|<< last||Directory||next >>|
The security of a system can be expressed under several aspects:
The sprinkler system can be considered a low-security system. Attacks to the people from the outside are not very likely, therefore only very little security mechanisms have to be implemented. As it is highly recommended that a single computer is dedicated to run Lazy Grounds keeper, and only this program, a network connection that would impose a possible weakness, is neither necessary nor recommended. Unauthorized access at the system itself however is something different. Since simple viewing the schedule and current activity is not considered harmful, those functions will not be protected.
All setup functions (schedule, setup modes, preferences, ...) will require an authorized user with appropriate privileges. These users can be setup within the setup mode, where a section for setting up users and equipping them with appropriate privileges will be included. The privileges will be organized hierarchical in the following order: change physical zones, create and change users > change logical zones, change preferences on weather effects > change schedule, change preferences on units > view mode.
Every user is supposed to get equipped with a personal login name and a unique password, and while setting this up, privileges will be assigned. Depending on the contract with the customer, some privileges may not even be available to anybody in the customer's domain but only to some employees of the manufacturer. The reason to do this might be to prevent unexperienced staff at the customer's site to tamper with a system they do not fully understand.
Whenever a user is logged in, a certain inactivity timeout should be specified such that the system falls back to view mode if no input was given for a certain amount of time.
The system should include plausibility checks on several levels. This might include warnings that different settings contradict each other or are not possible to execute due to physical limitations, for example the simultaneous use of all sprinklers if the pump can only sustain half of them.
If for some reason the system crashes, the grounds keeper needs some way of getting informed about this. Unlike a usual application software which interacts with the user all the time, a crash on the sprinkler system might not be noticed at once as the grounds keeper can not be expected to supervise the systems status at all times. A good way for such a status report would be some external status light, a big green light for example that could be mounted at a position where the grounds keeper can easily see it without actually checking the system's monitor. A good place for example would be outside the grounds keeper's shed. This light will only light while receiving some status signal from the system, possibly realized using a simple relay, which is default off and switches to "on" on a certain input line. This would also have the advantage that a case of general power breakdown could be detected: no electricity, no light.
See "External interfaces - rest state" for more information about the system's behaviour in case of a power fault.
|<< last||Directory||next >>|