Passwords

[TimWilborne 108]

I am trying to understand why programmers put passwords on PLCs. What exactly is being protected? Most programs, while it may be hard, can be reverse engineer. I have even had to write programs for machines off of what operators say the machine looked like it did before the battery went dead. Yes what we do is not simple work but what makes it so secretive? Is this done to truly protect the company that builds the controls or keep the purchaser from going elsewhere to have the machines worked on? If a company has a password on a machine they deliver to us, it is not accepted until the password is removed. It has nothing to do with trying to steal their secrets. It just has to do with us making sure that we don't get stuck when something goes wrong with a machine. You see to see small companies doing this more. Am I missing some other reason? And don't get me wrong. If a company puts a password on a program I am a firm believer that it should be respected and not bypassed, I'm just trying to understand why they are put placed in a program in the 1st place. Edited 4 Apr 2006 by TWControls

[BobLfoot 301]

Can't give you a definitive answer TW, but perhaps this will cover some of the issues. Not that many years ago I was working on a an Internship project and when I designed an algorithm for flipping bits that reduced the memory requirement from 4K to 1K saving us over $1000 per unit. The company no only passworded the program, but due to the industry it was written for they filed for a patent on the algorithm. As you well know many of the machines we design and build involve hours of trial and error to get correct. If they are a "one of a kind" system then we get paid and all are happy. If it is a project where there are multiple machines involved, we hope that the customer will rewrd are efforts and buy his future machines from us. Some cost customers will however take the prints, programs and etc and find a fly by night machine builder to clone our hard work. Often with substandard materials. And if the automation gods are really upset with us, we get the call to support their plant when these cloned macines can't be made to run as well as ours. Enter Passwords where a designer can protect his sweat equity.

[TimWilborne 108]

Yes, I can see your point there Bob. And I should have mentioned why I was thinking about this. A company I worked at that shutdown about 7 years ago sold a piece of equipment that was password protected. Some how that I am still not sure of, the machine ended up in India over the years. And then more ironically they found me to request the password the change the scaling to metric. Like I said the company I worked for has been shutdown for 7 years!!! If course I gave them the password. Wasn't worth a trip to type it in So the first thing I was thinking was did it really do any good to have it password protected all of those years? But now I am thinking if a company in India can hunt me down for a password why do these other people have such trouble getting passwords from companies that are shutdown? But another thing that may make my thinking different is I rarely have ever built the same machine twice Edited 4 Apr 2006 by TWControls

[BobLfoot 301]

Let me guess TW, like all of us "old school" types you documented well and included your anme and title. Most people who ahve trouble are looking at systems with less than ideal documentation.

[Sleepy Wombat 27]

A password is good for your protection over the warrenty period. Also TW, you had the password, obviusly you had to store it some where or more recently retrieve it, they managed to track you down, obviously it had some value to it. I hope that you were able to profit from it, since the company folded several years ago.

[TimWilborne 108]

No, my name wasn't on anything on that machine. I'm still baffled on that one. I wasn't a lead man on that machine. Later I lead on some of the modifications that were done to it. The only real documentation they would have had of me was the confidential statements you sign going into companies saying you are stealing their secrets Sleepy - No profit. Don't ask me what I was thinking. I could have to push for some . But it would not have been a hard machine to reverse engineer. But even going off of your logic of passwords during the warranty period which I had not thought of before should it have had a password in it so long after the warranty had expired? Edited 4 Apr 2006 by TWControls

[TimWilborne 108]

Ok Sleepy. I'm beginning to buy your thinking. By putting a password on a machine during the warranty period it is less liking that the purchaser will make a change in an attempt to speed the machine up or something that will cause it to fail or something like that. Now for my next question. Do you normally take the password off at the end of the warranty period? Edited 4 Apr 2006 by TWControls

[Pierre 1]

I never will password any PLC BUT I am often asked to do it. By OEMs. (They thinck it protects them) By plant managers.(They thinck it protects them also) Go figure!

[Sleepy Wombat 27]

Q1. Yep. BTW here is something to ponder in this world of litigation... I program a machine / whatever for a customer and i am happy in the knowledge that i have tested the program and it runs happliy..Lets say the program was not pw protected for the warrenty period and some numb nut who knows enough about PLC;s goes online because it holds all the black magic and so he believes that a it is a programming fault and he can adjust it out or whatever. (Hypothetically of course...) He changes your code, bridges out some logic and runs the machine, opps and operator looses a finger or whatever...Not wanting to get blamed he changes the logic back again....See where i am going with this. In fact someone does not need to get hurt...what about the damage to a machine whereby a new dye might cost 10s of thousands of dollars.... Happy to hand over a password if customer accepts all responsibility and paid all bills., ie i sold it to them as is and if they fool around with it then its their problem and also that. I generally do not PW the PLC code but you can generally sound out the customers who need it...

[TimWilborne 108]

Ok. I can see a few times that password protection may be an option. Bobs algorithm would warrant password protection as long as the purchaser did not pay for the development of the code. Sleepy's warranty with some reservations. I can see the liability and keeping someone from crashing the machine. But lets say this machine has no operator interface. Some switch gets out of adjustment. The purchaser has no way of figuring it out since he can't go online so he calls you. Simple to find after you can go online. Here is my problem with this scenario. Who pays?

[TERdON 9]

At my company we also usually password protect some of the programs. The main reason is we built a huge framework (just shy of tens thousands PLC instructions in large plants with many transporter robots, most of them special instructions), as the plants we build are very similar to each other. The framework increases configurability and software reliability tremendously (no new bugs in five year old code!). Of course the framework has been a big investment for us and we wouldn't ever have made it unless we reused the code for every surface treatment plant we build. The incentive to hide the code is there, but it isn't really big though, my boss has given printouts of the program to potential customers (mostly to show them that NO, we WON'T port to Siemens S7... ). There really only are three people understanding it from the ground up (me, my programmer workmate, and my boss). For all other people, we make pretty HMI screens that show them everything they need to know to keep the machine running (and if it would happen anyway it's considered a bug by us and is fixed on the warranty). So basically, there really isn't anyone that should fiddle around with the program except us.

[TimWilborne 108]

So if a "bug" came up, you would go out there, fix it, and update your master code for all plants. I wouldn't have a problem with this. Do you give them the option of purchasing the code?

[TERdON 9]

Uhm, code as in password or as in PLC program? I'm a bit confused. We do fix the PLC programs if problems show up, and if relevant, put them in the other plants as well. Sometimes bugs mostly are because of customizations, and there isn't any reason to take them to other places. It's very seldom that bugs are because of errors in the framework - 1) the framework has been thoroughly tested, and 2) it is being used all the time when running the plants so if we do stupid things normally we notice within a few minutes. In the rare case that we forget to put any relevant problem-solving info in the HMI (related to the program or the sensors), it is being added when the problems show up. Happened once I think, and with several years old tested code, that really doesn't happen at all anymore. :) The passwords only limit access to the programs in our case - there is still full possibility to check data memory contents, inputs, outputs and work bits, and even to force their status. That should be enough for fault searching (quite more than enough - actually enough even to cause a minor catastrophy and mechanical failures by overriding safe-guard checks). If there are bigger issues than that, basically someone from our company is needed to go out and fix it, partly because there shouldn't be broken software in our lines, and partly because someone who doesn't totally know their way around the program might screw up big-time. We don't give out the passwords afterwards. To be fair, not even a single of our customers even requested it. None of them have someone capable of more than at most very basic PLC programming, and most don't even have an on-site electrician. Basically it's far too complex for them to fiddle with... Neither do we sell the programs per-se - of course they get a life-time license to use it, and we couldn't care less about the customized parts, but the framework is kept a property of our company.

[TimWilborne 108]

Ok, that is a little different password scheme than I am thinking about and is a very good one. I am think more of passwords that protect access to the PLC period. So when Joe Blow needs to adjust a timer for mechanical wear or something he can't get into the program to do it.

[Sleepy Wombat 27]

TW wrote

[TimWilborne 108]

Ok guys thanks a lot. You have all sold me. All of the reasons you have given me for password protection make perfectly good sense. One other thing I have learned from this is that judging by your explainations for putting passwords on machines I feel there is absolutely not reason to help others retrieve passwords. While we are at it what do you think about that? Same for you, but while were are a good payer we are not a good purchaser unless I'm short on time. That's why they hired me

[Sleepy Wombat 27]

We tend not to advocate openly password solving software. When you look at past posts on plc password removal you will see that at times, certain software tools that sniff the serial port are mentioned. This puts the onus on them to do the darkside work so to speak. (You never know, if you snoop arround enough you might find it in the download section, who knows?) We also do not allow for the posting of passwords for the operation of software either.

[Beuwolf_1 0]

We have been using password protection also in certain applications, and for good reason. We have safety monitoring in our PLC's and while some items may seem not needed, too slow, or maybe just a pain for the operator or maintenance, we prefer them not to be removed by some over eager achiever with a knowlege of programming and a lack of background as to why the software was written this way. A small example is we put in a timer to wait for one minute till moving parts come to a complete stop. While standing there, the minute timer seems to take at least five and irritates the operators who must stand around and wait for that full minute to open a guard, even tho they can see some of the blades have stopped in less time. The software protection is to prevent some one from changing something that may have issues later down the road, but it can be a real pain for those that protect it just because they can. Beuwolf