The MES Solutions designed for the food, beverage and the pharmaceutical
industries need to cover few extra requirements to be used along with eBRS
systems. These requirements are mainly driven by regulatory requirements about
how process data should be stored and protected to be able to be used as part
of batch records.
The US FDA’s CFR 21 Part 11 has become the baseline requirement
for MES system used in these industry even outside the US.
An important section of this regulation is the requirement
for linking records and signatures :
Electronic signatures and handwritten signatures executed to
electronic records shall be linked to their respective electronic records to
ensure that the signatures cannot be excised, copied, or otherwise transferred
to falsify an electronic record by ordinary means
MES Systems generally use Encryption Algorithms for Digital Signatures
to satisfy this requirement. This means anyone who does not have the ‘Private’
key, will not be able to forge the signature and it is assumed that having
access to the Primary Key is not considered ‘ordinary’.
While not explicitly said, using Database level security is
not usually considered enough protection against ordinary tempering of the signature
and that is mostly because of the preventable but prevalent loose security in
DB level in industries.
Engineers frequently ask for and successfully acquire higher
access rights that they needed for commissioning, maintenance and debugging
systems. By having the access rights to add/update/delete records, a user can easily clone signature data if
they are not digitally signed.
No comments:
Post a Comment