JP2020009219A - Facility management device and method - Google Patents

Abstract

To provide a facility management device and method capable of balancing a safety and work efficiency of an equipment management system.SOLUTION: A facility management device 1 receives an instruction regarding operation of the facility from an operator having a preset authority, and determines whether or not a predetermined condition necessary for executing an instruction, which is set in advance for each attribute of the instruction, is satisfied based on a plant status indicating the operating status of a plant acquired by a plant status acquisition unit 11, an operable status indicating whether or not an operation on the facility 3 acquired by the operable status acquiring unit 12 is possible, information about the authority of the operator, and an attribute of the instruction; and when the condition is satisfied, the facility management device sends an operation signal according to the instruction to the equipment 3.SELECTED DRAWING: Figure 1

Description

  The present invention relates to a facility management apparatus and method, and more particularly to a technique for managing various facilities provided in a facility by a plurality of operators.

  2. Description of the Related Art Conventionally, a device management system represented by a distributed control system (DCS) that manages various facilities provided in a large-scale facility such as an industrial plant or a building by a plurality of operators has been used.

  In such a device management system, when the device management system is started, an operator who is authorized to execute a specific function such as a function for operating plant equipment is selected, and the operator inputs a password and logs in. A specific function is performed. For example, an operator who uses a device management system such as an administrator, an engineer, an operator, or an observer knows only the operator's password corresponding to his / her own authority, and logs in to the system as an operator having a higher authority. (For example, see Patent Document 1).

  However, in the conventional uniform equipment management system as described above, even if an operator who should not have acquired the higher authority, once the password is known, the operator can enter the system as an operator with higher authority. It is possible to log in and perform certain functions of the plant. In addition, even if the operator has appropriate authority, there is a risk that the equipment may be erroneously operated at a timing when the equipment should not be operated, depending on the condition of the plant.

  For example, in the petrochemical plant industry, the retirement of skilled operators is increasing, but the technology transfer is not always sufficient, and there is concern that the on-site ability is declining. Under such circumstances, human errors and lack of knowledge are required not only by human effort but also by systematic storage and safe operation and maintenance of the plant without errors.

  In many cases, safety and work efficiency are in a trade-off relationship, and even if safety is systematically enhanced, an excessive response may be taken depending on the situation, and the work efficiency may be reduced. Therefore, by balancing the appropriate safety and work efficiency for each situation, the safety and ease of use of the device management system can be maintained.

Japanese Patent No. 6243733

  In the conventional equipment management system, even an operator who has appropriate access authority can execute equipment operation based on authority even at the timing when equipment operation should not be performed due to carelessness etc. And could cause a serious accident. On the other hand, in a situation where the plant is shut down, there is a case where it is not necessary to pay much attention to safety. Therefore, in the conventional uniform equipment management system, the balance between the safety of the equipment management system and the work efficiency may not be well balanced.

  The present invention has been made to solve the above-described problem, and has as its object to provide an equipment management apparatus and method capable of balancing safety and work efficiency of an equipment management system.

  In order to solve the above-described problem, a facility management device according to the present invention includes an instruction receiving unit that receives an instruction related to an operation of equipment from an operator having a preset authority, and a managed system in which the equipment is installed. A system status acquisition unit that acquires a system status indicating the operation status of the device, an operable status acquisition unit that acquires an operable status indicating whether an operation on the facility is possible, and an attribute set in advance for each instruction attribute, A first storage unit that stores a predetermined condition necessary for the instruction to be executed, the acquired system status, the operable status, information on the authority of the operator, and an attribute of the instruction. An authentication unit that determines whether a predetermined condition stored in the first storage unit is satisfied based on the predetermined condition. And an instruction execution unit that executes the instruction when it is determined that the condition is satisfied, wherein the predetermined condition is to execute an operation on the facility according to a system status and an operable status. The authentication unit determines that the predetermined condition is satisfied when the authentication of the operator having the level of authority required under the predetermined condition is successful. It is characterized by doing.

  Further, in the facility management device according to the present invention, the second storage unit that stores the system status acquired by the system status acquisition unit, and the operable status of the facility acquired by the operable status acquisition unit A third storage unit for storing, wherein the instruction execution unit is configured to change the system status stored in the second storage unit or the operable status stored in the third storage unit. And an operation signal sending unit that sends an operation signal according to the instruction to the facility when the instruction is an instruction for operating the facility.

  Further, in the equipment management device according to the present invention, the predetermined condition includes a system status change condition for changing the acquired system status, and an operable status change for changing the obtained operable status. It may include a condition and an editing condition for editing the changed system status or operable status.

  Further, the equipment management method according to the present invention includes an instruction receiving step of receiving an instruction related to an operation of the equipment from an operator having a preset authority, and a system status indicating an operation status of a managed system in which the equipment is installed. A system status acquisition step of acquiring an operable status indicating whether or not an operation on the facility is possible, the acquired system status, the operable status, and the operator Whether predetermined conditions necessary for executing the instruction, which are preset for each attribute of the instruction stored in the first storage unit, are satisfied based on the information on the authority of the instruction and the attribute of the instruction. In the authentication step of determining whether or not the predetermined condition is satisfied, it is determined that the predetermined condition is satisfied And an instruction execution step of executing the instruction, wherein the predetermined condition raises a level of authority capable of executing an operation on the equipment according to a system status and an operable status. The authentication step includes determining that the predetermined condition is satisfied when the authentication of the operator having the required level of authority under the predetermined condition is successful.

  According to the present invention, based on the system status indicating the operation status of the managed system, the operable status indicating whether or not the operation on the equipment is possible, the information on the authority of the operator who has input the instruction, and the attribute of the instruction, It is determined whether or not a predetermined condition necessary for executing the instruction, which is set in advance for each attribute of the instruction, is satisfied. Therefore, it is possible to balance the safety of the device management system with the work efficiency.

FIG. 1 is a block diagram illustrating a functional configuration of a facility management device according to an embodiment of the present invention. FIG. 2 is a block diagram illustrating a hardware configuration of the facility management device according to the embodiment of the present invention. FIG. 3 is a flowchart illustrating an operation example of the facility management device according to the embodiment of the present invention.

Hereinafter, a preferred embodiment of the present invention will be described in detail with reference to FIGS.
[Embodiment]
FIG. 1 is a block diagram illustrating a functional configuration of an equipment management system including an equipment management apparatus 1 according to an embodiment of the present invention.

  As shown in FIG. 1, the device management system includes a facility management device 1, a central monitoring device 2, and a facility 3. The equipment management system monitors and controls various facilities installed in factories such as petrochemical plants. The device management system is monitored and controlled by a plurality of operators.

The central monitoring device 2 can integrally monitor and control a plurality of facilities 3 connected via the transmission line L.
The equipment 3 includes, for example, field devices such as valves, pressure sensors, flow meters, and controllers that are installed in a large number of plants. In the present embodiment, the equipment 3 is operated by an operation signal transmitted by the equipment management device 1.

[Function block of equipment management device]
The equipment management device 1 is connected to the central monitoring device 2 and the equipment 3 via a transmission line L. The facility management device 1 receives an instruction input from an operator, determines whether a predetermined condition necessary to execute an operation of the facility 3 according to the instruction is satisfied, and determines whether the condition is satisfied. , An operation signal corresponding to the instruction is sent to the equipment 3. In the present embodiment, the facility management device 1 has a configuration independent of the central monitoring device 2, but the facility management device 1 may be installed in the central monitoring device 2.

  The equipment management device 1 includes an instruction receiving unit 10, a plant status obtaining unit (system status obtaining unit) 11, an operable status obtaining unit 12, an authentication unit 13, a setting unit 14, a storage unit 15, a display unit 16, and an operation signal transmission. A section 17 is provided.

  The instruction receiving unit 10 receives an instruction regarding an operation of the facility 3 from an operator having a preset authority. More specifically, the instruction receiving unit 10 receives an instruction from an operator of the device management system via an input device 108 described later. The device management system is managed by a plurality of operators, and each operator has the authority to perform a task for a role. Examples of the operator include a manager, an engineer, an operator, and an observer.

  The plant status acquisition unit 11 acquires a plant status (system status) indicating the operation status of the plant (managed system) in which the facility 3 is installed. For example, the plant status acquisition unit 11 may receive a signal indicating the plant status of the plant where the facility 3 is installed from the facility 3 or the like via the transmission line L.

  Examples of the plant status acquired by the plant status acquisition unit 11 include “operating”, “periodical repair”, and “start of trial operation”. The plant status acquired by the plant status acquisition unit 11 is stored in a storage unit 15 (second storage unit) described later.

  The operable status acquisition unit 12 acquires an operable status indicating whether or not an operation on the facility 3 is possible. The operable status acquisition unit 12 operates the equipment 3 installed in the plant, for each equipment 3, for each device (not shown) included in the equipment 3, or for each group including the predetermined equipment 3 and equipment. The operable status of the facility 3 targeted by the user is acquired. For example, the operable status acquisition unit 12 may receive a signal indicating the operable status of the facility 3 from the facility 3 or the like via the transmission line L. The operable status acquisition unit 12 stores the acquired operable status in the storage unit 15 (third storage unit).

  For example, when the plant status is “operating”, the default value of the operable status of the facility 3 is “operable”. When the plant status is “periodical repair”, the default value of the operable status is “operable”.

  The authentication unit 13 executes an instruction set in advance for each attribute of the instruction based on the plant status, the operable status, the information on the authority of the operator who has input the instruction, and the attribute of the instruction. It is determined whether or not a predetermined condition required for is satisfied. More specifically, the authentication unit 13 authenticates an operator having an authority level specified in a condition according to a preset condition in order to perform an operation of the facility 3 in response to an operation instruction of the facility 3. Request. The authentication unit 13 authenticates the operator, and determines that a predetermined condition is satisfied when the authentication is successful.

  The attribute of the instruction is a definition of a classification according to the nature of the instruction. Examples include a plant status and an operable status that are further changed and edited.

  The predetermined condition includes raising the level of authority to execute an operation on the facility 3 according to the plant status and the operable status. The predetermined conditions are a plurality of conditions by combining conditions of an individual operator's account, a group sorted by the authority of the account, and a logical product (AND) or a logical sum (OR) of the operators who input the instructions. Just design. The predetermined conditions prepared in advance are stored in the storage unit 15 (first storage unit).

  The predetermined condition includes, for example, a plant status change condition for changing the obtained plant status, an operable status change condition for changing the obtained operable status, and a changed plant status or operable status. Includes editing conditions for changing and editing. The predetermined condition may include a condition setting change condition for changing the condition itself.

  The operable status change condition includes a temporary permission condition for temporarily permitting the operation of the equipment 3. The plant status change condition may also include a temporary permission condition for permitting a temporary plant status change.

  The authentication of the operator having the authority level required by the authentication unit 13 includes, in addition to the above-described password input, input of an account name, biometric authentication of a fingerprint or face, insertion of a physical key, and the like. May be adopted. For example, when the authentication unit 13 requests the input of the password and the account name of the operator, the display unit 16 described later displays information and an input form indicating the authority level of the operator whose authentication is requested under predetermined conditions. Is displayed on the screen.

  The authentication unit 13 sends a signal indicating the determination result to the setting unit 14 or the operation signal sending unit 17 according to the determination result. The setting unit 14 and the operation signal sending unit 17 constitute an instruction execution unit that executes an instruction of the operator.

  The setting unit 14 changes the plant status and the operable status based on the determination result by the authentication unit 13. More specifically, the setting unit 14 rewrites the plant status or the operable status stored in the storage unit 15 according to the instruction received by the instruction receiving unit 10.

  When changing the plant status or the operable status, the setting unit 14 applies the time specification when the instruction receiving unit 10 receives the specification regarding the time to perform the change in addition to the change instruction. Make status changes. For example, the setting unit 14 changes the plant status or the operable status after the elapse of the period specified in the instruction.

  The storage unit 15 stores the plant status acquired by the plant status acquisition unit 11, the operable status acquired by the operable status acquisition unit 12, account information for each operator, and information on predetermined conditions used by the authentication unit 13. I do. The plant status and the operable status are stored together with time information. Further, when the setting unit 14 changes the plant status or the operable status, the storage unit 15 stores a change history. The change history includes information on the operator who has input the instruction.

  The account information for each operator is information in which the account name, password, authentication means, and authority of the operator are associated with each other.

  The display unit 16 displays, on a screen, a predetermined condition used by the authentication unit 13 for determination, an input form for authenticating an operator meeting the predetermined condition, and the like. The display unit 16 may display the plant status acquired by the plant status acquisition unit 11 and the operable status acquired by the operable status acquisition unit 12 on a screen. When the plant status is “periodic repair”, the display unit 16 may display a warning dialog on the screen to call attention to an operator who has input an operation instruction or the like to the equipment 3.

  The operation signal transmission unit 17 transmits an operation signal corresponding to the instruction to the equipment 3 when the instruction received by the instruction reception unit 10 instructs the operation of the equipment 3. A predetermined function in the facility 3 is executed based on the operation signal. For example, when the equipment 3 is a valve, adjustment of the opening degree of the valve is performed. The operation signal sending unit 17 sends an operation signal when the authentication unit 13 determines that a predetermined condition is satisfied.

[Hardware configuration of equipment management device]
Next, a hardware configuration of the equipment management apparatus 1 having the above-described functions will be described with reference to FIG.

  The equipment management device 1 includes a computer including a computing device 102 having a CPU 103 and a main storage device 104 connected via a bus 101, a communication control device 105, an external storage device 106, a display device 107, an input device 108, and the like. It can be realized by a program that controls these hardware resources.

  The CPU 103 and the main storage device 104 constitute the arithmetic unit 102. The main storage device 104 stores in advance programs for the CPU 103 to perform various controls and calculations.

  The communication control device 105 is a control device for connecting the facility management device 1 and various external electronic devices via a communication network NW. The communication control device 105 may receive the plant status or the operable status via the communication network NW.

  The external storage device 106 includes a readable and writable storage medium, and a drive device for reading and writing various information such as programs and data on the storage medium. For the external storage device 106, a semiconductor memory such as a hard disk or a flash memory can be used as a storage medium. The external storage device 106 is an account information storage unit 106a, a status storage unit 106b, a determination condition storage unit 106c, a facility information storage unit 106d, a program storage unit 106e, and other storage devices (not shown). And a storage device for backing up programs, data, and the like stored in the storage device.

The account information storage unit 106a corresponds to the storage unit 15 described in FIG. 1, and stores the above-described account information for each operator.
The status storage unit 106b corresponds to the storage unit 15 described with reference to FIG. 1, and stores the above-described plant status and operable status.

The determination condition storage unit 106c corresponds to the storage unit 15 described with reference to FIG. 1, and stores a predetermined condition used by the authentication unit 13.
The equipment information storage unit 106d stores identification information for identifying the equipment 3 installed in the plant.

  The program storage unit 106e stores various programs for executing the arithmetic processing necessary for the equipment management apparatus 1 to manage the equipment according to the state of the plant, such as the authentication processing and the status change processing in the present embodiment. Have been.

  The display device 107 forms the display screen of the display unit 16 described with reference to FIG. The display device 107 is realized by a liquid crystal display or the like.

  The input device 108 includes a keyboard, a mouse, a touch panel, and the like. The input device 108 receives an operator's key input, a click of an icon or the like, a function or an operation input corresponding to a touch position on the touch panel.

[Operation of equipment management device]
Next, an operation example of the equipment management device 1 having the above-described configuration will be described with reference to the flowchart of FIG.

  Hereinafter, as a specific example, a case will be described in which the operators of the device management system include engineers A, B, and C having engineer authority, a maintenance section manager G, and a team leader T. In addition, the maintenance section manager G and the team leader T both have manager authority higher than engineer authority.

Further, a case where two statuses “operating” and “periodic repair” are present as the plant status will be described.
Further, a case will be described in which there are an operation instruction to the facility 3, an instruction to change the status, and an instruction to edit the changed status as the attribute of the instruction.

  First, the instruction receiving unit 10 receives an instruction regarding the facility 3 input by the operator via the input device 108. When the instruction from the operator is to instruct the operation of the equipment 3 (step S1: YES), the plant status acquisition unit 11 acquires the plant status by receiving a signal from the equipment 3 (step S2).

  Next, the operable status acquisition unit 12 acquires an operable status indicating whether the facility 3 is operable by receiving a signal from the facility 3 (step S3). The obtained plant status and operable status are stored in the storage unit 15 together with time information. Note that the plant status acquisition unit 11 and the operable status acquisition unit 12 may acquire each status stored in the storage unit 15.

  More specifically, the plant status acquisition unit 11 acquires a status of “operating” or “periodic repair” as the plant status in step S2. When the plant status is “operating”, the operable status acquisition unit 12 determines that the equipment 3 is “inoperable” as a default value of the operable status, and when the plant status is “periodic repair,” The facility 3 acquires an operable status indicating that the facility 3 is “operable” as a default value of the operable status.

  If the operable status of the facility 3 is “operable”, the facility 3 can be operated by engineers A, B, and C having at least engineer authority. On the other hand, if the operable status of the facility 3 is “operable”, even the engineers A, B, and C having engineer authority cannot operate the facility 3 alone.

  When the operable status of the facility 3 is “operable” and the instruction receiving unit 10 receives an input for instructing the operation of the facility 3, a predetermined operable status change condition is satisfied. Then, the facility 3 can perform an operation based on the instruction. The operable status change condition includes a temporary permission condition for permitting a temporary operation.

  For example, a case will be described in which a part of the equipment is stopped during operation of the plant to operate the equipment 3, for example, a valve. The engineer B performs an input to instruct the operation of the valve using the input device 108 such as a keyboard. In this case, the plant status acquisition unit 11 acquires the plant status “in operation” in step S2, and the operable status acquisition unit 12 acquires the default value of the operable status “inoperable” in step S3.

  Thereafter, if the operable status is not “operable” (step S4: NO), the authentication unit 13 determines whether or not the operable status change condition is satisfied. (Step S5: YES), the setting unit 14 changes the operable status (step S6).

  According to the specific example described above, since the operable status of the valve is “operable” (step S4: NO), the authentication unit 13 stores the preset operable status change condition in the storage unit 15 in step S5. And determines whether the condition is satisfied.

  The preset operable status change condition is, for example, i) a password input by the maintenance section manager G or the team leader T, or ii) a password input by two or more engineers A, B, and C. I do. The temporary permission condition included in the change condition of the operable status and the change condition of the plant status are also adopted on condition that i) or ii) is satisfied.

  As described above, the operator who has input the operation instruction in the operable status “operable” is the engineer B having only engineer authority. The authentication unit 13 displays the operable status change conditions i) and ii) and the condition input form on the screen via the display unit 16 in step S5. At this time, the display unit 16 may display the operable status change condition and the temporary permission condition so that the operator can select it.

  For example, the engineer B selects the temporary permission condition displayed on the screen of the display device 107 via the input device 108, and obtains, for example, an authentication from the maintenance section manager G according to the displayed temporary permission condition. When the password input from the maintenance section manager G is received in the condition input form displayed on the screen of the display device 107, the authentication section 13 refers to the account information stored in the storage section 15 and checks the maintenance section section G. Authenticate. If the authentication is successful, the authentication unit 13 determines in step S5 that the temporary permission condition i) is satisfied (step S5: YES).

  The authentication unit 13 sends the determination result that the temporary permission condition i) is satisfied to the setting unit 14 in step S6. The setting unit 14 changes the operable status of the valve stored in the storage unit 15 to “operable” based on the determination result. In addition, the setting unit 14 sets a temporary permission period predetermined in the storage unit 15 as the operable status.

  After that, the authentication unit 13 sends a determination result indicating that the temporary permission condition is satisfied to the operation signal sending unit 17. The operation signal transmission unit 17 transmits an operation signal to the facility 3 in accordance with the operation instruction received by the instruction reception unit 10 (Step S7).

  Specifically, the operation signal sending unit 17 sends an operation signal for adjusting the opening degree of the valve to the valve. And the valve which received the operation signal adjusts the opening degree according to the operation signal.

  As a next specific example, since the plant is under periodic repair, the operable status is that all facilities 3 are operable by default, but the period from X / X to X / Y is related to another operation. Consider a case where a specific plant facility (valve) cannot be moved. In this case, an example will be described in which the engineer C changes the operable status “operable” to “inoperable” by specifying the above period.

  When the instruction receiving unit 10 receives an instruction to change the operable status related to the equipment 3 (step S1: NO, step S8: YES), the plant status obtaining unit 11 obtains a plant status (step S9). Thereafter, the operable status acquisition unit 12 acquires the operable status of the target facility 3 (step S10).

  Specifically, the plant status acquisition unit 11 acquires the plant status “periodical repair”, and the operable status acquisition unit 12 acquires the operable status “operable” of the valve.

  After that, the authentication unit 13 determines whether or not the operable status change condition is satisfied. If the operable status change condition is satisfied (step S11: YES), the authentication unit 13 stores the operation stored in the storage unit 15 by the setting unit 14. The possible status is changed (step S12).

  For example, the engineer C obtains, for example, authentication from the team leader T according to the operable status change condition displayed on the screen of the display device 107. When the password input from the team leader T is received in the condition input form displayed on the screen of the display device 107, the authentication unit 13 authenticates the team leader T with reference to the account information stored in the storage unit 15. I do. If the authentication is successful, the authentication unit 13 determines that the operable status change condition i) is satisfied (step S11: YES).

  The authentication unit 13 sends a determination result that the operable status change condition i) is satisfied to the setting unit 14. In step S12, the setting unit 14 specifies the operable status of the valve stored in the storage unit 15 in a period from X / X to X / Y based on the determination result and the received change instruction (step S12). Hereinafter, it may be referred to as a “designated period”) and then changed to “operable”.

  Next, in the processing from step S8 to step S12, after the operable status is changed after designating the period, the designated period is changed due to the change of the scheduled work, and the engineer A restarts the designated period. A specific example of changing (editing) will be described.

  First, when the instruction receiving unit 10 receives an editing instruction for a designated period of the operable status (step S8: NO, step S13: YES), the authentication unit 13 satisfies a predetermined operable status editing condition. Is determined. If the editing conditions are satisfied (step S14: YES), the operable status is updated by the setting unit 14 (step S15).

  More specifically, the authentication unit 13 sets, as editing conditions for the change in the operable status, two or more passwords from among iii) operators having engineer authority including an operator who has issued an instruction to change the operable status. The condition that there is an input is used.

  For example, the engineer A obtains the authentication from the engineer C who issued the original change instruction in accordance with the editing condition of the operable status displayed on the screen of the display device 107. When password inputs from engineers A and C are accepted in the condition input form displayed on the screen of the display device 107, the authentication unit 13 refers to the account information stored in the storage unit 15 and C is authenticated. If the authentication is successful, the authentication unit 13 determines in step S14 that the operable status editing condition iii) is satisfied (step S14: YES).

  The authentication unit 13 sends the determination result that the editing condition iii) is satisfied to the setting unit 14 in step S14. The setting unit 14 changes the operable status of the valve stored in the storage unit 15 based on the determination result in step S14 and the editing instruction received in step S13 (from X month X day to X month X month). Is changed to a period from X / X to X / Z to edit. Thereby, the operable status of the valve in the storage unit 15 is updated (step S15).

  As described above, according to the present embodiment, the facility management device 1 satisfies the predetermined condition for executing the operation of the facility 3 according to the instruction from the operator according to the state of the plant. It is determined whether or not the condition is satisfied, and if the condition is satisfied, an operation signal according to the instruction is transmitted. Therefore, safety and work efficiency in the device management system can be balanced.

  In particular, since the equipment management device 1 according to the present embodiment suppresses erroneous operation at a timing when the equipment must not be operated by an appropriately authorized operator, it is possible to prevent a serious accident beforehand. Becomes

  In the equipment management apparatus 1 according to the present embodiment, the conditions used for the determination are appropriately set so as to suit each user of the equipment management system having different types of business, different scales, different operators, and different safety considerations. Thereby, safety can be ensured while suppressing a decrease in work efficiency as much as possible. In addition, since the conditions used for authentication and determination can be set in detail in accordance with the degree of tolerance for different risks for each user, any user can balance appropriate work efficiency and safety.

  The embodiments of the equipment management apparatus and the equipment management method according to the present invention have been described above. However, the present invention is not limited to the above-described embodiments, and is assumed by those skilled in the art within the scope of the invention described in the claims. Various possible modifications are possible.

  For example, in the embodiments described above, specific examples of the plant status change condition, the operable status change condition, and the edited condition of the changed operable status have been described as the predetermined conditions. Specific examples of the conditions are not limited to these. For example, as the changing condition of the condition setting for changing the predetermined condition itself, for example, iv) one of the maintenance section manager G or the team leader T and one of the engineers A, B, C, the team leader T or the maintenance section manager G May be entered as a condition.

  Also, in the case of the operable status "operable", even if an engineer has an appropriate authority to operate the equipment, a specific engineer can operate the equipment alone without authentication of another engineer. A configuration that cannot perform such operations may be adopted. For example, if engineer A is a veteran operator and is in a position of instructor who knows all of the plant, the condition of a new engineer B that requires the authentication of engineer A in the operation of the equipment is required. May be imposed. In this case, when accepting an operation instruction from engineer A, authentication unit 13 determines that predetermined conditions are satisfied when engineer B and engineer A are authenticated by inputting a password from engineer B. I do.

  DESCRIPTION OF SYMBOLS 1 ... Facility management apparatus, 2 ... Central monitoring apparatus, 3 ... Equipment, 10 ... Instruction reception part, 11 ... Plant status acquisition part, 12 ... Operable status acquisition part, 13 ... Authentication part, 14 ... Setting part, 15 ... Storage Unit, 16 display unit, 17 operation signal transmitting unit, 101 bus, 102 arithmetic unit, 103 CPU, 104 main storage device, 105 communication control device, 106 external storage device, 106a account information storage Unit, 106b: status storage unit, 106c: determination condition storage unit, 106d: facility information storage unit, 106e: program storage unit, 107: display device, 108: input device, NW: communication network.

Claims (4)

An instruction receiving unit that receives an instruction related to an operation of the facility from an operator having a preset authority,
A system status acquisition unit that acquires a system status indicating an operation status of the managed system in which the facility is installed,
An operable status acquisition unit that acquires an operable status indicating whether an operation on the facility is possible,
A first storage unit configured to store a predetermined condition required for the instruction to be executed, which is set in advance for each attribute of the instruction;
Based on the acquired system status, the operable status, the information on the authority of the operator, and the attribute of the instruction, whether a predetermined condition stored in the first storage unit is satisfied An authentication unit for determining whether
An instruction execution unit that executes the instruction when the authentication unit determines that the predetermined condition is satisfied;
With
The predetermined condition includes increasing a level of authority capable of performing an operation on the equipment according to a system status and an operational status,
The equipment management device, wherein the authentication unit determines that the predetermined condition is satisfied when the authentication of the operator having the level of authority required under the predetermined condition is successful. The equipment management device according to claim 1,
A second storage unit that stores the system status acquired by the system status acquisition unit;
A third storage unit that stores the operable status of the facility acquired by the operable status acquisition unit;
Further comprising
The instruction execution unit,
A setting unit that changes the system status stored in the second storage unit or the operable status stored in the third storage unit;
An operation signal transmitting unit that transmits an operation signal corresponding to the instruction to the equipment when the instruction is to instruct the operation of the equipment. In the facility management device according to claim 1 or 2,
The predetermined condition includes a system status change condition for changing the obtained system status, an operable status change condition for changing the obtained operable status, and a changed system status or operable. An equipment management device comprising: editing conditions for editing a status. An instruction receiving step of receiving an instruction regarding an operation of the equipment from an operator having a preset authority,
A system status acquisition step of acquiring a system status indicating the operation status of the managed system in which the facility is installed,
An operable status acquisition step of acquiring an operable status indicating whether an operation on the equipment is possible,
Based on the obtained system status, the operable status, the information on the authority of the operator, and the attribute of the instruction, the attribute is set in advance for each attribute of the instruction stored in the first storage unit. An authentication step of determining whether a predetermined condition necessary for the instruction to be executed is satisfied;
In the authentication step, when it is determined that the predetermined condition is satisfied, an instruction execution step of executing the instruction,
With
The predetermined condition includes increasing a level of authority capable of performing an operation on the equipment according to a system status and an operational status,
The equipment management method according to claim 1, wherein the authentication step determines that the predetermined condition is satisfied when the authentication of the operator having the level of authority required under the predetermined condition is successful.

Images