License-based Protection

Share:

Rockwell Software® Studio 5000 Logix Designer® application integrates CodeMeter technology to protect intellectual property throughout all stages of a product lifecycle, from the creation and modification of the source code to the compiled programs running on the controller. The chain of access to IP in all these phases involves several actors: developers, system integrators, machine operators, maintenance and technical support personnel, contractors, and end users. Cyber-attacks might therefore come from inside a company, intent on stealing IP, or from outside, trying to manipulate the systems. 

License-based Protection creates software licenses that contain the cryptographic keys used to encrypt and decrypt source code and executable programs running on programmable controllers. Additionally, access to protected content is based on the least privilege security principle: users get only the required permissions to do their job.

The licenses are stored in CodeMeter’s tamper-proof hardware elements that embed a smart card security chip on which the sensitive keys are stored. These secure devices are available in different form factors:

License-based Protection consists of the following components:

  • Source Protection – Protecting Sensitive Code
    CodeMeter-powered Rockwell Software Studio 5000 design and configuration environment from Rockwell Automation encrypts sensitive source code. Developers can decide in the Studio 5000 environment which parts of the source code need to be protected with which licenses and therefore which users provided with an authorized CodeMeter hardware secure element can view or modify protected contents. Routines, Ladder, Structured Text, and Add-On Instructions (AOIs) in all languages are supported.
  • Execution Protection – Protecting Runtime in Controllers
    Application code programs for the Allen-Bradley® ControlLogix 5580, CompactLogix 5380, and CompactLogix 5480 programmable controllers from Rockwell Automation are set to run only when a CodeMeter-powered secured SD card (CmCard/SD) with a license obtained from the Web Portal is present in the controller. The copy protection prevents the unauthorized shifting of programs in between controllers.
  • Web Portal – License and Entitlement Management
    Source and Execution Protection licenses are easily created, assigned, distributed, and managed via the CodeMeter-powered Web Portal. The administrator can grant developers immediate access to the source code of programs associated with a specific production line by entitling the user to a set number of license-based resources for the limited time necessary to carry out the operation. Licenses and entitlement rights can be saved on different types of secure devices: CmStick/M, CmStick/C, and CmCard.

The flexibility of the Web Portal also allows for managing licenses for specific machines, routines, and AOIs and using the Recipient Type functionality to pre-define user profiles.

In essence, License-based Protection offers Original Equipment Manufacturers (OEMs) the technology to manage the IP rights of developers, startup and maintenance engineers, and end users in the most granular and versatile way through:

  • State-of-the-art cryptography and secure hardware elements that provide strong encryption and secure key storage for source code and programs running on the controllers.
  • Creation of highly targeted licenses, user profiles, and entitlement rights to view, edit, copy, export, and protect critical code, e.g. startup/breakdown diagnostics, enhancements, corrections.
  • Integrated reporting that includes information about license distribution, usage, associated license containers, and license validity.
  • Setting up of time-based limitations to further restrict users’ permissions.
  • Ability for persons without licensing rights to still access and edit a controller’s unprotected content and perform common maintenance tasks, such as forcing IO and upload/download.
  • Simple and secure distribution to multiple development teams, multiple service teams or organizations, also for different machine types.

 

Allen-Bradley, ControlLogix, Rockwell Software, Studio 5000 and Studio 5000 Logix Designer are trademarks of Rockwell Automation Inc.

To top