After many years of experience in the automation industry, one of the most frustrating issues is the problem of program piracy. Today, I will discuss the encryption and protection solutions for Siemens PLC programs, helping everyone better protect their intellectual property.
1
The Necessity of Encryption
There have been too many similar situations encountered on-site: programs developed with great effort are copied, and some people don’t even bother to change the comments, directly selling them to others. Worse still, some people modify the programs without authorization, causing equipment failures, and the original developers are left to deal with the problems. These lessons tell us that program encryption is not optional, but a necessary task.
2
Basic Encryption Solutions
1. Password Protection
The most basic protection is to set an access password. In the TIA Portal software:
-
Select PLC in the project tree
-
Open the “Protection” option
-
Set “Protection level” to “Write protection” or “Know-how protection”
-
Set the password
Note: The password must be kept safe and should not use easily guessed passwords such as birthdays or phone numbers.
2. Know-how Protection Detailed Settings
This is a more advanced protection method than ordinary passwords:
-
Can hide the specific content of program blocks
-
Allows other users to call the functions without seeing the implementation details
-
Supports emergency recovery password function
3
Hardware Encryption Solutions
1. Storage Card Locking
By downloading the program to a storage card and locking it, the following can be achieved:
-
The program can only run on a specified CPU
-
Prevent the program from being copied to other PLCs. Specific steps:
-
Enable “Copy protection” in the CPU properties
-
Download the program to the storage card
-
Bind the CPU serial number
2. Module Binding
A more powerful protection method is module binding:
// Sample code (SCL)
IF "Local~Module_Serial_Number" <> 16#1234ABCD THEN
// If the serial number does not match, stop the program
STOP;
END_IF;
4
Software Encryption Techniques
1. Program Block Protection
Encapsulate core algorithms into independent function blocks:
-
Use Know-how protection for key FBs
-
Hide internal implementation through interfaces
-
Avoid writing core logic directly in OB
2. Time Limit
Add a trial period limit:
// Sample code (SCL)
"Runtime_Hours" := "Runtime_Hours" + 1;
IF "Runtime_Hours" >= 720 THEN // Stop running after 30 days
"System_Enable" := FALSE;
END_IF;
3. Dongle Solution
Use special input signals as a program running license:
-
Design a dedicated hardware encryption module
-
Verify authorization status through communication
-
Pay attention to the confidentiality of the encryption algorithm
5
Common Problems and Solutions
-
Lost Password
-
Establish a password management system
-
Use professional password management software
-
Keep emergency recovery passwords
-
Program Cracked
-
Regularly update protection solutions
-
Combine multiple encryption methods
-
Add a self-destruct feature to the program
-
Customer Complaints
-
Communicate the reasons for encryption in advance
-
Provide reasonable technical support solutions
-
Sign confidentiality agreements
6
Practical Suggestions
-
Establish a complete program protection system:
-
Software encryption
-
Hardware binding
-
Legal protection
-
Core code protection measures:
-
Disperse in different function blocks
-
Add obfuscation code
-
Avoid plaintext comments on key algorithms
-
Maintenance and Upgrades:
-
Record all protection measures
-
Regularly update encryption solutions
-
Establish emergency handling plans
-
Daily Management:
-
Strict source code management
-
Employee confidentiality training
-
Customer data archiving
7
Security Reminders
-
Encryption is not a panacea, and legal means should be used in conjunction
-
Regularly check the program’s operating status
-
Retain necessary technical documentation
-
Encryption measures should be thoroughly tested
Finally, I remind everyone that encryption is an important protection measure for technological innovation, but it is also necessary to leave sufficient maintenance space for customers. Reasonably using encryption technology protects one’s own interests while considering the actual needs of customers.
It is recommended to first try different encryption solutions in a testing environment to evaluate the reliability and practicality of various protection measures. You can start with basic password protection and gradually add more complex protection mechanisms. At the same time, establish a complete password management system to ensure the security of keys.