Data Sheet for Product
Regulated Facility Solution Set Matrix
© Siemens 2012-2021. All rights reserved.
A6V12092145_enUS_b
April 5, 2021
Regulated Facility
Firmware
Desigo CC Software
Datamate Advanced Software
Network
Protection of Records,
cont.
PPCL
At the field panel, PPCL programs
are stored in the
EEPROM memory
and protected from data loss by
battery within the field panel. The
ability to change PPCL programs is
restricted by ALN Access and
Privileges. It is recommended that
access capability be disabled.
The ability to change PPCL is restricted by Access and Privileges. It is
recommended that access capability be limited to a single individual
and their supervisor. It is recommended that PPCL modifications be
accomplished through Desigo CC to ensure a complete audit trail of
changes.
The ability to change PPCL is restricted by Datamate Advanced Access
and Privileges. It is recommended that access capability be limited to a
single individual and their supervisor.
Records of changes made using Datamate Advanced software must be
printed periodically for secure, long-term storage. Records can be printed
to paper or saved as PDF files.
Audit Trails
11.10 (e)
BACnet (Firmware) is an open
communication protocol that
supports changes from devices
external to the system. These types
of changes do not leave an audit
trail. The BACnet network must be
secured procedurally to prevent
users at external devices from
making changes.
Desigo CC software provides an automatic audit trail of any changes
made to, Point Definitions and other critical objects designated for
enhanced audit trails. The Desigo CC application captures and
documents changes to TALON Automation System operations.
Desigo CC software will acquire records as they are created, lock
them down in a secure database, provide the ability to retain them for
a user definable and/or indefinite time and provide modern reporting
functionality. Desigo CC software manages system activity and
operator transaction records.
Datamate Advanced software provides an audit trail of any changes made
to PPCL, Point Definitions and other critical point modifications executed
via Datamate Advanced.
Records of changes made using Datamate Advanced software must be
printed periodically for secure, long-term storage. Records can be printed
to paper or saved as PDF files.
Not Applicable
System Security
11.10 (d), 11.10 (f),
11.10 (g), 11.10 (h),
11.10 (j), 11.10 (k),
11.30
Password security and physical
security must be enabled at the field
panels. It is recommended that a
binary door monitoring switch be
added to each field panel used to
collect information. This
demonstrates compliance with US
FDA regulations and that the ALN
system access is limited to a single
individual and their supervisor.
Systems that use Desigo CC flex clients and click-once clients must
incorporate additional security authentication measures, encryption
mechanisms, firewall, and/or SSL (secure socket layer) type
technologies into building automation design.
Access to the system is controlled using Windows integrated security.
Users do not have to manage a unique set of usernames and
passwords. Using each individual’s domain account name and
password; the system can detect user access and can grant them
access to only those functions they are authorized to use.
Access to the system is controlled using Windows integrated security. Users
do not have to manage a unique set of usernames and passwords. Using
each individual’s Windows account name and password; the system can
detect user access and can grant them access to only those functions
they are authorized to use. This access control is used to determine what
functions a user can use, what they can view, print or otherwise have
access.
Access rights to system records,
reports, report templates, and client
applications are all controlled using
Windows integrated security.
Windows integrated security is
designed and configured properly to
limit system access through an
SOP.
Electronic Signatures
11.50(a)(b), 11.70,
11.100, 11.200,11.300
Not Applicable
Not Applicable
Not Applicable
PDF based report output option can
be combined with Adobe’s or a
third-party signature handler and\ or
a document management system.
Establish Procedures
11.10(j)
The customer must develop their own Standard Operating Procedures (SOPs) for the proper use and operation of the BAS. Siemens recommends that the following SOPs be developed for a customer site: System Operating
Procedures, Backup Procedures, Change Control/Upgrade Procedures, Hardware Maintenance Procedures, Calibration Procedures, Software Maintenance Procedures, System Security Procedures, Training Procedures,
Electronic Records/Data Management Procedures, Incident Management Procedures and Disaster Recovery Procedures.
Control Documents
11.10(k)
The customer must have the required documentation available and protected. Revision and change control procedures should be in place for all the required documentation. The list of the required documentation includes, but is
not limited to: User Requirements, Functional Specification, Configuration Specifications, Operations and Maintenance Manuals, Training Records, Calibration Records, System Drawings, Completed Protocol Documents, System
Acceptance and Sign-off and Maintenance Records.