You are not registered yet. Please click here to register!


 
 
plc storereviewsdownloads
This board is for PLC Related Q&A ONLY. Please DON'T use it for advertising, etc.
 
Try our online PLC Simulator- FREE.  Click here now to try it.

New Here? Please read this important info!!!


Go Back   PLCS.net - Interactive Q & A > PLCS.net - Interactive Q & A > LIVE PLC Questions And Answers

Reply
 
Thread Tools Display Modes
Old January 13th, 2020, 08:55 PM   #1
JeremyM
Lifetime Supporting Member
United States

JeremyM is offline
 
Join Date: May 2014
Location: Texas
Posts: 450
Execution Protection / Licensing for AOIs?

Hi all,

Short story: My company is very soon beginning to ship Studio 5k code in the form of AOIs that needs to be both source and execution protected.

I’ve got a grasp of the built-in source protection tool and I think it will suffice.

However, source protection won’t prevent a blind export/copy/paste/import of the AOIs themselves to processors we didn’t ship to our customer by other integrators and so on.

I understand I can do a hard-coded processor serial or MAC address check within each AOI via GSV to protect it. However, this requires un-protecting source, and re-protecting, manual key-in, and endless verification. It’s cumbersome, error-prone, and difficult to coordinate among a fellow team that regularly pushes various sets of these AOIs out daily.

Is the solution to hash the serial/MAC -> pass to AOI -> parse serial/MAC, regenerate hash, then compare?

Last edited by JeremyM; January 13th, 2020 at 08:59 PM.
  Reply With Quote
Old January 14th, 2020, 02:17 PM   #2
JeremyM
Lifetime Supporting Member
United States

JeremyM is offline
 
Join Date: May 2014
Location: Texas
Posts: 450
Bump
  Reply With Quote
Old January 14th, 2020, 05:06 PM   #3
jkerekes
Member
United States

jkerekes is offline
 
jkerekes's Avatar
 
Join Date: Aug 2007
Location: NJ
Posts: 2,326
You mean you want to prevent someone from copying the AOI and using it in another program?
__________________
John
  Reply With Quote
Old January 14th, 2020, 06:00 PM   #4
James Mcquade
Member
United States

James Mcquade is offline
 
Join Date: Oct 2007
Location: Tennessee
Posts: 2,897
your company can also state in your quote that your company has intellectual and propriety information in the systems and they cannot be copied, modified.... legal can handle this part.

I know it can be done, we have 4 systems here that have protection on certain parts of the code.

james
  Reply With Quote
Old January 14th, 2020, 06:41 PM   #5
JeremyM
Lifetime Supporting Member
United States

JeremyM is offline
 
Join Date: May 2014
Location: Texas
Posts: 450
Quote:
Originally Posted by jkerekes View Post
You mean you want to prevent someone from copying the AOI and using it in another program?
Exactly.

Quote:
Originally Posted by James Mcquade View Post
your company can also state in your quote that your company has intellectual and propriety information in the systems and they cannot be copied, modified.... legal can handle this part.

I know it can be done, we have 4 systems here that have protection on certain parts of the code.

james
Right, but other avenues exist to obtain or release it including outside integrators, in-house naivety, and so on.
  Reply With Quote
Old January 14th, 2020, 07:37 PM   #6
jkerekes
Member
United States

jkerekes is offline
 
jkerekes's Avatar
 
Join Date: Aug 2007
Location: NJ
Posts: 2,326
Do these AOIs have a great use outside the of their intended location? I mean what do these do that people copy them? Not to be insulting, but what is so great about them?
__________________
John
  Reply With Quote
Old January 14th, 2020, 08:59 PM   #7
EICS
Member
Australia

EICS is offline
 
EICS's Avatar
 
Join Date: Dec 2008
Location: Melbourne
Posts: 223
Quote:
Originally Posted by jkerekes View Post
Do these AOIs have a great use outside the of their intended location? I mean what do these do that people copy them? Not to be insulting, but what is so great about them?

more than likely they are in the business of wanting to be called for follow up work and future mods possibly!
  Reply With Quote
Old January 15th, 2020, 03:43 PM   #8
JeremyM
Lifetime Supporting Member
United States

JeremyM is offline
 
Join Date: May 2014
Location: Texas
Posts: 450
Quote:
Originally Posted by jkerekes View Post
Do these AOIs have a great use outside the of their intended location?
Yes, absolutely.
Quote:
Not to be insulting, but what is so great about them?
Not playing.
Quote:
Originally Posted by EICS View Post
more than likely they are in the business of wanting to be called for follow up work and future mods possibly!
No, I'm in it to build software that doesn't break; my goal is reducing follow up work.

Last edited by JeremyM; January 15th, 2020 at 04:00 PM.
  Reply With Quote
Old January 15th, 2020, 04:30 PM   #9
jkerekes
Member
United States

jkerekes is offline
 
jkerekes's Avatar
 
Join Date: Aug 2007
Location: NJ
Posts: 2,326
I wasn't trying to play. I was just curious what these AOIs do specifically. What is their function? Can you put protection on the routine their in? I have never added protection to any of my code. So I just want to know what your AOI are doing.
__________________
John
  Reply With Quote
Old January 15th, 2020, 04:40 PM   #10
Phrog30
Member
United States

Phrog30 is offline
 
Join Date: Dec 2006
Location: Montgomery, Alabama
Posts: 689
To my, limited, knowledge, what you want to do can't be done with a source key, but I think it's possible with a license, but I think that costs a lot, at least that's what I heard. Even if you protect a routine with a source key, the AOI can still exported and imported in another project. However, I think a license will prevent this.

You probably need to get in touch with RA or your local distributor.
  Reply With Quote
Old January 15th, 2020, 05:29 PM   #11
drbitboy
Lifetime Supporting Member
United States

drbitboy is offline
 
drbitboy's Avatar
 
Join Date: Dec 2019
Location: Rochester, NY
Posts: 1,345
FYI (or maybe you already know): if you are selling to either China, whatever you do will not prevent theft.

Can a dongle be used? That might slow them down.
  Reply With Quote
Old January 15th, 2020, 06:36 PM   #12
Timbert
Member
United States

Timbert is offline
 
Timbert's Avatar
 
Join Date: May 2011
Location: The middle of the Pacific Ocean
Posts: 434
I know Allen-Bradley just released a bunch of stuff of securing intellectual property. I would suggest you contact your local distributor about this stuff. Of course it's gonna cost you money to implement but if these are novel and valuable then it might be worth investing in the latest protection.
__________________
An expert is a man who has made all the mistakes which can be made in a very narrow field. --Niels Bohr as quoted by Edward Teller
  Reply With Quote
Old January 16th, 2020, 04:38 AM   #13
parky
Member
United Kingdom

parky is offline
 
parky's Avatar
 
Join Date: Oct 2004
Location: Midlands
Posts: 2,259
To be honest I have never come across any function or block that I could not write myself given the incentive. I can understand in some circumstances where protection may be required, however, if somebody wanted to rip your machine off there will be a way somehow. Also, I have come across copycat machines but not plc software, it is probably quicker to re-write it than try to decipher non documented code. How people can be na´ve enough to believe they can write AOI's or functions in a PLC that others could not I do not know.
I have been in this industry for 40 years and never protect or fail to supply documented copies of code unless it is a requirement of the customer. I have worked in a factory where quite a lot of the plant had been protected by the suppliers however, I engaged in conversation with them and obtained documented copies and passwords, They were quite happy that I was there to look after the plant, my knowledge was probably superior to their engineers (this was proved in practice when I had to bail them out on their own systems).
With some of the suppliers I had to sign a document that I would not divulge their intellectual property to 3rd parties.
To be honest I would find it quite flattering if other engineers used my code and will give it away freely in most circumstances.
As far as PLC code goes it is just an application of instructions designed by the plc mfr. and you just put them together to make it work.
I'm never worried about suppliers protecting their investment and took that under my belt, however, we did have a supplier win a contract with us, it was specifically designed for us and we paid for the development of the software, they refused to give us copies and password protected the plc's, the system never worked properly even after many visits by their engineers. Over a period of time I re-programmed the whole system (not easy as this was a 24hr production plant). I replaced one plc at a time after full simulation without any real downtime. needless to say they never got another contract with us.
  Reply With Quote
Old January 16th, 2020, 04:52 AM   #14
JesperMP
Lifetime Supporting Member + Moderator
Denmark

JesperMP is offline
 
JesperMP's Avatar
 
Join Date: Feb 2003
Location: Copenhagen.
Posts: 14,371
Quote:
Originally Posted by parky View Post
I'm never worried about suppliers protecting their investment and took that under my belt, however, we did have a supplier win a contract with us, it was specifically designed for us and we paid for the development of the software, they refused to give us copies and password protected the plc's, the system never worked properly even after many visits by their engineers.
Not to be a smart-a**, but that is a case where the requirement should have been explicitly stated in the contract. One can argue that morally they ought to hand out the code due to it being custom made for you, but dont expect it to be implied.
__________________
Jesper
See my profile interests for Q&A
  Reply With Quote
Old January 16th, 2020, 07:16 AM   #15
parky
Member
United Kingdom

parky is offline
 
parky's Avatar
 
Join Date: Oct 2004
Location: Midlands
Posts: 2,259
Unfortunately I had no input on that side of the project, my involvement was design hardware, however, I did state that we needed a copy of the documented software, which I eventually got and it was read only & for download if required, no problem for me as I knew how to remove the password both on the files & plc but I decided as I had no input to the contract I decided not to use any of their code. I had lists of all the tags etc. and the inter plc & Scada coms and as it was so badly written decided to completely re-write it, it goes without saying though that some of my code was near identical, how many ways are there to do the same function.
  Reply With Quote
Reply
Jump to Live PLC Question and Answer Forum

Bookmarks


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Topics
Thread Thread Starter Forum Replies Last Post
Simatic Logon V1.3 anotherone LIVE PLC Questions And Answers 5 January 22nd, 2015 02:15 PM
NOP instruction foremanml LIVE PLC Questions And Answers 26 September 8th, 2014 04:40 PM
Source Protection Lockout JiNCs LIVE PLC Questions And Answers 4 February 15th, 2013 06:27 AM
ControlLogix Sourde Protection Southner LIVE PLC Questions And Answers 16 August 1st, 2012 03:55 PM
Motion Instruction ERR = 3 (Execution collision) MAW instruction DoubleL LIVE PLC Questions And Answers 23 April 4th, 2007 07:48 PM


All times are GMT -4. The time now is 03:34 AM.


.