The bar is set high in the pharmaceutical industry. The requirements of an active ingredient manufacturer in terms of process visualization, which was to be used in the hazardous Ex area, were correspondingly high. In addition, protection against viruses and malicious software code from the office world, which can cause massive damage to process control systems, is a top priority in the pharmaceutical industry.

In view of the pharmaceutical company's stringent requirements, Bartec has developed a new concept based on virtualization of the process control system. The system structure not only offers a high degree of security and flexibility, but also enables cost-efficient implementation. A conventional KVM solution (keyboard/video/mouse) was ruled out from the outset, as the application required maximum flexibility in terms of access to various industrial computers in Ex zone 1.

The Polaris ZeroClients from Bartec are a safe remote HMI series that can be used to operate PCs in Zone 1 in non-Ex areas. The connection is established via the RDP7 (Remote Desktop) protocol for Windows Embedded, a proprietary protocol from Microsoft. It enables the screen content of a remote computer to be displayed and controlled and regulates how the terminal services (Remote Desktop Services) are addressed and used under Microsoft Windows NT. This means that all PC-based process control systems available today can be operated without restrictions from a distance of up to 20 km.

Abuse and viruses don't stand a chance

As the panel PCs in the Ex area do not offer any data interfaces, software and hardware are consistently separated. The display devices are invisible in the network and server services are not available, which means that cyber attacks are no longer an issue. The En-hanced Write Filter (EWF) available for Windows Embedded prevents any physical write access to the system partition of the built-in data carrier, thus eliminating typical security risks such as misuse or virus infections.

The solution is based on the Windows 7 Embedded operating system, which has been specially configured for this application with the ZeroClientShell software developed by Bartec in a user-friendly tile design.

Restricted access

The various remote settings can be made in admin mode - such as the selection of the host.

© Bartec

The functionalities of the Polaris devices are kept to a minimum: For the operator, logging onto the server is automated by pre-configuration and he is only given access to the functions he needs for his activity. The ZeroClientShell has two modes: user mode and administrator mode. User mode is the minimum setting that the user needs for the workflow. This mode is active by default when the device is started. In administrator mode, all available settings for the user, the hardware and the system can be configured. Here, for example, the device is initially set up for the specific network environment. Switching between modes is time-limited. This area is also protected by a password.

Regular patching is often a problem. This is because the installation of correction versions to rectify errors in the operating system, in this case Windows 7 Embedded, incurs costs. The implemented system and client architecture makes patching superfluous. The sophisticated security concept thus reliably protects the process control system without tying up internal resources. As the actual intelligence, i.e. the application of the ZeroClient solution, runs outside the hazardous area, the installation effort is also reduced. The slim panel PCs also help to reduce maintenance costs. On the one hand, necessary work can be carried out in the non-hazardous area with significantly less effort, and on the other hand, the lightweight panels allow for quick replacement and simple reconfiguration in contrast to encapsulated, heavy and pressure-encapsulated embedded variants. This reduces system downtimes to a minimum. Each of these advantages helps to reduce the total cost of ownership.

The visualization systems are approved for use in hazardous areas in zones 1 and 2 as well as 21 and 22. Bartec offers the classic display sizes (15 and 19.1 inches) or wide-screen formats (12 inches, 17.3 inches and 24 inches) with keyboard or touchscreen. The technology ensures optimum contrast even at wide viewing angles. The graphics-capable TFT color displays in 17.3 and 24 inch can display 16.7 million colors in Full HD resolution with 1920 × 1080 pixels. The anti-reflective glass panel has particularly low light reflection and offers maximum transparency and visibility. The resistive touchscreen also allows operation with gloves. All devices have protection class IP65.

Simple installation is made possible by front panel mounting. The devices are optionally available as a complete system solution in a stainless steel housing for wall, floor or table mounting.

The wired electrical connections are made via a terminal compartment with type of protection 'e' (increased safety). This ensures that impermissibly high temperatures and sparks or arcs inside and on external parts of electrical equipment are reliably prevented during normal operation.

Guidance system on 17 inch

Users often want the largest possible displays, but space is a valuable and expensive commodity these days. The customer therefore decided against 24-inch monitors in favor of 17-inch monitors. For the operators, however, this means that they have to live with a reduction in size, as process control systems are optimized for 24 inches as standard. The solution for a high level of user-friendliness: a zoom function that can enlarge important screen areas to 120 or 140 %.

All employees in Ex zones 1 and 2 work with identical Polaris devices with touch screens and a uniform look and feel. This makes it easy to switch between different workstations. What varies, however, is the design: there are devices built into the wall and a mobile solution in a user-friendly, space-saving stainless steel trolley.

Bartec has combined its standard components into a complete package for visualization in hazardous areas, which is characterized by lower investment costs, high availability and flexibility compared to classic KVM solutions. Added to this is a modern security concept and a small footprint.

Author:
Reiner Englert is Product Manager HMI at Bartec.