Estimated reading time: 5 minutes

Elementary, Mr. Watson: PCB Data Management and Security

As a grandfather of six grandchildren, one of my great joys is spending time with them. There is nothing better than spending an afternoon at the park and especially playing on the teeter-totter. It's all fun and games until grandpa gets on one side, and they try to lift me. Then the harsh reality and a teachable moment in leverage, balance, and just how heavy grandpa really is, hits pretty hard. 

In the same way, PCB design is all about balance. IPC-2221 reminds us that the design process comes with tradeoffs. When specific parameters are either increased or decreased, it has the resulting performance change of either enhancing or degrading the overall PCB. Likewise, there are tradeoffs with your PCB data. The lack of data is never a problem. Most likely, it is just the opposite. Your strategy of managing large amounts of data becomes more critical as your database grows. It is best to know your plan before moving forward. However, what’s essential is the balance between database security and access—you want a secure system that maintains the integrity of your data but yet allows levels of access to those that need it at specific times. 

That famous quote from Abraham Lincoln comes to mind: “Give me six hours to chop down a tree, and I will spend the first four sharpening the axe.” The pressing question for you is whether you are trying to chop down your proverbial tree with a dull ax. 

Data Security
The question of security is vital and is a growing concern with the ever-developing electronic systems. More companies are storing high proprietary information for their PCB designs. Often, that includes specialized components or data that falls under the categorty of company secrets.

Before we dive too deep into the rabbit hole with this subject and how to manage such a a system, it is best to have a PCB design software platform that supports a good security system. Unfortunately, many ECAD software platforms do not have what is necessary for robust data security. Without it, you are trying to chop down Lincoln’s tree with a nail file. 

Whatever ECAD software you decide to use, it is vital to ensure the data is controlled and secured. Since everything starts and ends with that data, the integrity of your data determines the integrity of the design.  

There must be in place a comprehensive access management plan.

What is access management? According to Techopedia, "Access management (AM) is the process of identifying, tracking, controlling, and managing authorized or specified users' access to a system or application." 

In basic terms, it focuses on these two questions: which/who can access certain information, and what exactly can they do?

There are two types of access systems: the role-based access system (RBAS) and the level-based access system (LBAS). They both have pros and cons, but they are the very best PCB data management systems to date; I've used both of these at some point in my career. 

Role-Based Access System (RBAS)
RBAS first identifies the specific roles involved in the PCB design process. Each role has particular responsibilities needing exclusive access to certain information.  

The downside of RBAS is, first, the required identification of the roles themselves. I found that the first requirement in RBAS does take some trial and error before you get it correct. What is best is the practice of having a good baseline, then continually improving on it. The second problem is the identification of the specific working parameters on those needed roles. In other words, nailing someone down to a particular role and their responsibilities becomes difficult, as I have found in small companies where a few people may be wearing many hats. Through that, you can identify the required access levels to the system. Then, lastly, there is the problem of controlling individuals to only act within those specific roles inside controlled parameters.  

Level-Based Access System (LBAS)
Another standard database access method is LBAS. This security system is similar to RBAS, with the difference being that levels are used rather than roles. Each level has a ranking that allows specific permissions with ever-increasing stages of access to the database. The advantage of the LBAS type is that you have much better control over where a particular individual could work, simply by their access level. 

If you are wondering where you have heard of this type of system before, it is the same system used by every branch of the military with their security levels; I served in the Army, in the military intelligence field. I was required to obtain and hold a top secret government clearance to conduct my work. That level gave me access to certain information. Ironically, although I had the highest security clearance available, I still didn't have access to all data. The rule was someone had access to specific information on a need-to-know basis. 

The main advantage of LBAS is being able to access new data simply by increasing someone's level, which opens up the information and the responsibilities of that level. 

System Permissions
Closely connected to those roles and levels are the system permissions of what can explicitly be set. For some, all they need is the ability to view specific data; for others, they require to modify or update the data; and finally, others need full access to create items. Then, of course, the system administrator has full access to permissions and capabilities. 

For example, the administrator would have access to all system areas, which deals with library structure and architecture. Then comes the librarian, who would have the responsibility and access to creating components from the ground up, followed by those who work on the schematic and the PCB design that only needs access to the components. No matter what access system you use, either the RBAS or the LBAS, it’s important to know what each role or level can do. 

On a personal note, as we are finishing up yet another year, I wanted to extend my best wishes to each one of you for this holiday season. It is an honor each month to bring you these columns. As we have gone through the struggles of the past year or so, it has shown all of us what is essential in our lives. Happy Holidays and a very Happy New Year.   

John Watson, CID, is a customer success manager at Altium. 

Download The Printed Circuit Designer’s Guide to… Design for Manufacturing by David Marrakchi. You can also view other titles in our full I-007eBook library here.