08 July 2013

Security – Who can see your PLM data?


Fundamental to any PLM system is the idea of Access Control and data security. Only authorized personnel can access a PLM system and view or manipulate its contents. This is controlled via a login procedure that includes a user password. Personnel are added to the list of authorized users by the PLM administrator after someone has approved of their specific access rights.

Once access has been granted to users, it must then be determined what operations they can carry out on the PLM system. The simplest (and default) security model which allows all users to carry out any operation is very undesirable and could lead to actions that can destroy or leak vital data.

This scenario requires the development of a Security model which determines which user can carry out which operations. Security models are normally based on two concepts:

1. Roles

2. Organizations

A role in the database would define what the user who is assigned that role is allowed to do. Typical roles are as follows:

1. Viewer – this role would be allowed to view data but not make any alterations or modifications

2. Team Member – this role would be allowed to alter and update a limited subset of the data along with been able to carry out certain operations (e.g. initiate a workflow)

3. Team Leader – this role would be able to do everything that a Team Member could do along with the ability to operate on a larger subset of data and carry out more operations (e.g. progress a workflow, change ownership)

4. Approver – this role would be able to approve certain operations on the data (e.g. approve a release of information)

5. Database Admin – normally limited to a handful of technically qualified people.
Once roles in a database have been defined, the organizations are put in place. These normally mirror actual organizational structure although this is not a necessity. Organizations in a PLM system usually work on specific projects or programs. Once the organization is defined, users are allocated to various organizations and are assigned specific roles.

The final result can be represented in a table as follows:

Within Organization Outside Organization
User Role View Modify Approve View Modify Approve
John Doe Team Leader Y Y Y N N N
Paul Revere Team Member Y Y N N N N
David Earp Approver Y N Y Y N N

So how is security set up in your PLM system? Are all the security capabilities been used to ensure that no intellectual property is destroyed or leaked?


03 July 2013

Configuring a Variant (Part 2)



In the previous post, the concept of variants and configurations was introduced. How can a PLM system help ambitious manufacturers handle the complexity of introducing multiple product variants? In a single sentence, this is achieved by conditional linkages in a BOM structure.


To explain further, consider the example from the last post of the fancy and plain spectacles. Instead of representing the two variants using two separate BOM structures, the variants can be achieved in one BOM structure as follows:

Configuring a variant




By making Condition 1 true (or visible) whilst keeping Condition 2 false (or invisible), the BOM resolves into the Plain Spectacle variant. Inverting this condition resolves the BOM into the Fancy Spectacle variant.


Clearly this is a simple example but a little imagination shows that this can be applied to far more complex situations. If setup correctly, a PLM system can very quickly generate BOM’s for multiple variants. In an organization faced with the challenge of product proliferation, this can be very efficient compared to any other method.


In setting up such structures, a few general guidelines apply:

  1. The conditional links in the BOM should be applied as far down the structure as possible. This reduces common part duplication in lower levels
  2. Conditional links should be set at the same indent level in the BOM hierarchy. If this is not done, BOM resovles can lead to nonsensical results, especially if there are stacked conditionals


How is your organization dealing with variants?