Human-Machine Interface (HMI)
What is Human-Machine Interface (HMI)?
Human-Machine Interface (HMI)Software or panel that lets operators visualize process state and issue commands to PLCs, DCS, and SCADA systems.
A Human-Machine Interface (HMI) is the graphical layer that bridges operators and the industrial process, showing live tags, alarms, trends, and mimic diagrams while allowing operators to start, stop, or adjust set-points. HMIs run on dedicated panels next to machinery or as control-room workstations connected to SCADA or DCS servers. Because HMIs can write to PLCs and frequently run aging Windows builds with weak credentials and exposed services (VNC, RDP, web), they are prime initial-access targets in OT incidents. Hardening typically involves removing dual-homed network adapters, role-based access control, strong authentication, application allow-listing, and continuous monitoring.
● Examples
- 01
A touchscreen HMI on the factory floor showing tank levels and start/stop buttons for pumps.
- 02
A control-room WinCC or Wonderware screen with mimic diagrams of an entire production line.
● Frequently asked questions
What is Human-Machine Interface (HMI)?
Software or panel that lets operators visualize process state and issue commands to PLCs, DCS, and SCADA systems. It belongs to the OT / ICS / IoT category of cybersecurity.
What does Human-Machine Interface (HMI) mean?
Software or panel that lets operators visualize process state and issue commands to PLCs, DCS, and SCADA systems.
How does Human-Machine Interface (HMI) work?
A Human-Machine Interface (HMI) is the graphical layer that bridges operators and the industrial process, showing live tags, alarms, trends, and mimic diagrams while allowing operators to start, stop, or adjust set-points. HMIs run on dedicated panels next to machinery or as control-room workstations connected to SCADA or DCS servers. Because HMIs can write to PLCs and frequently run aging Windows builds with weak credentials and exposed services (VNC, RDP, web), they are prime initial-access targets in OT incidents. Hardening typically involves removing dual-homed network adapters, role-based access control, strong authentication, application allow-listing, and continuous monitoring.
How do you defend against Human-Machine Interface (HMI)?
Defences for Human-Machine Interface (HMI) typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for Human-Machine Interface (HMI)?
Common alternative names include: HMI, Operator interface, Operator panel.
● Related terms
- ot-iot№ 972
SCADA
Supervisory Control and Data Acquisition systems that gather telemetry from remote field devices and let operators monitor and command large industrial processes.
- ot-iot№ 864
Programmable Logic Controller (PLC)
A ruggedized industrial computer that executes deterministic control logic to read sensors and drive actuators in real-time processes.
- ot-iot№ 328
Distributed Control System (DCS)
An integrated ICS architecture in which controllers, operator stations, and engineering tools are distributed across a plant and tightly coupled by a vendor backbone.
- ot-iot№ 529
Industrial Control System (ICS)
An umbrella term for systems that automate and supervise industrial processes, including SCADA, DCS, PLCs, RTUs, and safety controllers.
- ot-iot№ 881
Purdue Enterprise Reference Architecture
A layered reference model for industrial networks that segments business IT from process control, widely used to design ICS network segmentation.
- malware№ 917
Remote Access Trojan (RAT)
Malware that gives an attacker covert, interactive control of an infected device, similar to a hidden remote-administration tool.