Automation Suite Adds Security

The Competitive and Increasingly Global Landscape for Today’s Industrial Machine Builders Manifests Itself in Many Ways

One of the growing needs is more help to protect themselves from reverse-engineering, piracy, sabotage and other infringements on their intellectual property.

Opto 22 is offering just such help. The company released its Secure Strategy Distribution System, as part of PAC Project version 8.2, the company’s flagship automation software suite, to give industrial machine builders the ability to encrypt both firmware and control programs so they can only be uploaded or downloaded to a controller via use of a secure encryption key. 

“The Secure Strategy Distribution System feature helps alleviate some of our OEM customer concerns, particularly as they ship their machines abroad.” says Nick Riley, senior project engineer at Opto 22. “It was designed specifically to protect the intellectual property of OEMs by safeguarding the control program embedded in their machines. This effectively prevents unauthorized users from accessing, downloading or running control code without a shared encryption key and offers a method for updating machines in the field, confident their code will be protected.”

If control programs or firmware on machines in the field need updating, says Riley, the OEM can create a controller download file, encrypt it and then distribute it to customers. “Because these field controllers were encrypted through the Secure Strategy Distribution System, they only will accept files that have a digital signature that matches the OEM’s private key,” he adds. “This guarantees that the firmware or control program update is authentic and has not been modified.

The company says this is what its customers want. “Increasingly, our machine builder customers tell us how they’ve spent considerable time and money developing and testing state-of-the-art, Opto 22-based control systems, only to discover their efforts suspiciously replicated in products brought to market by other manufacturers abroad,” adds Opto 22 CEO Mark Engman. “The Secure Strategy Distribution System addresses this issue head on.”

Using this feature, the machine builder secures a program on a SNAP PAC controller by generating a pair of encrypted keys—one public, one private—using a utility built in to the PAC Project suite. The private key is programmed into the controller, effectively switching the controller into secure mode. “Using PAC Project’s PAC Control, a controller download file (CDF) is generated from a completed control strategy and encrypted with the public key to create a Secure Strategy download (SSD) file, using the same utility,” says Riley. “The encrypted program then can be downloaded to the secured controller, which will confirm a match between the program’s public key and the controller’s private key.”

If the encryptions don’t match, the controller will reject the SSD file and return an error message. Otherwise, the controller will accept the encrypted file and compile and load the control program into memory, ready to run.

Controller firmware updates are handled in a similar way, says Riley. “This feature provides a second level of defense against a rogue user attempting to circumvent the encryption built in to the firmware, and subsequently downloading firmware that lacks the encryption feature,” he adds. “The result is an encryption mechanism that operates at both a firmware and hardware level, providing peace of mind to machine builders that their intellectual property is truly safeguarded.”

Call 800/321-6786, email systemseng@opto22.com, or browse to opto22.com

Show Comments
Hide Comments

Join the discussion

We welcome your thoughtful comments.
All comments will display your user name.

Want to participate in the discussion?

Register for free

Log in for complete access.

Comments

No one has commented on this page yet.

RSS feed for comments on this page | RSS feed for all comments