Posts Tagged ‘File Vaulting’

Electronic Signatures, Workflows, Lifecycles and Security in Aras

May 24, 2012

MarcL: PLM solutions should provide a secure way for electronic sign-off of controlled Parts, CAD documents, specifications and other objects. Please describe how access controls and permissions are combined with meta-data attributes, prevention of modification of released data objects, and other measures, to provide electronic sign-off.

Peter Schroer:

All business objects (Items) within the Aras Innovator platform are controlled by an access rights management service, that complies with the security requirements of our US Gov’t and defense industry customers for “need-to-know” level security.

The security model can be used at the object instance paired with individual user level (only Bob can see Spec#001),  or for simpler administration,  hierarchical groups and roles can be defined which are expressed as patterns that are applied to sets of business objects  (anyone on the Electronics team can see the design files created for the EX-001 new product). Digital rights management (DRM) on the actual files can also be included.

Once the Lifecycle of an Item has advanced to the designated state, the access rights to the Item automatically switch to a Read-only level (normally at Release, but can be anything you specify), that object is completely protected against modifications.

The out-of-the-box CMII compliant processes use the Aras Workflow services with electronic signatures to capture the authorization and approvals.

Once the Workflow has secured the correct votes with signatures,  it automatically promotes the Lifecycle status of the Item to Released (which in turns locks down the access rights).

Approval mechanisms, electronic signatures (passwords and 2nd level passwords or e-signatures), audit trails, and notifications are all standard out-of-the-box capabilities within Aras Innovator.

Aras has built-in capabilities to satisfy regulatory compliance requirements for e-signature such as 21 CFR Part 11 in the Medical Device industry (these settings can be turned on/off of course).

We provide training on how to set-up, administer and customize these capabilities as well.

For additional information on these capabilities see ‘Security Permissions & Access Controls in Aras’ or check out the Posts Tagged ‘Lifecycle’ and ‘Security’.

Lifecycle, Workflow and Other Types of Process Management in Aras

April 23, 2012

MarcL: PLM solution Process Management Workflow functions should work in conjunction with the data Vault and Document Management functionality to provide the ability to define and implement various processes like Enterprise Engineering Change, Part Number Request, Supplier Approval, CAPA / SCAR, etc. based on business rules. Online workflows should be automated in terms of process step advancement, tracking, information distribution, and integrated with a company’s email for alerts and notifications.

Peter Schroer:

The Aras Innovator platform includes 3 primary process automation Web services:  Lifecycle, Workflow and Project.

All three services are integrated with your company’s email systems via SMTP like Microsoft Exchange or Lotus Notes and can send email notifications.  All three of these services are used for the distribution of information, notifications and alerts.

The 3 services differ in how work tasks are distributed to users, and how the scheduling of work is organized.

In Aras Innovator Lifecycle service is comparable to what most commercial PLM systems call “workflow”… it’s about State management,

while our/Aras Workflow service is comparable to an enterprise BPM system (business process manager) and can even be used as a stand-alone BPM system in a corporate SOA based enterprise architecture,  and…

Aras Project service is a stage-gate project scheduling and resource planning web service comparable to Oracle’s Primavera capabilities.

The out-of-the-box Aras solutions have a wide range of predefined processes using these 3 services together for things like change management, program management, etc.

All 3 of these services work with Aras document management and file vaulting capabilities, and our OOTB solutions use them as the basis for everything involving processes.

The Aras Innovator platform includes a graphical solution studio where you can customize and extend these capabilities as well as create entirely new process-based applications that use any combination of Lifecycle, Workflow and Project for your company’s needs.

These 3 process-oriented Web services are integrated hierarchically.   The architectural reason for three services is to simplify the administration of corporate PLM processes by eliminating the compromises and programming required to make a single purpose “workflow” engine fit real-world requirements.

We provide training on how to implement, customize, and optimize the use of these Aras Innovator process capabilities.

Information Release and Data Vault Management in Aras

April 20, 2012

MarcL: When a document or any other type of data is formally released through the PLM solution, the vault must then recognize the file as released as a result of the workflow completion, and provide appropriate control of the document. This should also set the release baseline, and do notification of the change to the designated access group.

Peter Schroer:

The Aras Innovator platform’s Lifecycle and Workflow services are normally used together to coordinate the Enterprise Change and Release processes.

Lifecycle ensures that baselines of configurations are created and frozen (against future changes), and Lifecycle drives the automatic changes in access control rights that your company will need for release processes.

Notifications are handled by Lifecycle (one-way distribution list) and Workflow (certified response required) as required.

The default process templates with the downloaded version of Aras Innovator are the CMII standard processes.

These can of course be modified by your company, and we provide training so you can customize these processes yourself.

For more info on this see posts like ‘Version & Revision Release Levels in Aras’ or check out the Posts Tagged ‘Revision & Version’.

Versioning of Items & Files in Aras

April 19, 2012

MarcL: PLM solutions at a minimum should provide Version tracking for the most recent released revision and previous revs with date/time stamps. A new version should be based on an update of the PLM database which should occur whenever an item is checked into the PLM solution, and also should occur when the user initiates an update, but typically does not need to coincide with the user saving changes on their local disk.

Peter Schroer:

Aras internally used the terms Major_Rev, Minor_Rev and Generation.

The “Version” and “Revision” are just labels that do not impact the underlying web services behaviors.  In our experience, everyone calls it something different;  it’s the defined behaviors that are important. 

CMII revision behaviors are supported by the standard out-of-the-box Aras configuration.

All edits, whether work-in-process or formal releases are tracked in Aras Innovator (these are the Generations), and your company decides which of the increments are exposed to which users.

Once a File is checked-out,   a Generation is reserved,    and that user can make multiple edits which are saved to disk without bumping the Generation.

This Generation behavior is configurable and for security intensive scenarios can be set-up to log every save, but the default settings allow local saves that are not recognized by the PLM system.

For more info on this see posts like ‘Version & Revision Release Levels in Aras’ and ‘Data Relationships and Fixed / Float Rules in Aras

Or check out the Posts Tagged ‘Revision & Version’.

Version & Revision Release Levels in Aras

April 17, 2012

MarcL: PLM solutions must provide support for user-defined multiple release and revision levels, and should be able to assign default release levels based on object types or other attributes, as well as, be able to reset release levels for specific items at check-in by users with appropriate assigned authority.

Peter Schroer:

The out-of-the-box Aras Innovator data model has 3 levels of versioning control on all business items (Major, Minor, and Generation).

Your company can use the three levels to implement just Revisions, or      Revisions + Versions, or    Versions + Revisions + Baselines,    etc.

The exact terminology belongs to you / your company, and you can make it whatever you need. The underlying platform handles the 3 revision levels, and you can use the OOTB setup or configure them however you need.

Our out-of-the-box installation implements the standard CMII processes as defined by the Institute of Configuration Management.

Out-of-the-box Aras supports the ability to assign default release levels based on object types or other attributes as well as the ability to reset release levels for specific items at check-in, and this is easily extended or modified over time as needed.

Each ItemType is linked to a defined Revision sequence (and these can be different for different ItemTypes),  and the standard methodology would be to use the Lifecycle engine to trigger revision changes.  This behavior is driven by CMII standards in the OOTB Aras solutions, and can be easily tailored as needed or applied to add-on solutions or custom solutions that your company develops.

You can quickly enable special scenarios for manual revision changes, over-rides, executive decisions, and other behaviors which occur in the real world – or any combination of these.

Learning how to configure the revisioning rules is covered in the Aras introductory class “Configuring Solutions”, and we provide training on how to customize Aras Innovator for self-sufficient operation to satisfy your company’s on-going requirements.

Multiple Files for a Single Document and Referencing Hard Copy Documents in Aras

April 11, 2012

MarcL: PLM solutions should make it possible to link multiple files to various versions of a managed object so they may be managed, checked-in/out or reported on as unit including view versions (PDFs, docx, CAD, etc.) as appropriate with mark-ups.

And if a company continues to maintain some documents in paper formats or off-site on digital back up, then the indexing capabilities of the PLM solution should be able to reference that data.

Data collections or packages of managed files should be able to be created and referred by a common name or number, and should support folders containing or referencing other folders.

Please describe how this is supported.

Peter Schroer:

Multiple Files for 1 Document Item

One-to-Many relationships from business objects (Document, Part, Folder, etc) to File are standard out-of-the-box in Aras Innovator.

A common example of a use case for this data model rule is allowing a native CAD file and one or more viewable formats of that CAD file to be controlled as a single record.

This OOTB capability is extensible in Aras and can be easily customized to accommodate special circumstances at your company.

aras-plm-document-with-multiple-files

Screenshot Example of an Aras Document Item with Multiple Files Associated

Referencing Hard Copy Data

Often a company continues to maintain some documents and other related data in paper form or off-site in archive (like Iron Mountain) or in digital back-up format, and you need the PLM environment to account for these by indexing and referencing that data.

Out-of-the-box Document Management in Aras allows document control records to exist and be managed through lifecycles without physical files attached.

As a convenience to your end users, you could even add an attribute to the data model to specify the location of the paper drawings (Level effort to add this field is < 1 hour).

Using Folders for Files

The Aras Innovator platform has a Folder item out-of-the-box which is used to group documents, specifications, parts, tooling, etc. that are affected by a single enterprise change order.

If your company wants a more general Folder-style management of documents, then a “Folder” Item can easily be added and used for a wide variety of purposes.

Your Folder item naturally inherits all of the Aras Innovator core platform services and can have security permissions, business rules, lifecycles, workflow routings, etc. applied to them.

Document & File Management Check-in / Check-out, Lifecycle and Security in Aras

April 10, 2012

MarcL: PLM solutions must be able to store, manage, archive, and retrieve digital data at the file level. PLM should enable check-in / check-out which are authorized by the security schemes, and should also allow checkouts to be cancelled if needed. Please describe how this is supported.

Peter Schroer:

Check-in / Check-out and Security

Any digital data in file form can be vaulted and managed by the Aras Innovator vault server, and out-of-the-box Aras supports Check-in and Check-out according to established / authorized security permissions.

All actions and data are controlled by platform-level rights management infrastructure in Aras Innovator for document & file management.

Check-outs can be cancelled by the end-user or an Administrator can override a check-out by clearing the reservation flag.  Additional capabilities can be easily added if needed.

Also, the Aras Innovator security model enforces update and delete actions (CRUD) by user by business object providing the ability for approved users with appropriate security credentials to make changes / delete any incorrect data in the vault as required which further simplifies administration while ensuring that security is enforced.

Lifecycles and Security

The Aras Innovator Lifecycle web service is often used to implement access controls that are based on Status.

Lifecycle status security is a default behavior of Aras solutions.

As business items / objects move through a lifecycle,  the access rights are modified automatically to patterns (sets of permissions for users/roles/groups) appropriate for that state in the lifecycle.

The permission structures and user access can be configured to support multiple, simultaneous company-specific security control structures for work-in-process business items and files.

You can set-up, administer and modify/customize these capabilities yourself and we’ll train you how.

Aras Innovator, High Level Architecture Description

February 27, 2012

 

MarcL: Can you give a basic high-level architecture overview of Aras Innovator covering networking, deployment, security, vaulting, customizing, integrations and other basic info to help understand the technology at a conceptual level?

Aras PLM Solution Studio

Aras Innovator Solution Studio

Peter Schroer:

Aras Innovator is a 100% web services architecture based on open web standards.

The architecture is naturally distributed, and supports implementations ranging from a single server to hundreds of distributed servers.

 

Aras on the Network

Aras Innovator is a 100% Web application tuned to minimize web traffic and network bandwidth requirements for global WAN deployments.

Aras Innovator is tested and certified for acceptable user performance in WAN’s with less than 250ms latency.

In networks with unreliable connectivity or latency > 250ms,       the architecture can be partitioned into multiple separate instances of meta-data and file vaults, with robust logic for moving product data between instances on an as-needed or scheduled rate.

Aras is committed to an open architecture and open standards.      All connections from client-to-server are XML / SOAP and HTTP on Port 80 and HTTPS on Port 443 so the system is ideally suited for secure collaboration across corporate firewalls.

 

Aras Client Approach

Aras Innovator’s out-of-the-box client is a browser application.  This can be used within the firewall or from outside the firewall (Aras customers include the US Army, US Air Force, Lockheed Martin, etc    all connections and data access controls meet the military-grade security requirements of these customers).

As a 100% web-based application there are no client software installations required, and to be clear, all of the PLM system functionality for end-users, administrators and developers is available through the graphical web browser client out-of-the-box.

All connections to the core Aras Innovator web services (either through the client or integrations) are authenticated against internal controls or your company’s Active-Directory / LDAP authentication.

This results in a secure connection for employees inside the building, employees while traveling, and suppliers, customers and business partners.

All user and programmatic access is authenticated, and the user account is mapped to the roles, groups, and data access rights that are appropriate.

Every class of user that logs on to the PLM will see different data, different forms, and different processes appropriate to their roles and permissions.

As a 100% web-based application it is very easy to extend the PLM system to include external users, so that they are participating directly in business workflows, and interacting directly with product structure data with need-to-know level access and visibility.

 

Distributed & Replicated File Vaulting with Aras

Aras Innovator has a single logical vault abstraction so that all files appeared to be stored in a single vault to end-users.

The physical implementation of the vault server supports both distributed and replicated vaulting of any file-based data.

Aras has many customers with global deployments, and the use of Replicated vaulting ensures that files are located as close to the correct end-users as possible.

 

Customizing in Aras

Aras PLM Life Cycle Map

Aras Innovator Life Cycle "State Model" Map

The Aras Innovator architecture is object oriented, with a simple abstraction that allows non-Ph D IT personnel to be efficient in modifying the system.

We call this process Modeling, and it uses a very simple drag-and-drop graphical metaphor for describing the forms, data, rules and processes that are desired in the production system.

The modeling engine executes directly from this model, meaning that on-going changes over time can be made in real-time, by people that have the appropriate level of permissions.

 

Aras Deployment Environments

While changes can be in a running production system, the Aras recommended practice is to install a minimum of 3 Aras Innovator instances:  Development, Test-Staging and Production.

The Aras modeling language is expressed 100% in XML, and tools are provided for migrating new solutions, or solution changes from one system to another.

Your company is able to develop new ideas, forms, processes, data models, etc. within a development instance of Aras Innovator (can be installed on a laptop for example).

Import those models into a Test instance for regression testing and user acceptance testing.

The same models are then imported into the production server, and the production server dynamically re-configures itself to reflect the new and modified solutions.

This technology is unique to Aras, and is one of the primary reasons that Aras Innovator gets selected for complex, large scale PLM deployments.

 

Enterprise Integrations to Legacy Systems with Aras

Most enterprise integrations to existing legacy systems are implemented as pure Web services connections, either point-to-point or with an ESB or EAI broker such as SAP XI/PI, Oracle Fusion or Microsoft BizTalk for example or using Federation.

Older legacy systems that are not Web Services enabled are integrated using any of the tools in the Microsoft .NET environment (ADO, ODBC, API’s, etc) or through old-school file exchange.


%d bloggers like this: