AB Passwords

lab

Member
L
Join Date
Nov 2003
Posts
48
Hi,
I noticed a privious post regarding hoe to bypass password protection on a AB plc.As an OEM I have manufacture a number of very specialized machine, we came up with the concepts, and designed and built the machines.Now the purpose of my post is simply this, I have had customers who have purchase a machine from me and have entered into an agreement to purchase several more, but after the delivery of the first the proceded to farm out our design to another company who was willing to build it for less, what this customer is wanting to do is copy our ladder logic program from our first machine into the machine built by the competion.I just wondering if there is a way of protect our programs in such a way that they cannot be accessed by anyone outside of our company, I thought that a password would be enough but I guess I was wrong..... Perhaps the OEM lock?
I know this my sound trivial to some readers , but I have put alot of work into these machines, and do not wish to be screw like this again!
Thanxs in Advance
Lab
 
Many people are not honest gentlemen and we, OEM and conceptors with visons will always suffer from our usage of the digital media.

Copying a digital media will always be relatively easy and the protections from those crooks does not come in so many forms.

There are some lawyers who will work on the basis of percentage from what they recover.

Locking a code in place is not easy. The passwords and such schemes are basicaly aiming the amateurs. The real pros (read crooks) have the know-how to bypass them gates.

IF you really heart from copys of your development regarding the PLCs in your systems, the real best and almost fullproof way to go is to stay as far away from the main brands and built your system around a less known PLC. Even one which the manufacturers are small enough so you could even talked with some of the owners.

Like Stephen Luft's company.

Check it out!

Other than that, good relations or good lawyers are whats left.
 
On Allen-Bradley PLC's go to the Controller Properties, under the Compiler tab uncheck the box "Allow Future Access"

With this cleared RSLogix (5 or 500) will not connect to the PLC unless they have a copy of the program on floppy from you - whether you set a password or not.

From RSLogix500:
A check in this box (default) allows future access to the program files. The files can be uploaded and viewed even if there is not a copy of the file on disk. The absence of a check in this box protects proprietary programs from being uploaded and viewed if the user does not already have a copy of the file on disk. The file must be downloaded to the processor for this feature to be effective. This protection is available with all processors.

RSLogix 500 - Copyright Rockwell Software 2000
 
1 more level of protection?

Is it true that another level of protection is available if you enable the "Data File Overwrite Protection" bit (S:36/10 = 1). Will this keep the more savvy from overwriting the "Deny Future Access" bit (S:1/14) with a zero thereby turning off the OEM Lock. I am not quite sure if one would be able to overwrite the status bit without 'direct' access.

It would be interesting to hear from the experts if this would add any level of protection.

That said...I am more of the school of thought that one should protect himself from the described problem through the contract. Require the client to agree that he is purchasing a license to use the software...not the software itself.

Many of you have been in the business much longer than I, What are your thoughts?
 
Stephen,
Without a copy of the program to get aceess to the PLC, the customer (or another machinery builder) would be unable to edit any rungs to clear S:1/14, nor would they be able to get access to the data files to change the value of any bit.

You have a good point about the contract, but i take it one step further - every proposal, quote, contract and schematic supplied to a customer has the following stamp:

CONFIDENTIAL
The data contained herein is PROPRIETARY and CONFIDENTIAL.
Reproduction, use, publication or distribution of any part requires the prior written consent of C.N.R. Services, LLC. All Rights Reserved.
 
Any of the protections we are talking about are more intended ot control the masses than anything else. There is no way to stop a highly motivated individual with the proper tools from cracking anything you put in place. That said, the available protections will stop about 95% of the people out there. That's not complete protection but it isn't bad.
I look at password protection in plcs more as a method of protecting the well-intentioned from causing themselves a serious headache. At the very least it should make people think a little about whether they really want to dig into the thing.
Like Stephen and cnrservices pointed out, your best bet for protecting software is most likely in a contract. Unless you are ready to jump on a plane at a moments notice or send an email to a customer in the middle of the night you really can't leave a customer without a way to load a program. And if you give him a way to load the program you also have givin him a way to crack any protection you put in. The whole methodology is a bit self-defeating that way.

Keith
 
I would suggest that you collect the "engineering" cost on the first machine. And then sell the following machines for a reduced cost. (Put this in the contract). This way you don't get screwed and your following machines are competetive to another companies "clones". Then don't wory if someone else looks at and understands or duplicates your code. It should be easy for the customer look at and troubleshoot the PLC. That is one of the main reasons for the customer to specify a PLC, especially one he/she has software to use for troubleshooting. Ladder logic was designed (supposidly) so an electrician could troubleshoot with it. Look at this internet site, I've gotten lots of "free" code and engineering "secrets" from these guys who were more than glad to help. One more note here, if the machines are being duplicated, you might consider patenting them, then you would have a legal case against your customer, but this just seems like bad relations to me.
 
Without a copy of the program to get aceess to the PLC, the customer (or another machinery builder) would be unable to edit any rungs to clear S:1/14, nor would they be able to get access to the data files to change the value of any bit.
Click to expand...

I think its been pointed out, maybe indirectly, that this is not entirely correct.
 

Similar Topics

S
Need to add passwords
So I need to be able to give 10 people passwords to the machine and I need to make a log of when they are used. It's a Rockwell l71 processor and...
Replies
3
Views
885
Aardwizz
Aardwizz
geniusintraining
Mitsubishi GT Designer passwords
I have a customer that has a GT1575-VNBA and I think they are using GT Designer. They have the software and program for both the HMI and the PLC...
Replies
3
Views
2,314
parky
P
J
FactoryTalk View Studio *Used* Passwords
So I was compiling a new .Mer for a machine I don't have a need to login to all too often. I figured since I was compiling a new runtime for it...
Replies
8
Views
2,756
daba
D
B
Recovering Passwords from a FactoryTalk View ME Application ?
Good Morning , We have a machine with CompactLogix and a Panelview Plus 700. This machine is about a 2 years old , and nobody has the...
Replies
6
Views
7,037
nhatsen
N
A
GXWorks and Passwords
Hi I have been given the job of modifying a project written in GXworks, the system has 3 HMIs, and alarm messages are stored as strings in the...
Replies
6
Views
1,629
Andrew Hardy
A
Back
Top Bottom