Protecting my code in Koyo products

jimpad

Member
Join Date
Sep 2004
Location
Paducah, KY
Posts
88
Hi all,
I will be selling my code to machine builders. To protect my code I'm planning on using the password feature of the D06, but I need to allow tech's to download new features when desired. So, I will use dnloader w/password feature (I know there are bugs w/dnloader but I've been working w/host engr and feel confident they will fix). The problem is how to prevent downloading code into other machines (copying the code). I'm thinking of developing "authorization" logic which will prevent the ladder from executing unless the tech supplies the proper key which he can only get from me. I see it like this.

1. Tech downloads logic to plc.
2. Authorization logic runs in plc and creates unique authorization "code".
3. Tech reads "code" and contacts me for authorization "key".
4. Tech inputs "key" into plc and authorization logic checks "key and allows/disallows complete ladder to execute.

I'm looking for opinions, examples, etc.

Thanks,
Jim
 
Let me get this straight, your giving them your ladder logic to download, once they download it it spits out out a code and you give them another code to make the program work?

Whats going to prevent them from editing the ladder program you give them and removing the authorization code?
 
So, I will use dnloader
glaverty, dnloader is a program that allows you to upload a program from one PLC and download to another. It does not allow access to the ladder logic I believe.
 
Right but can he password protect the program so that it can't be opened with an editor?

I know you can password protect PLC's so that you can't get code out, but can you password protect the actual code? Is that an OEM Lock?
 
Last edited:
I,m not at all sure you can have a seperate PLC password and a seperate Dnloader password. http://www.hosteng.com/SW-Products/DNLoader Flow Chart.pdf

You could try this though... stick a pseudo "password" in the NVram before shipping the plc. Have the program do a compare to a K value in the program. If the two dont match have the plc do something very strange, or block all outputs etc.. This wont work for the very savy, but it'll remind them that their violating your agreement not to copy the code to other machines, and make them work for it.
 
Glaverty,

dnloader is a utility that allows downloading the compiled, password protected code so it can only be downloaded to a cpu w/same password or a blank cpu. So, I don't think they can access/see/copy the ladder at all. But there is no reason they can't download the image into as many plc's as they want. Hence the need for an "activation" mechanism.

Elevmike,

That's a good idea but I also want the tech's to be able to get plc's directly without my have to handle them.

Thanks,
Jim
 
Jim,

A$$-u-me-ing that you initially shipped the plc, and your emailing or somehow sending the customer edits, or changes etc. It seems that the NVram password scheme would work pretty well. The program would be spicific to a certain CPU.

If your the panel builder then you can plug in the static NVram password before you initally ship it. The NVram password will be there forever, even if you change programs, etc..

Now if your only the programmer, and your customer is buying the CPU from AD, I dont know what to do to protect your work from being cloned over, and over, and over, and over......

If that's the case, send the customer a modem and go on line with the PLC and set it up that way. Who would know???

P.S. I've actually never tried it myself (NVram password), just dreamed it up due to this thread.
 
So basically your worried about them making exact clones of the machines because without the ability to edit the program it would have to be exactly the same.
 
Ok so here it goes,

The customer as a virgin PLC.

You send the the "program" the only thing is that the program your sending them actually only loads the NVram password. And dosnt actually run the machine.

So the customer calls and says the program dosnt work. You tell him to discard the disk because you made a mistake and sent him the WRONG program, and youll send him the "right" program via email or something. The second "program" is the working model, with the verification (comparison) code.

So later he tries to load the second working code in another virgin plc and it dosnt work. Now he has to do some serious trouble shooting because he dosnt have any docs to work with and might not notice the comparison contacts peppered around your program can be deleated with out any ill effect. Since the code works in the origional CPU, he'll likely blame the "copy" cpu and get nuts with the PLC manufacture.

That's the best I can think of today.

Everybody have a great holiday, and go out and play with the kids.
 
I am not adept enough to comment on the password schemes, but I think you are missing the first step. Before you deliver the code you need to have a single machine license agreement signed by an officer or executive of the customer - the assembly foreman won't do. You need to have included in the purchase order a price for each additional machine - call it a royalty or licensing fee - and specific language identifying the customer's rights to copy or duplicate the program for the original machine. You probably also need to identify in writing procedures for the customer to obtain and use the password for your programming.

You see, the customer has a legitimate right to demand access to the program logic in case a short circuit or PLC failure wipes out your program. Their is also the legitimate "What if you get hit by a truck" question. We have lots of questions on this site that start out "My machine builder is out of business - how do I obtain a copy of .........."

There is no password protection in the world that can't be bypassed. There is no contract in the world that can't be violated. Like locks, these things keep honest people honest. By putting your customer on notice ahead of time, and clearly defining the costs, and giving them the power to access the logic for legitimate purposes, you are more likely to get cooperation than just relying on passwords or other security measures.

If you think your customer is a crook you shouldn't be doing business with them. If you are worried about your customer's customers, develop a joint plan of action with them. AFter all, it is in their best interest to control access to machine duplication as well.
 
Thanks for the responses guys.

It's not that I think my "customerS" are crooks it's just that in the past I've realized it only takes one bad apple... Currently my major competition is someone who somehow blablabla got a copy of my code and is now selling against me Ahrg! I really don't want to make the same mistake twice.

I like the nvram idea, I'll definately give it some thought and let you know what I come up with.

I also understand the need for legal protection which I'm starting to look into (I can't wait... talk about something on the back buner).

Thanks again,
Jim
 
One more thoought,

We are primarly a contractor/maintenance & service company. Inother words we make our money from the installiation, and future service on the unit. Apart from building our own panels, we often buy PLC based systems for larger more complex projecets from other vendors. They always supply us with a full boat documented copy of their code. Even though, I have never copied any other designs, or code to use in other projects, other than the one it's intended for. Apart from the ethicial issues involved, it's just not worth it for me to try supporting somebody elses desigm, or code. I simply wouldnt save enough cost to have to do this. We sell our systems because the customer is more comfortable with a non-propriatry system. I sold a job last week, that I was high bid on only because I was the only contractor willing to provide the owner with a copy of the code. All of the other vendors refused the owners request. Now I'm the one with the project, and a new long term mmaintenance contract.
 

Similar Topics

Hello Experts, I need to protect RSLogix5000 (V20.01) Program such that its routines shall not be exported. Rockwell Documentation says below...
Replies
2
Views
10,667
What features or policy should there be for protecting 1. source code 2. binary code. Should we have a back door to unlock the code or should...
Replies
7
Views
2,729
Hello everyone, been awhile since I've posted..... As the title suggests, using Crimson 3.1 software (Red Lion) I cant seem to figure out if its...
Replies
4
Views
1,650
Hi, Just wanted some thoughts on protecting control and instrumentation from welding damage. We had a PLC and drive fail after some welding work...
Replies
12
Views
4,908
Hi Everyone, Yesterday we encountered an issue where I had a 480V 3Ph 2HP Powerflex 525 blow up. Upon further inspection, we noticed that 10...
Replies
21
Views
5,950
Back
Top Bottom