Micrologix 1000 Ladder Stealing

Micrologix 1000 Ladder Stealing

WITHOUT using passwords: Does anyone know how to prevent or make it harder for a customer to download the ladder logic to more than one PLC. (Original quotation stated clearly 1 PLC only)


Thanks


Andy

Try using the 'Contract' module. If problems persist, follow up with 'Attorney'* module.

* Use of this module should be limited to extreme cases, due to its extreme cost and incompatability with most everything else.

Andy,

In most cases the PLC does not contain documentaion, which will make it extreamly diffucult, (depending on probram complexity), for anyone to trouble shoot. This would allow you to bury some obsucre code in the program that could time out, or otherwise disable the funchtion of the program, or a portion of it. You could then manualy set a hidden bit that would enable the program on a legal PLC that YOU loaded the program into.

This isnt fool proof, but it should make things more diffucult for the perp.

Mike.

elevmike said:

Andy,

In most cases the PLC does not contain documentaion, which will make it extreamly diffucult, (depending on probram complexity), for anyone to trouble shoot. This would allow you to bury some obsucre code in the program that could time out, or otherwise disable the funchtion of the program, or a portion of it. You could then manualy set a hidden bit that would enable the program on a legal PLC that YOU loaded the program into.

This isnt fool proof, but it should make things more diffucult for the perp.

Mike.

Click to expand...

Sounds like a logic bomb to me:

http://www.cknow.com/vtutor/vtlogicbomb.htm
http://www.yourwindow.to/information-security/gl_logicbomb.htm
http://www.wordspy.com/words/logicbomb.asp

In the last link, notice the phrase "charges were filed"


Probably not a good idea...


John

I think what Mike is saying here is...

Set up a bit that can only be turned on while
online. Most plc's, I know A/B for sure, will
transfer ram to eeprom on power down for integer
and long files. So, once the "magic bit" is set,
it will remain set.

Making it obscure and difficult to find, all in
the interest of protecting contractual agreements,
and possible copyrights, doesn't sound like something
that would hold up in court if charges were filed.

But then again....I'm not an attorney.

You could then manualy set a hidden bit that would enable the program on a legal PLC that YOU loaded the program into.

Click to expand...

I think the original question was to prevent piracy of his PLC program; say a customer has another fabricator copy his machine design and wiring & then upload the program from his PLC to download it to the PLC in the copy.

If you did hide an obscure bit somewhere, wouldn't that bit's status be uploaded & copied with all the data files to the new PLC?

I doubt if the AB line supports it, but one PLC I worked on a few years back did have a command to scan for a unique identifier on the PLC (much like the hard disk volume serial # that RSLogix activation key looks for - wrong serial # = no run!)
That would at least make sure your program only ran on the PLC you provided them, unless between the upload & the download that line of code was deleted.

Greg

Short of the possibility Greg mentioned, I don't that you can prevent duplication in an off-the-shelf PLC.

You could make your own 'proprietary' PLC by simply filling the serial port with Krazy glue after downloading the final program. Makes it real difficult to 'borrow' your program after that!...

beerchug

-Eric

P.S. to Ms. Yaftoo... Is that you, Norm?...

Yep.

Upload will pull everything.

Anyway though, I can't see how trying to protect
a program would throw you into court.

Let's say a person could make a copied program
not work, after say 10 seconds, unless a special
code or input/bit combination was seen.

How could a person be charged for simply trying
to protect some proprietary code or contract
agreement?

I'm refering to contractors with contracts.

Disgruntled employees is a different matter.

until someone needed to replace the micrologix processor.... For a burnt out output...

Love that glue idea!

I'll "one up ya". (sorta)

Take the cover off and snip the RX and TX.

beerchug

after say 10 seconds, unless a special code or input/bit combination was seen.

Click to expand...

If someone made an exact duplicate of the wiring of a machine & copied the program, then any combination should be there.

That disconnecting the serial port sounds like the way to go - as long as you are sure no changes to the program will need to be made in the future, as every time a change is made a new PLC needs purchased, unless it's something internal that you can undo, since you know what was un-did.

Greg

AllenF said:

Take the cover off and snip the RX and TX

Click to expand...

Or, move RX and TX to different pins. Then you can still access the program, but only with your 'special' cable...

I won't recommend this, but if you want to be REALLY evil, you could additionally stick 120VAC on pins 2 & 3 to thwart any upload attempt by unauthorized users! They won't try THAT again!...

beerchug

-Eric

John, aka Rootboy,

I have never installed "logic bomb", nor do I condone their use.

Andy asked:

"WITHOUT using passwords: Does anyone know how to prevent or make it harder for a customer to download the ladder logic to more than one PLC. (Original quotation stated clearly 1 PLC only)"

Under the above circumstances, the use of some sort of protection scheme that would disallow a copy of the original program to be used on another PLC would be perfectly legitimate.

One way of implementing a protection scheme would be to manually preset various necessary parameters, such as would be required for a Hi Speed counter, or timer presets etc., in the required memory areas, rather than automatically setting them on the 1st scan. A new CPU would have these memory registers set to factory defaults, and the program would not have the code for the proper setup. You as the "owner" of the program you would manually set up these parameters when installing the program in a legal PLC.

I hope that clarifies that some.

Mike

AllenF said:

Yep.

Upload will pull everything.

Anyway though, I can't see how trying to protect
a program would throw you into court.

Let's say a person could make a copied program
not work, after say 10 seconds, unless a special
code or input/bit combination was seen.

How could a person be charged for simply trying
to protect some proprietary code or contract
agreement?

I'm refering to contractors with contracts.

Disgruntled employees is a different matter.

Click to expand...

Well, if the operation ceases mysteriously (maintenance toggles a bit), and someone gets hurt, it could get sticky.

Keep in mind it's what the jury thinks that matters. But I really think that it would be really hard to prove intent.


John

John,

If the paperwork is right, the warranty & liability on your work only extends to the machine you supplied. Additionally, In most states, (except maybe in CA where anything can happen), Tort law states that you cant be held liabable for someone stealing your code and not loading it properly on another unauthorized unit.