login position information determination unit 24 in step S505.

  FIG. 6 shows a processing flow of the position information / biometric determination unit 22 in FIG. In step S601, the position information acquisition unit 16 is activated, and the position information of the portable terminals 36 and 38 is acquired. In step S602, the received position information is stored as original position information of the portable terminals 36 and 38. In step S603, the apparatus position information set from the apparatus position information storage unit 20 is taken out, and in step S604, it is compared with the position information of the portable terminals 36 and 38 to determine whether it is within the allowable error range.

  If it is out of the allowable error range, in step S612, the position information has an error is transmitted to the driving monitoring console 102 or the portable terminal 36, 38. The biometric information is acquired, and in step S606, it is compared with the biometric information sent from the portable terminals 36 and 38. Steps S605 to S608 are repeated until the biometric information matches or all the information is compared.

  In step S607, if the biometrics information matches, in step S610, login with the operation authority corresponding to the specified ID is performed, and in step S611, the mobile terminal 36, The identification information of 38 and login user information are stored, and the identification information of the portable terminals 36 and 38 is transmitted to the post-login position information determination unit 24.

  If the biometric information does not match in step S607 and if the comparison with all information is complete in step S608, the biometric mismatch is detected in step S609. , 38.

  Finally, FIG. 7 shows a processing flow of the post-login position information determination unit 24 in FIG. It is started from the position information / biometrics determination unit 22, waits for a specified time in step S701, determines whether manual logout is executed in step S702, and terminates the process if manual logout is executed. If the logout has not been performed, the position information acquisition unit 16 is activated in step S703. In step S704, the received position information is stored as current position information. In step S705, the apparatus position information is extracted. In step S706, the position information error between the driving monitoring console 102 and the portable terminals 36 and 38 is corrected. judge.

  If it is within the error range, the error count storage unit 28 is cleared in step S708, and if it is outside the error range, the error count storage unit 28 is updated in step S707. In step S709, it is determined whether the number of errors is equal to or greater than the specified number. If it is equal to or less than the specified number, the process returns to step S701 to repeat the position information determination.

  In the field of process monitoring and control systems, the present invention is to provide a device that increases the safety by preventing impersonation in user authentication and, in addition, does not place a burden on the user.

DESCRIPTION OF SYMBOLS 10 Operation monitoring console internal mechanism 12 Biometric information setting part 14 Apparatus position information setting part 16 Position information acquisition part 18 Biometrics information file 20 Apparatus position information storage part 22 Position information and biometrics determination part 24 Post-login position information determination part 26 login information storage unit 28 error count storage unit 32 internal mechanism of mobile terminal 34 network infrastructure 36 mobile terminal 38 mobile terminal 40 biometrics acquisition unit 42 biometrics transmission unit 45 GPS satellite 100 communication line 102 operation monitoring console 104 GPS reception unit 106 GPS receiver 108 Host line 110 Process monitoring control device 112 Process monitoring control device 114 Flow rate detection end 116 Pipe 118 Control valve 120 Reactor 122 Jacket 124 Temperature detection end 126 Flow rate detection end 1 8 control valve 130 temperature detection end 132 pipe

Claims (6)

One or more operation monitoring consoles including a processing device, a display device, and a key input device; one or more process monitoring control devices including a processing device and a process input / output interface; the operation monitoring console and the process In a process monitoring control system composed of a communication line connecting a monitoring control device,
A process monitoring and control system having a function of performing user authentication of an operator who logs in to the operation monitoring console based on position information and biometric information of a portable terminal. In the process monitoring control system according to claim 1,
The driving monitoring console includes a positional information acquisition unit that acquires positional information of the driving monitoring console and positional information of the mobile terminal, and a positional information / biometrics determination unit,
The position information / biometrics determination unit of the driving monitoring console is configured to collate biometric information transmitted from the mobile terminal with biometric information stored in a biometrics information file, and the driving monitoring console. Determine whether the difference between the location information and the location information of the mobile terminal is within a predetermined allowable error range;
Only when the biometric information matches and the position information is within the allowable error range, an operator carrying the mobile phone permits the operator to log in to the operation monitoring console. . In the process monitoring control system according to claim 1 or 2,
The process monitoring control system, wherein the portable terminal is a portable terminal shared by a plurality of operators, and has a function of identifying an operator based on biometric information instead of identifying the operator by fixing the portable terminal. In the process monitoring control system according to claim 3,
The function of specifying the operator gives the operation authority of the operation monitoring console and the process monitoring control device along the specified operator by specifying the operator who has operated the shared portable terminal. Process monitoring and control system characterized by having functions. In the process monitoring control system according to claim 1,
Even if the position where the operation monitoring console is installed is moved, the position information is re-registered, and the position information of the operation monitoring console and the position information of the mobile terminal can be determined. Process monitoring and control system. In the process monitoring control system according to claim 1 or 2,
A process monitoring control system characterized by having a function of periodically checking the position information of the portable terminal after logging in and performing automatic logout when it is outside the allowable error range for a specified number of times.

Images