Controller Security

Hello all,

I attempted to upload a program off of a contrologix today and was faced with a locked controller. As an OME, we do not lock the controllers that we ship out. This is the first controller I have come across that has restricted access. What would I need to get online with the processor? Do I need the original .ACD file or do I need some security credentials?
I am also curious to how this works legally. Who "owns" or has rights to the code. If anyone could provide inside to the legal aspect of this it would be appreciated.

Thank you

If the controller itself is 'Secured', You'll need the password that was used to secure it. Then you use the logix security tool to unsecure it.

The code is 'owned' by whomever the contract says 'owns' it. This will involve lawyers.

I have been reading through the online document that Rockwell has on controller security.

http://literature.rockwellautomation.com/idc/groups/literature/documents/pm/1756-pm016_-en-p.pdf

From what I understand is the controller can be locked from either a factorytalk username and password or the logic CPU security tool with just a password.

The controller is a L61 with version 20.012, from the manual this deems two locking methods?.

I have tried the CPU security tool, navigating to the CPU and selecting the controller. right after i click on the controller i am presented with a message saying that the controller has timed out. The lock indicator is missing and has a question mark in its place.

At this juncture, I think the controller could be locked from one of two methods.
Please correct me if I am missing something.

IIRC I don't the the CPU Lock tool works past V19. You could use FT security in earlier versions but it required the security emulator. Again IIRC 21 and forward it's a direct link to FT security.

Very old versions of the software used the standard password like 5 and 500 agian IIRC.

The error you have may be from that the CPU lock tools is not supported in 20.012.

Did your company design this code and your customer locked it? That's what I got from your OP so correct me if I am wrong. Does the customer have the ability to unlock it? Or does the code belong to another company and they have it protected?

At the end of the day if it's secured by either method you won't be bypassing it without the password and /or encryption keys.

Also unlike years ago there is no secret Rockwell backdoor to bypass this. If it's secured and you loose your password or keys it's wipe the unit and start over.

Our company did not manufacture this machine. We are interfacing them to pass variables.

Just for fun, I created a new project in logix5000 and tried to enable security authority. once i okayed the new controller. i was presented with

failure to create project. access is denied. Access to the rslogix 5000/secure controller. action is required to secure a controller error 716-80043b28.