Passwords

[Eric Nelson]

One Step Beyond?...

So you're saying that if an end user "purchased" your software, they couldn't upload the compiled file from the PLC and view (uncompile) it? I think (and would sure HOPE) that they could.

But wait, since your software is *free*, anyone (programmer or not) could modify the program... utoh

I don't know of any PLC that stores the "ladder file" in the PLC... IOW, they're all compiled code too! You need their software to uncompile it as well. But at least there's "some" protection involved... You have to PAY for THEIR software...

Sound to me like a good reason NOT to "give away" the software!

beerchug

-Eric

 

[Steve Crotty]

The ControlLogix system has some nifty security; individual routine protection, and an unbreakable OEM lock

There is a bold statement right there

Regards

-Steve

 

[Stephen Luft]

Eric,

Anyone can upload our software, that is true, but if they don't have the ladder file, there is nothing they can do. Our software creates two files. Only one file, the .hex file is downloaded to the controller.

The only way you can modify the program is if you have the ladder file. That is one reason why it doesn't matter that we give our software away.

We do not provide a decompiler in our software. The person that creates the program, controls who it gets sent to, or in some cases who it doesn't get sent to. The intent is to have their customers come back to them for support.

Thank you for enlightening me. I wasn't certain as to how the other manufacturers loaded their program, if you are able to retrieve the program and thus require a means to protect the program from unauthorized people.

God Bless,

Stephen Luft

 

[ganutenator]

so..... how did that automation fare go?

Specific to my Company's product line, I think A-B didn't put a backdoor password into the MicroLogix family for three reasons:

1. Enough hassle already with the other product families. Some OEMs want intellectual property protection, and they should have it. Some plant managers don't want equipment changed without authorization, and they should have that too. Some programmers think they should have access to change whatever they want when they want. They can go spin.

2. Safety standards / Liability. A-B sells clutch-brake control systems based on the MicroLogix 1500 (wired redunant, even !). Even if such a system was edited by Einstein himself, the fact that it was able to be edited makes it theoretically unsafe, and therefore unable to be used for a machine safety application.

3. Price. The MicroLogix cannot handle colossal systems, so the real economic damage that a forgotten password can do is *relatively* small.

I believe that our original querent krunalc was earnest and honest, but I have been told the "programmer is out of business / dead / missing / fired / a jerk" story dozens of times. Twice it was true.

The ControlLogix system has some nifty security; individual routine protection, and an unbreakable OEM lock. I haven't gotten it's firmware authors drunk enough to find out if there's a memory probe that can unlock it, though. There's always Automation Fair !

so..... how did that automation fare go?

 

[automation fair goer]

Automation fair starts the week of Nov 18th!!! wait a couple weeks!

 

[Allen Nelson]

You're early

Check the CALENDAR .

Automation Fair is next week.

<hr>

Beaten to the punch again....