Password lock workvisual access to controller

  • Hello,


    I am have been reading the manuals for workvisual (I am using version 6.0) and haven't been able to find if there is a way to lock with a password online access to a controller.

    The specific situation is that I have a robot installed in a plant and connected to the plant's industrial network and I don't want unauthorized users connected to the network to be able to access and download the project.

    Is there a way to do this?


    Thank you

  • AD
  • as with any computer, using password is only to slow someone down. when there is a physical access possible - there is no way prevent access even if you apply passwords....



    for example you can close ports that WoV uses but ... one can collect archive, or KRCDiag or HDD image. this is by design. and each of those will contain easily accessible WoV project.


    so, can you be more specific? what exactly you want to prevent?


    If there is a need to protect program files, you can use KUKA.Encrypt.

    another option is to put key functionality into external application (something in binary form) or even on another product...

    1) read pinned topic: READ FIRST...

    2) if you have an issue with robot, post question in the correct forum section... do NOT contact me directly

    3) read 1 and 2

  • panic mode,


    I want to prevent someone else working in other projects in the plant to be able to access my robot project as a form of know-how protection mainly. I know that without the password for the HMI they won't be able to change the program and normally there is no physical access to the machine except by trusted personnel. I undestand that this isn't entirely safe but I'm just trying to make it harder for this information to be taken.


    I am not familiar with that option of putting functionality in binary form or another product, so if that is the best way to achieve what I want could you please provide any sources to read about it?


    Thanks

  • wait... what?

    you want to protect your know-how but at the same time you asking others to share theirs? hmm....


    so what is it about your project that is unique and needs protection? it cannot be the network settings... or MADA...is it IO mapping? is it drives configuration? or is it KRL programs that you developed?


    IO mapping and drives configuration are not that special knowledge that is secret and worth protecting. chances are you want to protect the actual KRL code. KUKA has tool that can encrypt the files so they look gibberish. but they still run fine. That makes it impossible for prying eyes to read (or at least very difficult). But someone could still take that code and put it on another robot... So before encrypting you can also add a check such as if robot serial number is correct (just an example). Then encrypted files would really only be able to work on specific robot(s). You do not need to encrypt everything - just one module that contains all key functions that you want to protect. This way other programs that use that library would not be functional without it. Imagine if BAS.SRC was not readable... and if inside it you check if robot serial number is correct before doing anything. It would be pretty much the end of inline form motions unless someone was about to recreate that functionality from scratch.


    The other option is to not use encryption on any of the modules in the robot but have some key functionality developed and running externally (somewhere...somehow...).

    so your robot program would be perfectly visible and editable. But it would at some places call some function to do some computation etc. If that function does not reside in WoV project, then you do not need to protect WoV project. Then the protection can be in that external piece of code which is not a KRL program but something else. But this would require that this "something else" is vital to the process and not easy to replicate. An example could be some sort of HMI or vision application or some calculation or any sort of data that can be stored or generated externally. So by compiling that external application means your can have distributable program but not readable. and you can also make that program lock onto something unique to prevent it from being copied to another unit. Perhaps check robots serial number or something else that is local to unit on which external application resides. Normally this would run on some PC and that means checking serial number of the CPU or the motherboard or the HDD or macid of one of the network cards etc.

    1) read pinned topic: READ FIRST...

    2) if you have an issue with robot, post question in the correct forum section... do NOT contact me directly

    3) read 1 and 2

  • That would only work when no physical access is possible. And that means putting padlock on the cabinet and unplugging usb/ethernet cables from CPS

    1) read pinned topic: READ FIRST...

    2) if you have an issue with robot, post question in the correct forum section... do NOT contact me directly

    3) read 1 and 2

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account
Sign up for a new account in our community. It's easy!
Register a new account
Sign in
Already have an account? Sign in here.
Sign in Now