Jump to content
OMRON Forums

Encryption / Security of Source Code


daves

Recommended Posts

I am currently thinking about deployment of our PPMAC systems. We do not want users to have access to the project files on the PPMAC for 3 reasons

 

1) Safety. The code controls machinery and uneducated alterations could make the machinery unsafe.

 

2) Commercial. The code allows certain features if a particular customer has purchased the features. This could be altered and enabled without payment.

 

3) Intellectual Property. We do not want to give away any of our IP.

 

I assume we can lock out the IDE from customers by changing the login password.

 

However, I see by simply plugging in a mini/micro USB lead to the mezzanine board you get read-write access to /opt folder and hence the code. I know c programs are compiled files but there is a lot of information in the pmh files and plcs.

 

Also any upgrades we send on Recovery Disk USB sticks is currently unencrypted as far as I can tell.

 

Is it possible to protect our system and upgrade procedure?

 

Thanks

Dave

Link to comment
Share on other sites

  • Replies 9
  • Created
  • Last Reply

Top Posters In This Topic

I am currently thinking about deployment of our PPMAC systems. We do not want users to have access to the project files on the PPMAC for 3 reasons

 

1) Safety. The code controls machinery and uneducated alterations could make the machinery unsafe.

 

2) Commercial. The code allows certain features if a particular customer has purchased the features. This could be altered and enabled without payment.

 

3) Intellectual Property. We do not want to give away any of our IP.

 

I assume we can lock out the IDE from customers by changing the login password.

 

However, I see by simply plugging in a mini/micro USB lead to the mezzanine board you get read-write access to /opt folder and hence the code. I know c programs are compiled files but there is a lot of information in the pmh files and plcs.

 

Also any upgrades we send on Recovery Disk USB sticks is currently unencrypted as far as I can tell.

 

Is it possible to protect our system and upgrade procedure?

 

Thanks

Dave

 

Hi Dave,

Thanks for the post. We are actively working to implement encryption for the powerpmac project. We will have this feature available in the next release that is beginning of the next year.

We understand the importance of protecting IP.

If you want you can be our beta tester for the next release.

Thanks,

Atul

Link to comment
Share on other sites

  • 6 months later...

Hi Atul

Thanks for the reply. That is good news. I would be happy to participate in beta testing.

Dave

 

How's progress on security? (and a beta release?)

 

We have just released our first PPMAC system to a customer. We are still very concerned about security for the three reasons mentioned last year.

 

I'm generally unhappy with any access and the ability to mess up the project and also specifically:

 

* I am not happy about access to Global Includes pmh files revealing variable definition, and pp_proj.h where a person could see "CustomerHasPaidFeature=100". With this info you could run gpascii and type "M100=1"

 

* Also access to the pp_save.cfg file where we would have saved M100=0 for a customer which they could change.

 

* All of the PMAC Script Language directory is open to abuse.

 

Really the whole file system needs to be encrypted. We hope to soon be releasing systems to other customers (different customers inspire different levels of trust...)

 

Dave

Link to comment
Share on other sites

  • 2 months later...

Any security update yet?

 

We are getting closer to more customer releases of PPMAC and this is a great concern.

 

Also I spot some people are testing a 1.6 IDE, any news on a release or the promised beta? we have been through a number of VS IDE shell releases since the 1.5 IDE I am using

Link to comment
Share on other sites

Any security update yet?

 

We are getting closer to more customer releases of PPMAC and this is a great concern.

 

Also I spot some people are testing a 1.6 IDE, any news on a release or the promised beta? we have been through a number of VS IDE shell releases since the 1.5 IDE I am using

 

Hi Dave,

The IDE that I am using along with some of our international offices does include encryption. We are testing it. I will update you as soon as I feel comfortable with testing. If you want to be a beta tester I will be glad to give you the IDE.

Atul

Link to comment
Share on other sites

  • 4 years later...
Guest
This topic is now closed to further replies.

×
×
  • Create New...