epblue GxP oftware manual Software version

(1)

Software manual — epBlue™ GxP see on p. Fig. Tab. p. Software manual

epBlue™ GxP

Software manual

Software version 20.4.1 5075 900.874

(2)

5075 900.874-01/112012 

Software-Version 20.4.1

Trademarks

epMotion®_{, epT.I.P.S.}®_{and eppendorf}®_{are registered trademarks of Eppendorf AG, Hamburg, Germany.}

SIMATIC®_{is a registered trademark of Siemens AG.}

Adobe®_{and Reader}®_{are registered trademarks of Adobe Systems Incorporated in the United States and/or other}

countries.

(3)

epBlue™ GxP — Software manual

1 Table of contents

Table of contents

1 Operating instructions . . . 5

1.1 Using this manual . . . 5

1.2 Danger symbols and danger levels . . . 5

1.2.1 Danger symbols . . . 5 1.2.2 Degrees of danger . . . 5 1.3 Symbols used . . . 5 1.4 Abbreviations used . . . 6 1.5 Glossary . . . 6 1.6 Change history . . . 6 2 Product description . . . 7 2.1 Features . . . 7 2.1.1 Software. . . 7 2.1.2 System versions. . . 7 2.2 Delivery package . . . 7 3 Safety . . . 8

4 Working in accordance with legal regulations . . . 9

5 Fundamental concepts . . . 10

5.1 User roles and user rights . . . 10

5.1.1 Access security . . . 10

5.2 Electronic documents . . . 11

5.2.1 Digital signatures . . . 11

5.2.2 Status. . . 11

5.2.3 Revisions . . . 12

5.2.4 Limitations in working with signed applications . . . 12

5.2.5 Certificates. . . 12

5.3 Audit trail. . . 13

5.3.1 Reason for user actions . . . 13

6 Operation . . . 14

6.1 First steps . . . 14

6.1.1 Logging in as administrator . . . 14

6.1.2 Defining system settings . . . 14

6.1.3 Changing your password . . . 15

6.2 Using digital signatures. . . 15

6.2.1 Signing applications . . . 15

6.2.2 Signing logs . . . 17

6.2.3 Using revision administration . . . 17

6.2.4 Displaying and checking signatures. . . 19

6.2.5 Checking the lock status of labware . . . 20

6.3 Working with signed PDF documents. . . 20

6.3.1 Exporting signed PDF files . . . 21

6.3.2 Exporting digital certificates . . . 22

6.3.3 Importing master certificates in the PDF viewer . . . 22

6.3.4 Check signatures and certificates in PDF documents. . . . 24

6.4 Using the audit trail. . . 25

6.4.1 Showing the audit trail . . . 25

6.4.2 Printing and exporting the audit trail . . . 26

(4)

epBlue™ GxP — Software manual

6.5 Using checksum validation . . . 30

6.5.1 Exporting files with checksums . . . 30

6.5.2 Carrying out the checksum validation . . . 30

6.5.3 Creating checksums in external software . . . 31

6.5.4 Checking checksums in external software. . . 31

7 Administration . . . 32

7.1 Expanded user administration . . . 32

7.1.1 Setting the security settings for user accounts . . . 32

7.1.2 Configuring the authorization scheme . . . 33

7.1.3 Defining signature rights . . . 34

7.1.4 Unlocking a user account. . . 34

7.1.5 Deleting a user account . . . 35

7.2 Checksum settings . . . 36

7.2.1 Defining the checksum validation . . . 36

7.3 Data archiving. . . 37

7.3.1 Archiving applications and log files . . . 37

7.3.2 Archiving the audit trail. . . 38

7.4 Verifying the system configuration . . . 39

8 Troubleshooting. . . 41

8.1 General errors . . . 41

9 Ordering information . . . 42

9.1 Product versions . . . 42

9.2 Retrofit and upgrade kits. . . 42

(5)

epBlue™ GxP — Software manual

1 Operating instructions

1.1 Using this manual

The epBlue software product is available in multiple versions. This operating manual only contains a description of the extensions of the GxP version compared to the basic version of the epBlue.

This operating manual is a supplement to the following operating manuals, and is only valid in conjunction with them:

Therefore, before using the epBlue GxP for the first time, make sure to read the relevant operating manual for your epMotion model. The contents of this operating manual for epBlue GxP take priority over the contents in the basic operating manual.

1.2 Danger symbols and danger levels

1.2.1 Danger symbols

1.2.2 Degrees of danger

The danger level is an essential component of a safety note.

1.3 Symbols used

Name Version Date Order number

For operation of epBlue GxP with an epMotion 5075:

epMotion 5075 with integrated

PC and epBlue 02/1012 October 2012 5075 900.831

For operation of epBlue GxP with an epMotion 5070:

epMotion 5070 with integrated PC and epBlue 02/1012 October 2012 5070 900.469 For operation of epBlue GxP with an epMotion 5070 CB: epMotion 5070 CB with

integrated PC and epBlue 02/1012 October 2012 5070 900.477

Hint!

The operating manuals are available as PDF files on the epBlue installation CD-ROM.

Material damage

NOTICE May lead to material damage.

Symbol Meaning

 Handling

1. 2.

Actions in the specified order

• List

Text Name of fields in the software

(6)

epBlue™ GxP — Software manual

1.4 Abbreviations used

CFR Code of Federal Regulation (American federal law)

GxP Good Practice

Guideline for good work practices, e.g., in the laboratory sector (Good Laboratory Practice – GLP) or production sector (Good Manufacturing Practice – GMP).

IQ Installation Qualification

OQ Operational Qualification

PDF Portable Document Format

1.5 Glossary

A

Audit trail Chronological record of events that change the database or the state of the system.

C

Certificate, digital Dataset that enables the identity of a person, organization or system to be allocated to a digital

signature.

S

Signature, digital Technical term for an electronic signature that is executed using cryptographic methods.

Signature,

electronic Legal term for the electronic equivalent of a legally binding handwritten signature. The legal meaning of different forms of electronic signatures is defined in country-specific laws.

1.6 Change history

Operating manual

version Date Corresponding software version Changes

5075 900.874-00/0311 March 2011 epBlue 20.3.1 Initial version

5075 900.874-01/102012 October 2012 epBlue 20.4.1 References made to new versions of the

(7)

epBlue™ GxP — Software manual

2 Product description

2.1 Features

2.1.1 Software

The epBlue GxP software has the functionality of the epBlue basic version and also supports the user in the creation and administration of electronic documentation in accordance with the federal law of the United States of America (21 CFR Part 11).

The following functions are included in epBlue GxP in addition to the basic version:

• Digital signatures for applications and log files

• Revision administration

• Export and archiving of user data as digitally signed PDF documents

• Predefined user roles

• Fully automatic, continuous recording of an audit trail

• Checksum validation for user data

• Verification of system components

• Support of ID tracking using barcode-selected labware or ID lists (only in connection with epBlue ID)

2.1.2 System versions

Eppendorf offers the epMotion system with integrated PC and epBlue GxP in the following versions:

• As a complete system including epMotion, integrated PC with pre-installed epBlue GxP and complete system documentation.

Eppendorf provides the complete system as a fully validated and documented package, and sets up the system at the customer site.

• As an upgrade kit for an already existing epMotion with integrated PC.

The upgrade kit does not include any device documentation for the epMotion (test protocol, delivery documentation). The user is solely responsible for the validation of the complete system. However, Eppendorf offers services to support the system validation.

The ID tracking option, as an epBlue ID add-on package, is available for both versions. Upon demand, Eppendorf can provide additional relevant development and revision documentation for the validation inspection, for any system version.

2.2 Delivery package

The description of the epMotion delivery package and the optionally available package for sample ID tracking (epBlue ID) can be found in the operating manual of these components (see Using this manual on p. 5).

Quantity Order no. (international)

Description

1 – USB dongle ("eLicenser")

With epBlue GxP hardware key code card

1 – epBlue GxP CD-ROM installation

With an operating manual as a PDF

1 – Recovery DVD for Simatic 627 B industrial PC

1 – epMotion/epBlue GxP documentation folder

Expandable folder for certificates and system documents

(8)

epBlue™ GxP — Software manual

3 Safety

When using the epMotion with epBlueGxP, the safety instructions and the defined intended use of the epMotion device are binding. This information can be found in the following chapters of the associated operating manual:

• Intended use

• Note on product liability

• Warnings for intended use

• Safety devices

The associated operating manuals are listed separately (see Using this manual on p. 5).

NOTICE!

Data loss due to power failure.

The sudden loss of power to the integrated PC may mean that write accesses cannot be executed completely and thus that the system database is incomplete.

 Connect the integrated PC to a non-interruptible power supply if power outages are to be expected.

NOTICE!

Data loss or system malfunction due to incorrect PC configuration.

Manipulating the epMotion's software and hardware configuration may impair the proper functioning of the system

Manipulating the integrated PC's configuration may impair the recording of electronic documents, in particular the audit trail or interrupt the communication between epMotion and epBlue.

 System settings may only be made by Eppendorf Service or persons authorized by Eppendorf.

 Do not modify any operating system settings that affect the defined configuration of the integrated PC, in particular the device driver and system services.

NOTICE!

Data loss due to deletion during archiving.

 Archived data cannot be re-imported into epBlue.

 The archived data is subject to the same obligations relating to storage, backup and accessibility as the data contained in the database of epBlue. The user is responsible for meeting these obligations.

(9)

epBlue™ GxP — Software manual

4 Working in accordance with legal regulations

epBlue GxP provides you with functions that support you in the creation and provision of electronic documents. In order to fulfill additional legal regulations for the approval of your electronic documents by government agencies, you must create and observe special basic conditions as the operator of the epMotion with epBlue GxP system. As an example, the regulations for U.S. federal law 21 CFR Part 11 for submission to the U.S. Food and Drug Administration are described in the following section. In other countries or for other government agencies, the legal regulations may vary.

The paragraphs refer to 21 CFR Part 11. You can find the legal text online at http:// www.accessdata.fda.gov/scripts/cdrh/cfdocs/cfCFR/CFRSearch.cfm.

User training obligation

§11.10 (i). Persons who maintain and use the epBlue must demonstrate that they have adequate experience and have received appropriate training and instruction. Corresponding training courses are offered by Eppendorf.

Bindingness of the

digital signature §11.10 (j). You are obligated to establish and observe legal rules, defined in writing, for handling digital signatures in epBlue and the legal bindingness of these signatures. We recommend that

the obligation to observe these rules be confirmed by every user with a handwritten signature. §11.50 (a). You are obligated to verify the identity of persons authorized to use digital signatures. It is recommended to document the identity verification in writing and to enter the real first and last name in epBlue when creating a user account. This information appears in the electronic documents.

§11.100 (c). Before the signatures are used or during their use, persons who use electronic signatures should provide verification to the government agency (FDA) that the electronic signatures in their system, which were used on or after August 20, 1997, apply as the legally binding equivalent of traditional handwritten signatures.

Handling system accesses

§11.200 (a)(3). You must ensure that an electronic signature cannot be executed by any person other than the lawful owner of the system access. If passwords are lost, a user belonging to the user group Administrator can assign a new password to a user. If a password is changed by a user belonging to the user group Administrator, Eppendorf recommends that it is recorded in writing and that the user in question is present and must immediately define a password for the user account which is only known to him or her.

Availability of electronic documents

§11.10 (c). You are obligated to guarantee proper access to documents during the retention period. epBlue provides backup and archiving functions for this purpose.

The system must be operated on an uninterruptible power supply in order to prevent data loss due to power failure.

§11.300 (c). You are obligated to establish and comply with procedures in case of loss or theft of system access data. To be able to manage system accesses in epBlue you must have a user account belonging to the user group Administrator. If no valid administrator access is available (e.g., due to loss of password or automatic locking after the password was entered incorrectly several times), the system cannot be administered without a reinstallation. You are responsible for guaranteeing administrator access. Eppendorf recommends setting up at least one additional administrator access in epBlue.

Handling system

documentation §11.10 (k). You are obligated to establish and observe a regulation for the distribution, access and use of documentation for the operation and maintenance of epBlue and epMotion.

System maintenance §11.10 (h) and §11.300 (e). You are obligated to guarantee the proper and safe functioning of

system components and to ensure that no unauthorized modifications have been made to the system. Eppendorf has maintenance contracts available for this purpose.

(10)

epBlue™ GxP — Software manual

5 Fundamental concepts

This chapter contains information on how to create and administer documents in epBlue GxP. The user must fully understand these concepts in order to work with the epBlue GxP.

5.1 User roles and user rights

The handling of electronic documents requires that all manipulations can be clearly allocated to one person at all times. epBlue GxP guarantees this by recording the user ID in the audit trail when an electronic document is changed and a digital signature is executed.

The system user administration offers five predefined user groups, which you can use to define user rights in the system according to their roles in your organization. User rights for executing digital signatures are also connected to the user groups.

The user rights of the groups Guest, User Level 1, User Level 2 and Administrator Lab are based upon each other.

5.1.1 Access security

System access security in epBlue GxP is supported by the following functions:

• Locking the epBlue window when the logged in user has been inactive for a defined period of time (see Setting the security settings for user accounts on p. 32).

• Locking of user accounts in case of multiple unsuccessful login retries (see Setting the

security settings for user accounts on p. 32).

• Optional: time limit for the validity of user accounts (see basic operating manual).

• Optional: time limit for the validity of passwords (see Setting the security settings for user

accounts on p. 32).

• Enforced complexity rules for passwords.

Passwords epBlue GxP must meet all of the following conditions: – At least six characters in length

– Must include at least one capital letter and one lowercase letter – Must include at least one number

– Must include one special character

User group Example for user role

Guest Lab employee who executes released applications but does not create applications.

User Level 1 Lab employee who creates electronic documents ("create") and executes applications.

User Level 2 Lab employee responsible for the checking and validation ("review") of electronic documents.

Administrator Lab Lab manager who is responsible for the release ("authorize") and exchange of electronic documents and who must carry out application-related settings in the system.

Administrator Technical system administrator who is responsible for device and software maintenance, data protection, and system access administration, yet does not create or execute applications.

Hint!

Additional information:

(11)

epBlue™ GxP — Software manual

5.2 Electronic documents

In epBlue GxP, the following data can be provided with up to three digital signatures with different meanings and, therefore, stored as "electronic documents":

• epMotion applications

• Logs of authorized applications which have been run

epBlue stores the electronic documents and signatures in a database. Every time the documents are used, epBlue checks whether the signatures are still valid, thus ensuring the detection of unauthorized changes to the documents after signing. Furthermore, epBlue ensures that electronic documents are not deleted.

In addition to the abovementioned electronic documents, you can also use epBlue to create the audit trail and archives which consist of applications, logs and the labware used in the

applications and logs as signed PDF files, in order to submit them, for example, to a government agency. The digital signature is inextricably embedded in the PDF document as encrypted code.

5.2.1 Digital signatures

In epBlue GxP, electronic documents are created by providing data with digital signatures. In order to sign a document, you have to enter your user name and your password. If a signed document has been changed, its signatures become invalid. If this is the case, epBlue generates an error message.

5.2.2 Status

When applications or logs of runs of authorized applications in epBlue are signed, a Meaning is always associated with the signature. The meaning is reflected in the status of the signed document. You can assign up to three different signatures to one document, changing the status of the document as follows:

A user belonging to the user group Administrator can define the number of signatures required to release a document separately for applications and logs (see p. 33). For this, epBlue enforces the "concept of multiple review". Therefore, a document can be only be signed once by a user. The right to sign, which is associated with a specific status, depends on the user role which a user belonging to the user group Administrator defines via the user group assignment (see p. 34).

Status:

Number of

signatures: none 1 2 1, 2 or 3

Significance for

applications: Each new document created in the system

automatically has the status unsigned.

The signer confirms that he or she has created and tested the application.

The signer confirms that he or she has checked or validated the application.

The signer authorizes the application for use.

Significance for

logs: The signer confirms that he has executed

the application run per specification.

The signer confirms that he has checked the execution of the application run per specification.

The signer authorizes the log and thus the application, e.g., in order to release the samples processed here for subsequent process steps.

Hint!

Additional information

• Signing applications (see p. 15)

(12)

epBlue™ GxP — Software manual

5.2.3 Revisions

For signed applications, epBlue uses an automatic revision administration, which allows it to document the further development of applications.

• For applications, the status always refers to a specific revision. Revisions of an application can have different statuses.

• epBlue creates a new unsigned revision of the application every time a signed application is changed and saved.

• Previous revisions remain accessible for read access, but can no longer be changed.

• A previous application revision will remain executable until a newer revision is signed as

authorized.

• Logs are recorded separately for each revision of the application.

When you sign an application, epBlue locks changes to the labware used in this application.

5.2.4 Limitations in working with signed applications

The following restrictions apply to signed applications:

5.2.5 Certificates

epBlue creates digital signatures according to the Digital Signature Algorithm (DSA) standardized procedure. When creating a new user account, epBlue automatically calculates an individual digital key pair and permanently stores it in the database. The key pair consists of one private and one public key. The private key is protected with the user account password, and is used to create digital signatures. The public key is used to check digital signatures in the exported PDF documents and documents in epBlue.

To prove that a PDF document was created by epBlue (authenticity) and not changed after export, epBlue automatically assigns it a system signature. This is specific for an epBlue installation and identical for all PDF documents exported from it.

In epBlue, digital signatures are automatically checked as soon as an electronic document is opened. In order to check the validity of signatures in PDF documents, you can export the public keys from epBlue, along with the corresponding user information, as PKCS#7 certificates (.cer files).

With the exported certificates, you can conduct the following checks for generated PDF

documents and signatures in the documents:

Hint!

• Creating a new application revision (see p. 18).

• Opening previous application revisions (see p. 17).

Editing • epBlue creates a new revision when the application is edited and saved. This can be

avoided by saving the changed applications under a new name.

• The Properties of the application cannot be edited.

Labware • epBlue marks labware used in the application as Locked. This labware cannot be changed,

overwritten or deleted. If you would like to edit this type of labware, you must create a copy of it first.

Execution • The user cannot change the preset Level sensor settings during the execution of the

application.

Administration • The application cannot be deleted. The application must be archived in order to remove it

from the system (see Data archiving on p. 37).

• The Cut function is not available. If you copy the application to a different folder using Copy

and Paste, the signatures are not copied with it. Therefore, move or copy the application before signing it.

• When the application is exported, the signatures are not exported along with it.

• Folders containing signed applications cannot be deleted or renamed.

(13)

epBlue™ GxP — Software manual

5.3 Audit trail

epBlue automatically records information on the following user actions and system events in a chronological audit trail:

• Changes to applications and labware

• Signing processes

• Execution, interruption and cancellation of applications

• State of and changes to the system configuration

• User log-on and log-off

• Changes to user accounts

When you execute actions that permanently change the user data or system configurations, epBlue prompts you to enter a reason, which is recorded in the audit trail.

The audit trail is part of system documentation and can be exported as a signed PDF document.

5.3.1 Reason for user actions

When you execute actions that change the system configuration (e.g., create or delete a user account) or the dataset (e.g., start an application) in epBlue, you will be prompted to enter a reason.

epBlue saves the reason together with the data of the executed action in the audit trail.

Details on working with the audit trail are available separately (see Using the audit trail on p. 25).

Type of certificate Purpose

User certificate Verification of the validity of the digital signature of the user who exported the document from epBlue.

Proves that the document was exported by a specific person and was not falsified.

System certificate Verification of the validity of the digital signature of the epBlue system that was used to create the document.

Proof that the document was exported using a specific epBlue system.

Master certificate This certificate is used to verify the validity of the user and system certificates which are used to check the document.

Proof that the digital signatures were generated by epBlue.

The master certificate is the root certificate of the system certificates and user certificates.

Hint!

• Exporting certificates (see p. 22).

(14)

epBlue™ GxP — Software manual

6 Operation

6.1 First steps

6.1.1 Logging in as administrator

In a newly installed epBlue system, a user account belonging to the user group Administrator is predefined which can be used to prepare the system for use.

1. Start the epBlue client. The login dialog is shown.

2. Log in with the following information.

You are now logged into epBlue as administrator.

6.1.2 Defining system settings

epBlueGxP contains an expanded user administration to support you in mapping your work processes and organization in compliance with GxP regulations. Adjust the following system settings to your requirements before you begin working with the system.

You can make the following settings:

 Set security settings for user accounts (see Setting the security settings for user accounts on

p. 32).

 Set authorizations for applications and log files (see Configuring the authorization scheme on

p. 33).

 Set up signature rights for user accounts (see Defining signature rights on p. 34).

Account: Administrator

Password: Admin123!

Server: localhost

Only applicable to users belonging to the user group Administrator.

(15)

epBlue™ GxP — Software manual

6.1.3 Changing your password

Prerequisites

When you are logged into epBlue, you can change your password at any time using the following procedure.

If your password has expired, epBlue will prompt you to enter a new password immediately after login.

1. In the menu bar, click on Tools > Account > Change Password. The Change Password window opens.

2. Enter the current password under Current Password.

The other two entry fields will be activated if the entry was correct.

3. Enter the new password under New Password and enter it again under Confirm Password to confirm it.

Passwords must comply with the password rules (see Access security on p. 10). 4. Click on the Submit button to apply the changes.

6.2 Using digital signatures

6.2.1 Signing applications

Signatures always refer to a specific revision of an application. An application revision must be open in the editor in order for it to be signed.

As long as the revision does not have authorized status, you can sign a previous revision at any time.

1. Open the Home tab. Click on Create / edit applications. The Create / edit applications window opens.

2. Highlight the application to be signed.

3. In the Properties column under Revision, select the revision to be signed. Hint!

If you have forgotten your password or your user account has been locked, a user belonging to the user group Administrator can set a new password for your user account.

(16)

epBlue™ GxP — Software manual

4. Click on the Open Application button. The application is opened in the Work tab. 5. Click on the icon.

The Signatures window opens. If the revision of the opened application has already been signed, the available signatures will be listed in this dialog.

6. Click on the Sign button. The Sign window opens.

7. Complete the fields in the Sign window.

8. Click on the Sign button to execute the signature.

9. To add additional signatures, click on the Sign button again and repeat the process. Click on the OK button to close the window.

User Identification

User name of the signing user

The signature can also be executed by a user who is not currently logged into epBlue.

Password

Password of the signing user

Meaning

Meaning of the signature

The selection of available meanings depends on the signatures the

application revision already contains. A meaning can only be used once per revision (see Status on p. 11).

The use of specific signature meanings may be limited by your user rights (see Defining signature rights on p. 34).

Description

(17)

epBlue™ GxP — Software manual

6.2.2 Signing logs

Prerequisites

You can only sign a log if the corresponding application revision has authorized status. 1. Start an application with authorized status.

The application is run on the epMotion. After the application has been ended or canceled, the

Sign Logfile window opens.

2. Click on the Sign button. The Sign window opens.

3. Complete the fields in the Sign window (Fig. on p. 16) as described above. Click on the Sign

button.

The signature is displayed in the list

4. Close the Sign Logfile window with the OK button.

6.2.3 Using revision administration

epBlue GxP uses revision management for applications. Revisions can be used to document the further development of the application. A new revision is automatically created when you change and save a signed application.

Details on working with revisions are available separately (see Revisions on p. 12).

Opening a revision

When you select an application in the Open applications window and click on the Open Application button, epBlue will always open the newest revision (Head version) by default. However, you can also open previous revisions.

1. Open the Home tab.

2. Click on Open / run applications or Create / edit applications. 3. Highlight the application to be opened.

4. In the Properties area under Revision, select the desired revision. Hint!

Information on restrictions when using signed applications can be found separately (see p. 12).

Hint!

(18)

epBlue™ GxP — Software manual

5. Click on the Open Application button.

The revision of the application is opened in the Work tab.

The currently selected revision and signature status is shown in the list of open applications:

Creating a new revision Prerequisites

In order to create a new revision, the current revision must have at least one signature. 1. Open the Home tab.

2. Click on Open / run applications or Create / edit applications. 3. Highlight the application to be edited.

4. In the Properties area under Revision, select the desired revision. 5. Click on the Open Application button to open the application.

The application is opened in the Work tab. You can now carry out the desired modifications. 6. Click on the Save button to save the application. Confirm the warning message If you save

this application a new unsigned revision will be created by clicking on the Yes button. 7. Enter a reason for the changes to the application and confirm by clicking on the OK button. The open application is now available in a new, unsigned revision.

Hint!

You can keep several revisions of an application open simultaneously. Revisions that are already open are marked with a lock icon in the Properties area :

Hint!

• Only the newest revision of an application can be changed. Previous revisions cannot be edited and are opened read-only.

(19)

epBlue™ GxP — Software manual

6.2.4 Displaying and checking signatures

This section describes how to check signatures and documents in epBlue. A description of how signatures of PDF documents can be checked is available separately (see Check signatures and

certificates in PDF documents. on p. 24).

The Signatures window opens.

One row is available in the list for every signature. The list is empty for unsigned documents.

The validity of a signature proves that the document was not changed after signing (for

applications, this also includes the labware used in the application). An invalid signature indicates that the application was manipulated.

Checking signatures of applications Checking signatures of logs

1. Open the Home tab.

2. Click on Create / edit applications. 3. Highlight the required application and

revision.

4. In the Properties area click on the Show Signatures button.

Alternatively, you can also display the

Signatures window by clicking on File >

Signatures in the menu bar of an opened application or by clicking on the icon.

1. Open the application revision. 2. Display the Logs area.

3. Click on the Show Signatures button.

Date Date and time of signing

Name Name of the user who created the signature.

Meaning Meaning of the signature (see Status on p. 11)

Description Description of the signature as entered by the signing user

Valid Validity of the signature: Signature is VALID. Signature is INVALID.

(20)

epBlue™ GxP — Software manual

6.2.5 Checking the lock status of labware

epBlue locks labware which is being used in at least one signed application to prevent it being modified or deleted. This is indicated by the marking Locked. To check whether a labware is locked, proceed as follows:

1. Open the Home tab. Click on Create / edit labware. The Create / edit labware window opens.

2. Select the labware to be checked.

The status of the marking Locked is indicated in the right-hand column of the window as a checkbox.

6.3 Working with signed PDF documents

You can export digitally signed PDF documents of the following data from epBlue for submission to government agencies or external storage:

• Applications with created, reviewed or authorized status

• Logs with created, reviewed or authorized status

• Audit trail

• IQ protocols

As a rule, the PDF documents include the system signature and signature of the exporting user and corresponding certificates. To check the validity of the signatures/certificates in a PDF viewer, the master certificate must be exported from epBlue and imported to the used PDF viewer.

The available system data is not altered by the export process. Hint!

The signature status is also included in the printouts of applications and logs:

Hint!

You cannot manually change the marking Locked.

To unlock a labware, you have to archive all the applications which use this labware (see p. 37). You can create an unlocked copy of a locked labware and save it under a new name. A description of how to do this is contained in the basic operating manual (see p. 5).

(21)

epBlue™ GxP — Software manual

6.3.1 Exporting signed PDF files

Prerequisites

Applications and logs must contain at least one signature in order to be exported as a signed PDF.

Use the epBlue print function to create signed PDF documents. Proceed as follows: 1. Open the tab displaying the data to be exported:

2. Click on the icon. The Preview window opens.

3. In the Preview window click on the icon. The Sign window opens.

4. Click on the Sign button to add the signature to the PDF document. Click on the Cancel button to create an unsigned PDF document.

5. Select the path for saving the PDF document and click on the Save button.

Only applicable to users belonging to the user groups Administrator and Administrator Lab.

Administrator Admin Lab

Applications Logs Audit trail IQ protocols

Work > Procedure or

Worktable tab Work_ _{In the} > Logs_Application tab

Logs list, select the log to be exported.

Audit tab

 Using the filter settings, select the part of the audit trail to be exported (see p. 25).

Functions tab

IQ functions entry

Password  Enter the password of the logged in user.

Description  Enter a comment, description or reason for the data export. The entered text is added to the PDF signature.

Hint!

You can also create signed PDF documents using the archiving process (see Data archiving on

(22)

epBlue™ GxP — Software manual

6.3.2 Exporting digital certificates

For digital certificates exported from epBlue, you can verify the signatures in PDF documents using a PDF viewer.

Details on the function of the certificates are available separately (see Certificates on p. 12).

Proceed as follows: 1. Open the Admin tab.

2. Click on the Signatures entry.

3. In the Certificates tab select the certificate to be exported.

4. Click on the Export button.

The Browse For Folder window opens.

5. Select the path for saving the certificate files and confirm by clicking on the OK button. Each certificate is stored in the selected path as a PKCS#7 file (*.cer).

6.3.3 Importing master certificates in the PDF viewer

The certificates of the users and the system certificate are signed using the master certificate (root certificate). Many software products allow the user to make certain settings to specify that certificates should be trusted automatically if they are derived from a trusted root. This is possible, e.g., with Adobe Reader. In these cases, it may be sufficient to import the master certificate and carry out the settings as described in this section.

Hint!

You can also download the master certificate at www.epmotion.com/certificate.

Master Only master certificates are exported.

System Only system certificates are exported.

All The certificates of all users, as well as the master and system certificates, are exported. Certificates of deactivated or deleted user accounts are also exported.

Hint!

If a user belonging to the user group Administrator has reset the password of an existing user account, several digital certificates are exported for this user account.

Always keep all of a user's digital certificates to be able to check executed signatures both before and after changing the password.

(23)

epBlue™ GxP — Software manual

Prerequisites

• The master certificate has been exported from epBlue as a .cer file (see p. 22).

• The PDF viewer supports PKCS #7 certificates.

1. Import the master certificate from epBlue (MasterCertificate.cer file) into the PDF viewer. The master certificate was imported using the name Eppendorf epBlue CA.

2. Check the authenticity of the master certificate.

The checksums must match the following strings (capitalization is irrelevant):

3. Set the level of trust of the master certificate.

If you are convinced of the authenticity of the master certificate, define the following trust settings to check signatures in PDF documents from epBlue:

• Use the master certificate as a trusted root certificate.

• Trust the master certificate for the signature of documents.

• Trust the master certificate for certifying documents. Example of trust settings in Adobe Reader:

Hint!

The procedure for handling certificates is different for each PDF viewer. Additional information is available in the instruction manual of your PDF viewer.

SHA1 digest 9E B7 33 3D 2A 8D 16 D3 82 C4 01 B8 AD A2 8B FF BF B8 87 70

(24)

epBlue™ GxP — Software manual

6.3.4 Check signatures and certificates in PDF documents.

You can use any PDF viewer that supports PKCS #7 certificates to check signatures created in epBlue. The Adobe Reader 9 procedure is shown below as an example.

Prerequisites

The master certificate was imported in the PDF viewer (see p. 22). 1. Open the PDF file.

2. Click on the Signature Panel button.

3. Check the validity of the signatures.

You can display the certificates embedded in the PDF by clicking on Certificate Details.... If the signatures are valid, this proves that the documented was exported from epBlue by the signing user (authenticity), and that the document has not been changed (integrity).

(25)

epBlue™ GxP — Software manual

6.4 Using the audit trail

Details on the meaning of the audit trail are available separately (see Audit trail on p. 13).

6.4.1 Showing the audit trail

1. Open the Audit tab.

The audit trail is shown as a table. Each line of the table represents an entry.

By default, all entries from the last seven days are sorted according to date and time stamp.

Displaying details  Highlight the entry in the table.

The details appear in the Selected entry area below the table.

Sorting entries  In the table, click on the top of the column according to which the entries should

be sorted.

The table is sorted ascending according to the column. Click on the top of the column again to sort descending.

Filtering entries 1. Under 1. Filter select the filter type.

2. Select the area to be filtered under From: and To:.

3. If additional filter criteria are required, repeat these steps under 2. Filter and

3. Filter.

4. Click on the Refresh button.

The table will then only display entries that match the selected filter criteria.

Saving, accessing or deleting

filter settings 1. Define filter criteria._{2. Click on the}_{Save filter}_button.

3. Enter a name for the filter settings.

To access stored filter settings, select the settings under Stored filters.

To delete stored filter settings, select the settings under Stored filters and click on

Delete Filter.

Selecting visible columns 1. Open the Select visible columns selection box.

(26)

epBlue™ GxP — Software manual

6.4.2 Printing and exporting the audit trail

You can print out the part of the audit trail that is currently displayed, or export it as a PDF file (with optional digital signature).

1. Filter the part of the audit trail to be printed (see p. 25). 2. Click on the icon.

The Preview window opens.

3. To print out the audit trail, in the Preview window click on the icon. To export the audit trail as a PDF, in the Preview window click on the icon.

A description of how to digitally sign the audit trail PDF is available separately (see p. 21).

6.4.3 Audit trail log types

The audit trail entries are stored in categories (Log type). The category is determined by the event that triggered the audit trail entry.

Tab. 1: User data actions Hint!

The time stamp included in each audit trail entry always reflects the local time according to Windows system settings. The time stamps are automatically adjusted when the time zone is changed. The time zone setting is included in the audit trail printout.

Hint!

A description of how parts of the audit trail can be archived and removed from the system is available separately (see p. 37).

Category (Log type) Triggering event

New Application Application Changed Application Deleted Application Saved Under New Name Application Imported Application Exported Application Printed

• The user created a new application.

• The user changed or deleted an existing, unsigned application, or saved it under a new name.

• The user imported or exported an application.

• The user printed an application or exported a PDF file.

Old Application

Updated • In the application editor, the user confirmed that an imported application, which was created with a previous software version, should be updated.

Official Application Changed

Official Application Copied

• The user changed an authorized application, thus creating a new, unsigned revision.

• The user copied an authorized application.

Application Signed Application Authorized

• The user has signed an application as created or reviewed.

• The user has signed an application as authorized.

(27)

epBlue™ GxP — Software manual

Tab. 2: Executing applications

Tab. 3: User accounts and user actions

Labware Created Labware Changed Labware Deleted Labware Copied Labware Imported Labware Exported Labware Printed

• The user created a new labware.

• The user changed, deleted or copied an existing labware.

• The user has imported or exported a labware.

• The user printed a labware or exported it as a PDF file.

ID list created ID list exported ID list removed

Only for the epBlue ID version.

• The user created a new ID list in the system by importing a list file or during the execution of an application with ID tracking.

• The user exported an ID list.

• The user removed an ID list.

Archive • A user belonging to the user group Administrator has archived one or several applications (with log files) or parts of the audit trail.

Application Started Application Ended

• The user started an application run.

• An application run was ended.

Number of Samples Volume Amount

• The user manually entered the number of samples for an application run.

• The user has manually entered the liquid volumes for an application run.

Application Stopped Single-step Application Continue Application

• The user stopped an application run (using the Stop function or by opening the epMotion cover).

• The user executed a single step in a stopped application run.

• An application run was continued.

Application Error • An error occurred during an application run.

Application Aborted • An application run was aborted by the user or due to an error.

Login Logout

• The user logged in or logged out of epBlue.

Idle Session blocked Idle Session unblocked

• The client was locked as a result of user inactivity.

• A user unlocked the client by entering his password.

Used added User deleted

User Group Changed Password Changed

• A user belonging to the user group Administrator has created a new user account or deleted a user account.

• A user belonging to the user group Administrator has assigned a user account to another user group.

• A user has changed his or her password or a user belonging to the user group Administrator

has defined a new password for a user.

False Login User

(28)

epBlue™ GxP — Software manual

Tab. 4: System settings and actions

Disabled User

Reactivated • A user belonging to the user group Administrator has unlocked a locked user account. Password Expired • The passport's period of validity defined for a user account has expired.

Account Expired • The user account's period of validity as expired.

Server Startup Server Shutdown

• The epBlue server was started or ended.

Connection to server lost

Connection to client lost

• The communication between the epBlue client and the epBlue server was interrupted.

Dongle Found Dongle Not Found Dongle Removed Dongle Found System Reactivated

• The server detected a USB dongle (eLicenser) with a valid license.

• The server did not detect a USB dongle (eLicenser) or the license on the dongle is invalid.

• The user removed the USB dongle while the server was in operation, which led to the locking of the system.

• The user inserted a USB dongle with a valid license while the system was in operation and the system canceled the lock.

Device Found Device Added Device Lost

• The epBlue server has detected a connected epMotion.

• The server has detected an epMotion and added it to the device list (for devices which have previously not been operated with this installation of epBlue).

• The communication between the epBlue server and an epMotion was interrupted, e.g., by the user switching off the device.

Device Initialization

Failed • The server could not initialize a connected epMotion, e.g., due to a firmware conflict. Device Status

Changed • The status of an epMotion has changed, e.g., as the result of starting or ending an application.

Device Firmware

Update • A user belonging to the user group version of the device software (firmware) for epMotion.Administrator Lab or Service has updated another

Barcode Settings

Changed Only for the epBlue ID version._• _{A user belonging to the user group}_{Administrator Lab}_{has changed the barcode reader}

settings.

Number of reagent IDs changed

Import/Export Settings for ID List Changed

Only for the epBlue ID version.

• A user belonging to the user group Administrator Lab has changed the number of required reagent IDs or barcodes.

• A user belonging to the user group Administrator Lab has changed the file format (CSV or XML) or the path for the import or export of ID lists.

Checksum Settings

changed • A user belonging to the user group setting for the checksum validation of ID lists (only epBlue ID version) or CSV files which are Administrator or Administrator Lab has changed the imported into the application editor.

Number of Authorization Signatures

• A user belonging to the user group Administrator has changed the number of signatures required for authorizing applications or log files.

(29)

epBlue™ GxP — Software manual

Password Lifetime Changed

Maximum Login Retries Changed Max Idle Time Changed

• A user belonging to the user group Administrator has changed the password lifetimes of user accounts.

• A user belonging to the user group Administrator has changed the maximum allowed number of unsuccessful login retries after which a user account is automatically locked.

• A user belonging to the user group Administrator has changed the time after which the client is automatically locked when the user has not carried out any actions.

Auto Backup

Database successfully restored

• The server carried out an automatic backup or an error occurred during the execution of the automatic backup.

• A user belonging to the user group Administrator has restored the epBlue database from a backup.

Dialog Message • epBlue or epBlue server has displayed a general message.

epBlue Application

Error • An error occurred while a digital signature is in use (e.g., the user entered an incorrect password), or a software error occurred.

Device Configuration Changed

Service Function

• Service changed the configuration of the epMotion.

• Service executed a test function or changed a device setting.

(30)

epBlue™ GxP — Software manual

6.5 Using checksum validation

To detect transmission errors and manipulation of data that is exchanged as a file between epBlue and other programs, epBlue uses checksums.

This section describes how to create and verify checksums in epBlue and also how to create checksums in external software to ensure that they can be successfully verified in epBlue.

6.5.1 Exporting files with checksums

In epBlue GxP, the following data always includes a checksum following the export:

• Applications and labware as .export file

• ID lists (only epBlue ID version) as .csv or .xml file

You can use the checksum in the external software or during reimport into epBlue in order to check data content.

 A description of how to export applications, labware or ID lists is contained in the basic operating manual (see p. 5).

6.5.2 Carrying out the checksum validation

epBlue automatically performs out a checksum validation during the import of the following files:

Prerequisites

The checksum validation is always active for ID lists or CSV files.

 A description of how to import applications, labware, ID lists or CSV files is contained in the basic operating manual (see p. 5).

If the checksum is verified successfully, the corresponding file is imported without an error message.

If the checksum validation is invalid or no checksum exists, epBlue will generate a warning message during the import.

Applications and labware as .export file The checksum validation is always active. ID lists (only epBlue ID version) as .csv or .xml

file

The checksum validation is performed when a user belonging to the user group Administrator

has activated it (see Defining the checksum

validation on p. 36). epBlue ignores an existing

checksum if it has not been activated.

CSV files in the application editor The checksum validation is performed when a user belonging to the user group Administrator

has activated it (see Defining the checksum

validation on p. 36). epBlue ignores an existing

checksum if it has not been activated.

Hint!

During the import of labware (.zip file) and applications (.dws, .lhs, and .ws files) from earlier versions of epBlue or the epMotion control panel, no checksum validation is available.

(31)

epBlue™ GxP — Software manual

6.5.3 Creating checksums in external software

To ensure epBlue can successfully verify the checksums during the import, the creating software must include them in the corresponding file as follows:

1. Calculate the checksum: – Remove line breaks.

– For the remaining content, calculate the checksum (hash value) using the SHA256 algorithm (this algorithm is included in the Microsoft .NET framework).

2. Enter the checksum in the original data file:

Example of an ID list in CSV format with checksum:

Example of an ID list in XML format with checksum:

6.5.4 Checking checksums in external software

For an external software to successfully verify the checksums created by epBlue, you must proceed according to the following algorithm:

1. Remove rows with checksum entries from the imported file and store the checksum. 2. Remove line breaks in the remaining content.

3. For the remaining content without line breaks, calculate the checksum (hash value) using the

SHA256 algorithm (this algorithm is implemented in the Microsoft .NET framework).

4. Compare the calculated checksum with the original checksum available in the file. See the previous section for examples of files with checksums (see p. 31).

CSV file In row 5, column 1 = "Checksum", column 2 = calculated checksum

(32)

epBlue™ GxP — Software manual

7 Administration

7.1 Expanded user administration

7.1.1 Setting the security settings for user accounts

Prerequisites

You are logged in as administrator.

1. Open the Admin tab. Click on the Account entry. 2. Open the Settings tab.

Admin

Period of validity for

passwords • Define the period of validity for passwords in days._{After the period of validity has expired, epBlue will prompt the user to change his}

password.

• Enter 0 (zero) for an unlimited period of validity for passwords.

Allowed maximum

number of login retries • Define the maximum number of unsuccessful log-in retries._{If a user exceeds this number by entering an invalid password several times in}

succession during the log-in process, epBlue will automatically lock the user account in question.

A locked user account can be unlocked again by a user belonging to the user group

Administrator.

User accounts belonging to the user group Administrator are not affected by the locking of user accounts.

(33)

epBlue™ GxP — Software manual

3. Click on the Apply button to apply the settings.

Click on the Reset button to discard any changes made to the settings.

4. The Please enter reason dialog is shown when the settings are applied. Enter a reason for the change in the dialog, which is recorded in the audit trail.

7.1.2 Configuring the authorization scheme

You can individually define how many signatures are required for applications and logs in order to place these documents in authorized status.

1. Open the Admin tab. Click on the Signatures entry. 2. Open the Signatures tab.

3. Under Applications select the authorization scheme for applications (the default setting is

Create -> Review -> Authorize).

Lock application after

user inactivity • Define the period of time in minutes, after which the epBlue window is automatically locked if the logged in user has not carried out any activity.

The logged in user must re-enter his password in the unlock window to unlock the epBlue window lock.

If the user enters the password incorrectly several times in the unlock window, the account will not be locked.

Hint!

A description of how to set up user accounts and define the period of validity of a user account is contained in the basic operating manual (see p. 5).

(34)

epBlue™ GxP — Software manual

4. Under Logfiles select the authorization scheme for logs (the default setting is Authorize). In both cases, the following authorization schemes are available:

5. Click on the Apply button to apply the settings.

Click on the Reset button to discard any changes made to the settings.

6. When applying the settings, the Please enter reason window is displayed. Enter a reason for the change in the dialog, which is recorded in the audit trail.

Details on the authorization of documents are available separately (see Electronic documents on

p. 11).

7.1.3 Defining signature rights

In epBlue, the rights for using digital signatures are defined for the user groups. To grant a specific signing right to a user account, you must assign the suitable user group to it.

 To display the signature rights and other rights, open the Admin tab and click on the Group

entry.

 To set the signature right for a new or an existing user account, use the Member of setting of the New account or Edit account function. Additional information on this can be found in the basic operating manual (see p. 5).

Additional information on selecting suitable user groups is available separately (see User roles

and user rights on p. 10).

7.1.4 Unlocking a user account

To unlock user accounts which have been automatically locked because an incorrect password was used, proceed as follows.

1. Open the Admin tab. Click on the Account entry. 2. Open the Edit tab.

3. In the Account list area, select the locked user account.

Create -> Review -> Authorize

Three signatures from three different users are required to place the document in authorized

status.

Create -> Review One signature each with the meaning created and authorized is required from two different users in order to place the document in authorized status.

Authorize One signature with the meaning authorized is required to place the document in authorized

status.

User group Signing applications Signing logs Signing PDF files

Guest – – –

User Level 1 Created Created –

User Level 2 Created, reviewed Created, reviewed –

Administrator Lab Created, reviewed,

authorized Created, reviewed, authorized Archive, PDF export of applications and logs, IQ protocols

Administrator – – Archive

Hint!

If the system locks a user account, this is recorded in the audit trail with the log type False Login User Disabled.

(35)

epBlue™ GxP — Software manual

4. Click on Set a new password.

5. Enter a new password for the locked user account and click on the Submit button. The user account is now unlocked. The user can log in with the new password.

The process of unlocking a user account is recorded in the audit trail with the log type Password Changed.

7.1.5 Deleting a user account

Admin

Hint!

• You cannot delete a user account as long as signed applications are stored under it. If necessary, archive all of the user's signed applications in order to remove them from the system (see Data archiving on p. 37).

• After a user account has been deleted it is no longer possible to create a new user account with the same user name. Thus, the system ensures that user names are unique during the entire period of system operation.

• After a user account has been deleted, any of the affected user's signatures in the system continue to remain valid and the digital certificate of the deleted user account can still be exported (see Exporting digital certificates on p. 22).

(36)

epBlue™ GxP — Software manual

To delete user accounts, proceed as follows.

Prerequisites

There are no signed applications stored under the user account to be deleted. 1. Open the Admin tab. Click on the Account entry.

2. Open the Edit tab.

3. In the Account list area select the user account to be deleted. 4. Click on Remove account.

The user account details are displayed.

5. Click on the Remove button and confirm the deletion.

6. Enter the reason for the deletion (appears in the audit trail) and confirm.

The process of deleting a user account is documented in the audit trail with the log type User Deleted.

7.2 Checksum settings

7.2.1 Defining the checksum validation

Proceed as follows to switch the checksum validation on or off during the import of ID lists and CSV files (in the application editor).

1. Open the Admin tab. Click on the Checksum Settings entry.

2. Click on the Apply button to confirm the changes.

The changes are recorded in the audit trail with log type Checksum Settings Changed. Only applicable to users belonging to the user groups Administrator and Administrator Lab.

Import of ID lists • Switch on (Yes) or off (No) the checksum validation during the import of ID lists in CSV or XML format.

Import of CSV files in the

(37)

epBlue™ GxP — Software manual

7.3 Data archiving

The Archive function allows you to save applications including the corresponding log files, individual log files and parts of the audit trail as signed PDF documents for long-term archiving and to remove them from the system. You can print the archived PDF documents later or use them for electronic submissions. When archiving is enabled, the data is removed from the active dataset of epBlue.

Additional information on handling signed PDF documents is available separately (see Working

in accordance with legal regulations on p. 9).

7.3.1 Archiving applications and log files

1. Open the Admin tab. Click on the Archive entry.

2. Click on the ... button and select the path for saving the archive files. 3. Select the data to be archived as follows:

NOTICE!

Data loss due to deletion during archiving.

 Archived data cannot be re-imported into epBlue.

 The archived data is subject to the same obligations relating to storage, backup and accessibility as the data contained in the database of epBlue. The user is responsible for meeting these obligations.

Hint!

The Archive function is only intended for the long-term storage of data that is no longer needed in the active dataset of epBlue GxP. The archived data can be displayed later with a PDF display program independent of epBlue and verified by means of the contained digital signatures. To save the active dataset of epBlue, use the Backup function, which is described in the basic operating manual (see p. 5).

Hint!

Export the digital certificates from epBlue (see p. 22) and keep them together with the archived data to enable subsequent verification of the contained digital signatures.

Only applicable to users belonging to the user groups Administrator and Administrator Lab.

Hint!

• Currently open applications and log files cannot be archived. Close the affected applications in order to archive them.

• The user directory of the logged in user cannot be archived.

Log in under another user account belonging to the user group Administrator or Administrator Lab in order to archive this data.