ION automatically tracks the time users spend executing steps in runs to give teams an accurate representation of how much labor time was spent on each operation. In turn, that data can be used in our Analytics tool to help you determine cost estimates per assembly! To track time, an operator has to check in to start the capture of time and check out when they are finished working. Each check-in and check-out pair is called a session which can be edited as seen below.

Our goal is to make this as seamless as possible to ensure the least overhead for operators when performing work so that they spend most of their energy working while having confidence that ION is tracking their work accurately. To do this, we have a few automations and validations that are online and a few more we are considering:

• When an operator first begins a step (step moves from TODO to In Progress) they are automatically checked into that step.

• When an operator Completes a step, places a step on Hold, places a step in Redline, or Fails a step they are automatically clocked out.

• Operators are prevented from being checked into a run step when the step is not Available to Work. Available to Work implies a run step is in TODO or In Progress, is not blocked by upstream run steps, and the parent step, if exists, is In Progress.

• Future State: When an operator checks in while the run step is Available to Work and in the TODO status, the run step will be automatically moved to In Progress.

• Future State: When editing any data in a run step while the run step is Available to Work and in the TODO status will automatically move the step to In Progress and check in the current operator.

Understanding and Updating Existing Session Data

If you want to understand how long you've been checked into a step, the total duration of check-in time per step or want to edit the time someone has been checked into a step, click on the gray checkmark in run execution mode as seen in the video below. If you have the permission to UpdateSession, then you can also edit the check-in time and the check-out time.

The Currently Clocked Into widget on the home screen shows what steps you're clocked into and the status bar at the top informs you of all steps you are checked into.

Users who are checked in are highlighted green and have a green checkmark next to their avatar and will appear on the step queue on the left.

Using a smart card badge for login authentication

Badge authentication can make it easy for multiple users to login via their badge and check into operations, buyoff steps, etc. Below is an example of badge authentication to Windows 10 hosts that has been successful by using the following technologies:

• Smart card: Taglio PIVKey C910

• Smart card reader: HID Omnikey 5422

• Smart card certificate: Smart Card Logon

1. Configure a Smart Card Logon certificate template on internal Windows Certificate Authority ADCS.

2. Explicitly grant a predefined security group access to read/enroll via the template’s permissions.

3. Write a PowerShell script to simplify the process of requesting a certificate (certreq), setting a pin on the badge PivKeyTool), and writing the certificate to the badge (certutil).

4. After the PowerShell script completes successfully, the badge can then be used to login to a Windows 10 device.

5. The user must insert/touch their badge to the reader, and input their pin.

6. We’ve seen a successful authentication rollup from the OS to the browser (Chrome/Edge), which automatically authenticates the user to Azure AD. This helps the workflow immensely, as they can easily reach First Resonance ION soon after login.

Some improvements during your implementation may consider making the certificate request process easier, as well as implementing automated smart card certificate revocation on our CA to avoid users having multiple certificates on multiple badges.