Logix5000 Controllers Security Programming Manual

Logix5000 Controllers Security Programming Manual 
Logix5000 Controllers Security
Programming Manual
(Catalog Numbers 1756 ControlLogix,
1769 CompactLogix, 1789 SoftLogix,
1794 FlexLogix, PowerFlex 700S with
DriveLogix)
Important User Information
Solid state equipment has operational characteristics differing from those of electromechanical equipment. Safety Guidelines for the Application, Installation and Maintenance of Solid State Controls (publication SGI-1.1 available from your local Rockwell Automation sales office
or online at http://literature.rockwellautomation.com) describes some important differences between solid state equipment and hard-wired
electromechanical devices. Because of this difference, and also because of the wide variety of uses for solid state equipment, all persons responsible for applying this equipment must satisfy themselves that each intended application of this equipment is acceptable.
In no event will Rockwell Automation, Inc. be responsible or liable for indirect or consequential damages resulting from the use or application
of this equipment.
The examples and diagrams in this manual are included solely for illustrative purposes. Because of the many variables and requirements associated with any particular installation, Rockwell Automation, Inc. cannot assume responsibility or liability for actual use based on the examples and diagrams.
No patent liability is assumed by Rockwell Automation, Inc. with respect to use of information, circuits, equipment, or software described in
this manual.
Reproduction of the contents of this manual, in whole or in part, without written permission of Rockwell Automation, Inc., is prohibited.
Throughout this manual, when necessary, we use notes to make you aware of safety considerations.
WARNING
IMPORTANT
ATTENTION
Identifies information about practices or circumstances that can cause an explosion in a
hazardous environment, which may lead to personal injury or death, property damage, or
economic loss.
Identifies information that is critical for successful application and understanding of the product.
Identifies information about practices or circumstances that can lead to personal injury or death,
property damage, or economic loss. Attentions help you identify a hazard, avoid a hazard, and
recognize the consequence
SHOCK HAZARD
Labels may be on or inside the equipment, for example, a drive or motor, to alert people that
dangerous voltage may be present.
BURN HAZARD
Labels may be on or inside the equipment, for example, a drive or motor, to alert people that
surfaces may reach dangerous temperatures.
Allen-Bradley, Rockwell Automation, and TechConnect are trademarks of Rockwell Automation, Inc.
Trademarks not belonging to Rockwell Automation are property of their respective companies.
Table of Contents
Preface
Purpose of this Manual . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Chapter 1
Introduction
FactoryTalk Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
FactoryTalk Directories . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
RSSecurity Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Chapter 2
Configuring FactoryTalk Security
with RSLogix 5000
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Install the Rockwell Software Security Emulator . . . . . . . . . . . . . . . . . . 9
Enable Security for RSLogix 5000 Software. . . . . . . . . . . . . . . . . . . . . 13
Install FactoryTalk Service Platform . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Secure an RSLogix 5000 Software Project File. . . . . . . . . . . . . . . . . . . 18
Apply Security to a Controller Resource. . . . . . . . . . . . . . . . . . . . . . . . 22
Chapter 3
Migrating From a Security Server
Database to a FactoryTalk Server
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Import a Security Server Database . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Import Status Text File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Organizer Import Result . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Resource Editor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Chapter 4
Configure Routine Source
Protection in RSLogix 5000
Software
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Configuring Source Protection on a project file . . . . . . . . . . . . . . . . . . 32
Key File and Key Distribution. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
Remove Access to a Protected Routine . . . . . . . . . . . . . . . . . . . . . 40
Disable Routine Source Protection. . . . . . . . . . . . . . . . . . . . . . . . . 41
Chapter 5
RSLogix 5000 Software CPU
Security Tool
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Securing a ControlLogix Controller with Logix CPU Security Tool . . 46
Accessing a Secured Controller. . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
Removing Security from a ControlLogix Controller
with Logix CPU Security Tool. . . . . . . . . . . . . . . . . . . . . . . . . . 51
Removing a Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
Rockwell Automation Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
Installation Assistance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
New Product Satisfaction Return . . . . . . . . . . . . . . . . . . . . . . . . . . 60
3Publication 1756-PM016B-EN-P - July 2008
3
Table of Contents
Notes:
4
Publication 1756-PM016B-EN-P - July 2008
Preface
Purpose of this Manual
This manual explains how to configure security for RSLogix 5000 software. It
also explains how to setup source protection for your logic and projects. This
manual is one of a set of related manuals that show common procedures for
programming and operating Logix5000 controllers. For a complete list of
common procedures manuals, see the Logix 5000 Controllers Common
Procedures Programming Manual, publication 1756-PM001.
The term Logix5000 controller refers to any controller that is based on the
Logix5000 operating system, such as:
• CompactLogix controllers
• ControlLogix controllers
• DriveLogix controllers
• FlexLogix controllers
• SoftLogix5800 controllers
5Publication 1756-PM016B-EN-P - July 2008
5
Preface
Notes:
6
Publication 1756-PM016B-EN-P - July 2008
Chapter
1
Introduction
This chapter explains what FactoryTalk Security is and how you can
implement security. FactoryTalk Security integrates a common security model
across all FactoryTalk enabled products. The evolution of FactoryTalk Security
software continues with the addition of more products and additional security
functionality.
FactoryTalk Security
FactoryTalk Services Platform (FTSP) includes the FactoryTalk
Administration Console (FTAC) which provides the interface for configuring
your system. The installation of FTSP has been significantly updated in
Release 16.03. Instead of prompting you to create individual FactoryTalk
Administrator accounts, FTSP will automatically assign the local computer's
Windows Administrators as FactoryTalk administrators.
FactoryTalk Directories
An important aspect to implementing FactoryTalk Security is the multiple
FactoryTalk Directories. In the FactoryTalk architecture there are two separate
Directory types, Local and Network. A FactoryTalk Local directory is utilized
when all the Rockwell Automation Software products run on a single
computer. The Local FactoryTalk Directory is used for products such as
FactoryTalk View Machine Edition (ME) and FactoryTalk View Site Edition
(SE) Station (Standalone).
Refer to The FactoryTalk Security Quick Start, publication FTSEC-QS001.
The FactoryTalk Network Directory is used when multiple Rockwell
Automation Software products need to share information across multiple
computer systems. The FactoryTalk Network Directory allows these systems
to share a common FactoryTalk Directory for products such as FactoryTalk
View SE, FactoryTalk Integrator, FactoryTalk Batch, and FactoryTalk
AssetCenter.
When securing controllers using the RSLogix family of editors (RSLogix 5 /
500 / 5000), you can use either the FactoryTalk Local or the Network
Directories. If you are trying to coordinate security across multiple computers,
you will need a Network Directory implementation of FactoryTalk Security. If
all of your products reside on a single computer, you will want to utilize Local
FactoryTalk Directory.
7Publication 1756-PM016B-EN-P - July 2008
7
Chapter 1 Introduction
RSSecurity Server
Security implemented in existing products will be migrated into the new
FactoryTalk Security system by utilities in those specific products. For those
products currently using RSSecurity, it is possible to coexist with FactoryTalk
Security. Alternatively, you can migrate to the new system. If migrating to the
new system is desirable, then any product that referenced the RSSecurity
Server can interface to the FactoryTalk Security system via the RSSecurity
Emulator. This Security Emulator can be installed once FTSP is installed on
any computer that will host products such as RSLogix 5000, and RSLinx
Classic.
8
Publication 1756-PM016B-EN-P - July 2008
Chapter
2
Configuring FactoryTalk Security with
RSLogix 5000
Introduction
This chapter describes how to install and configure FactoryTalk Security.
FactoryTalk Security Service Platform (FTSP) software during the installation
of RSLogix5000 software. If you find that the Security feature is not enabled in
RSLogix5000 software as shown in this screen, you will need to enable the
feature. Refer to Enable Security for RSLogix 5000 Software on page 13.
Install the Rockwell
Software Security Emulator
RSLogix 5000 software uses the Rockwell Software Security Emulator to
communicate with FactoryTalk Security. Follow these instructions to install the
Rockwell Software Security Emulator.
1. From the Start menu select Programs>Rockwell Software>FactoryTalk
Tools>RSSecurity Emulator Install
9Publication 1756-PM016B-EN-P - July 2008
9
Chapter 2 Configuring FactoryTalk Security with RSLogix 5000
2. Select Next on the Welcome screen.
3. Click the I accept the terms in the license agreement and click Next.
4. Select Next on the Customer Information screen.
10
Publication 1756-PM016B-EN-P - July 2008
Configuring FactoryTalk Security with RSLogix 5000
Chapter 2
5. Choose the Setup Type and click Next.
6. Select the FactoryTalk Directory for the Emulator to work with.
The RSSecurity Emulator can only communicate to one FactoryTalk
Directory.
7. Select Next to continue.
Publication 1756-PM016B-EN-P - July 2008
11
Chapter 2 Configuring FactoryTalk Security with RSLogix 5000
8. Click Next to begin the install.
Install Status screen displays.
9. Click Finish to complete the installation.
12
Publication 1756-PM016B-EN-P - July 2008
Configuring FactoryTalk Security with RSLogix 5000
Enable Security for RSLogix
5000 Software
Chapter 2
The SetSecKeys utility must be executed to enable security for RSLogix 5000
software.
1. Locate the SetSecKeys.exe in this folder:
C:\Program Files\Rockwell Software\RSLogix
5000\ENU\v17\Security
This file is added to the system during the RSLogix 5000 install.
2. Double-click the file to begin configuration.
3. Select the RS5000Keys.ini file and click Open.
ATTENTION
Publication 1756-PM016B-EN-P - July 2008
Once you have enabled security, only Rockwell Automation
Technical Support can turn off RSLogix 5000 security.
13
Chapter 2 Configuring FactoryTalk Security with RSLogix 5000
4. Check RSLogix 5000 and click OK.
Install FactoryTalk Service
Platform
If you find that the Security feature does not enable in RSLogix5000 software
as shown in this screen, you will need to make sure FactoryTalk Service
Platform (FTSP) is installed properly..
Follow these instructions to install the FactoryTalk Service Platform (FTSP)
software.
14
Publication 1756-PM016B-EN-P - July 2008
Configuring FactoryTalk Security with RSLogix 5000
Chapter 2
1. Locate and double-click to run the Setup.exe file. The file is at the
following location on the install disk.
2. Click Next on the Welcome screen
3. Check the I accept the terms in the license agreement and click Next.
Publication 1756-PM016B-EN-P - July 2008
15
Chapter 2 Configuring FactoryTalk Security with RSLogix 5000
The installation options screen displays.
This displays the installation options available to you contained in this
installation file. This screen lets you select if you want the FactoryTalk
Administration Console installed. You may not want to install the
Administration Console on every system.
4. Click Next to continue.
5. Click Install to begin the installation
Status Screen displays.
16
Publication 1756-PM016B-EN-P - July 2008
Configuring FactoryTalk Security with RSLogix 5000
Chapter 2
The installation automatically configures the FactoryTalk Local and
Network Directories. During configuration, the install will backup
existing FactoryTalk Directories. On upgrades from earlier versions, the
backup will backup the exiting FactoryTalk Directory. For new
installations, the pre-configured FactoryTalk Directories will be backed
up.
The backups let you restore a FactoryTalk Directory to a previous
software release.
6. Click Finish to complete the installation.
After the installation is complete, refer back to Enable Security for RSLogix
5000 Software on page 13. If you are still having problems, refer to The
FactoryTalk Security Quick Start, publication FTSEC-QS001.
Publication 1756-PM016B-EN-P - July 2008
17
Chapter 2 Configuring FactoryTalk Security with RSLogix 5000
Secure an RSLogix 5000
Software Project File
Once you have configured the RSLogix 5000 software to be security aware, the
next step is to enable security in a RSLogix 5000 software project file. Follow
these steps to secure a project file.
1. Launch RSLogix 5000 from the start
menu or the program icon
.
The default FactoryTalk Security configuration has Single Sign On
enabled, so you will not be prompted to Log On to FactoryTalk.
Customers upgrading from versions prior to 16.03 or customers that
have modified the default FactoryTalk Security configuration will be
prompted to Log On to FactoryTalk.
2. If prompted to Log On to FactoryTalk, enter a valid set for FactoryTalk
credentials. In the example below, the FactoryTalk Directory (FTD) was
configured with an account called FTADMIN.
3. Open the RSLogix 5000 project file that you want to secure.
In this example, the DayOfWeek example project file was opened.
18
Publication 1756-PM016B-EN-P - July 2008
Configuring FactoryTalk Security with RSLogix 5000
Chapter 2
4. Open the Controller Properties page from the Edit Menu.
5. Record the Name of the Project file displayed on the General tab. In this
example, the name is DayOfWeek.
TIP
The name of the Controller can match the name of the ACD
file, but is not required to.
6. Select the Advanced tab in the Controller Properties window.
Publication 1756-PM016B-EN-P - July 2008
19
Chapter 2 Configuring FactoryTalk Security with RSLogix 5000
7. Change the Security setting to FactoryTalk and click OK.
8. Click Yes on the warning dial box to confirm you want to enable
security for the project file.
9. Save the project file
10. From the Communication menu select Who Active.
20
Publication 1756-PM016B-EN-P - July 2008
Configuring FactoryTalk Security with RSLogix 5000
Chapter 2
11. In the Who Active windows, locate and select the controller resource.
12. Click Download to continue.
13. After the download completes, close RSLogix 5000 software. If
prompted, save changes.
Publication 1756-PM016B-EN-P - July 2008
21
Chapter 2 Configuring FactoryTalk Security with RSLogix 5000
Apply Security to a
Controller Resource
Follow these steps to apply security to a controller resource.
1. Open the FactoryTalk Administration Console, select Start>Programs
>Rockwell Software>FactoryTalk Administration Console
2. Select the FactoryTalk Directory that the RSSecurity Emulator was
configured to work with.
Refer to the selection you made in the section Install the Rockwell Software
Security Emulator on page 9.
The default FactoryTalk Security configuration has Single Sign On enabled, so
the you will not be prompted to Log On to FactoryTalk. Customers upgrading
from revisions prior to 16.03 or customers that have modified the default
FactoryTalk Security configuration will be prompted to Log On to
FactoryTalk.
If prompted to Log On to FactoryTalk, enter a valid set for FactoryTalk
credentials. In the example below, the FactoryTalk Directory (FTD) was
configured with an account called FTADMIN.
22
Publication 1756-PM016B-EN-P - July 2008
Configuring FactoryTalk Security with RSLogix 5000
Chapter 2
3. Navigate to the controller resource the secured project file was
downloaded to.
Refer to the section Secure an RSLogix 5000 Software Project File on
page 18.
4. Right click on the controller resource and select Properties.
5. In the Logical Name drop down list select the Controller name.
This name should match the settings from the Controller Properties
page that you created during Secure an RSLogix 5000 Software Project
File section. The controller name can also be manually typed in if the
name does not appear in the drop down list.
TIP
• The controller in the Network and Devices tree will also display
the controller name property next to the controller resource.
• If the name does not appear in the Network and Devices tree,
open RSLinx Classic and navigate to the controller resource with
RSWho. Navigating to the resource in RSLinx Classic will
update the Controller path information in RSLinx Classic.
FactoryTalk Administration Console uses the controller path
information from RSLinx Classic to display Controllers. Once the
path information is updated in RSLinx Classic, open the
FactoryTalk Administration Console and right click on the
Network and Devices tree and select refresh.
Publication 1756-PM016B-EN-P - July 2008
23
Chapter 2 Configuring FactoryTalk Security with RSLogix 5000
6. Once the Logical Name for the Controller has been set to match the
Controller name, click OK to continue.
This completes the FactoryTalk Security configuration for an RSLogix 5000
controller resource. Individual user or groups rights will still need to be
configured to control access to secured Controllers. For more FactoryTalk
Security information, refer to The FactoryTalk Security Quick Start,
publication FTSEC-QS001.
24
Publication 1756-PM016B-EN-P - July 2008
Chapter
3
Migrating From a Security Server Database to
a FactoryTalk Server
Introduction
This chapter describes how to migrate from a Security Server Database to a
FactoryTalk Server. To migrate to a FactoryTalk Security Server you must first
export the security server database and then import the datebase into
FactoryTalk.
Import a Security Server
Database
Follow these steps to import a security server database into FactoryTalk
Security.
1. From the Start menu, select Programs -> Rockwell Software ->
FactoryTalk Tools -> Import RSSecurity Configuration
2. Select Import File.
25Publication 1756-PM016B-EN-P - July 2008
25
Chapter 3 Migrating From a Security Server Database to a FactoryTalk Server
3. Choose import file and FT Directory Destination.
4. Click Yes at the Warning message.
5. Provide your username and password to logon to FactoryTalk.
Import status displays.
26
Publication 1756-PM016B-EN-P - July 2008
Migrating From a Security Server Database to a FactoryTalk Server
Chapter 3
6. Select how should action and resource groups be imported in to
FactoryTalk and click OK.
7. Review import issue resolution and click continue.
8. Select a group to import.
9. Right click, select add area, and browse to the resource location.
10. Click OK.
Publication 1756-PM016B-EN-P - July 2008
27
Chapter 3 Migrating From a Security Server Database to a FactoryTalk Server
11. Review how these were mapped in to existing FT applications and click
OK.
Import complete graphic displays
Import Status Text File
This graphic shows and example of the Import Status text file that is created
when an import is completed.
28
Publication 1756-PM016B-EN-P - July 2008
Migrating From a Security Server Database to a FactoryTalk Server
Chapter 3
Organizer Import Result
This graphic shows the results of the import process in the Organizer.
Resource Editor
This graphic shows the results of the import in the Resource Editor.
Publication 1756-PM016B-EN-P - July 2008
29
Chapter 3 Migrating From a Security Server Database to a FactoryTalk Server
Notes:
30
Publication 1756-PM016B-EN-P - July 2008
Chapter
4
Configure Routine Source Protection in
RSLogix 5000 Software
Introduction
This chapter describes how to apply source protection to your RSLogix 5000
routines and Add-On Instructions.
Installation
Follow these steps to install RSLogix 5000 Source Protection.
1. Locate the Source Protection tool on the RSLogix 5000 installation CD:
d:\ENU\Tools\Source Protection Tool
2. Double-click on the file RS5KSrcPtc.exe to install RSLogix 5000 Source
Protection.
3. Click Yes.
31Publication 1756-PM016B-EN-P - July 2008
31
Chapter 4 Configure Routine Source Protection in RSLogix 5000 Software
Configuring Source
Protection on a project file
Follow these steps to configure source protection on a project file.
Source Protection can only be configured on a off-line project file.
1. Open an off-line project file.
2. Launch Source Protection from the Tool - Security menu.
Source Protection requires a Source key file location to be specified.
3. Click Yes to specify Source Key File location.
4. Click Browse to specify Source Key File location.
5. Navigate to the folder location to store the key file.
32
Publication 1756-PM016B-EN-P - July 2008
Configure Routine Source Protection in RSLogix 5000 Software
Chapter 4
The key file can be saved in any accessible folder. In this example
C:\RSLogix5000\Project folder was specified as the key file location.
6. Click OK to continue.
If a key file in not found in the specified location, you will be prompted
to create a new key file.
7. Click Yes to continue and create the new key file.
Source Protection will have all Program Routines, Add-On Instructions,
and Equipment State Phase Routines in the project file.
Publication 1756-PM016B-EN-P - July 2008
33
Chapter 4 Configure Routine Source Protection in RSLogix 5000 Software
8. Select a routine that requires protection and click Protect.
9. Enter a Source key to apply to the routine.
In this example, dayofweek is being set as the key for the routine
DayOfWeek. Normally the key would not be set to match the routine
name.
10. Click OK to continue.
The DayOfWeek routine is now protected with the key “dayofweek”.
11. Select the next routine that requires protection and select Protect.
12. Enter a Source key to apply to the routine.
34
Publication 1756-PM016B-EN-P - July 2008
Configure Routine Source Protection in RSLogix 5000 Software
Chapter 4
In this example test_dow is being set as the key for the routine
Test_Dow and the Test_DOW routine will be viewable.
TIP
You can set a protected routine to allow or deny viewing of
the routine from a system that does not have keys required
to access the routine. When allow viewing is set, a routine
can be viewed in a read only mode.
Protected routines that do not allow viewing cannot be
viewed by systems that do not have the required key files.
13. Click OK to set the key for the routine.
The Test_DOW routine is protected, but can be viewed in a read only
mode by sources that do not have the key file.
Publication 1756-PM016B-EN-P - July 2008
35
Chapter 4 Configure Routine Source Protection in RSLogix 5000 Software
The remaining Valve_Logic routine and the MyValveAOI Add-On Instruction
were also protected following the same procedure.
14. Once all the routines and Add On-Instructions that requires protection
are assigned keys, click Close.
15. Save the project file and download it to the controller.
When the project file is opened on a system that does not contain the keys
used to secure the routines and Add-On Instructions, they will be protected
based on the setting in Source Protection Configuration. Test_DOW was
protected and set to viewable in Source Protection Configuration.
36
Publication 1756-PM016B-EN-P - July 2008
Configure Routine Source Protection in RSLogix 5000 Software
Chapter 4
The routine can be opened as read only on a system that does not contain the
key for the routine, but the user will not be able to modify the routine.
Routines or Add-On Instructions that are protected, but were not configured
as viewable cannot be opened. The DayOfWeek routine cannot be opened on
a system that does not have the key used to protect the routine. In this graphic,
the icon for the routine is grayed out, indicating the routine cannot be opened.
Inactive icons are grey.
The MyValveAOI cannot be viewed on a system the does not contain the key
used to protect the Add-On Instruction. This is because MyValveAOI was
protected, but not set to be viewable. The Add-On Instruction is shown in the
project's explorer window, but the Parameters and Local Tags for the Add-On
Publication 1756-PM016B-EN-P - July 2008
37
Chapter 4 Configure Routine Source Protection in RSLogix 5000 Software
Instructions are not viewable on a system that does not contain the required
key used to protect it.
Local Tags, and Logic are not
viewable. Parameters can be
viewed but not edited.
This graphic shows the Add-On Instruction MyValveAOI viewed from a
system that has the key used secure the instruction.
Parameters, Local Tags,
and Logic are viewable
and can be edited..
38
Publication 1756-PM016B-EN-P - July 2008
Configure Routine Source Protection in RSLogix 5000 Software
Key File and Key
Distribution
Chapter 4
The Source Protection keys are stored in text file un-encrypted. It is
recommended that the key file be backed up and stored in a secure location. If
necessary, the individual keys can be distributed or provided to the necessary
parties.
The keys created when the routines and Add-On Instructions were secured
with Source Protection were stored in the file sk.dat un-encrypted.
Publication 1756-PM016B-EN-P - July 2008
39
Chapter 4 Configure Routine Source Protection in RSLogix 5000 Software
Remove Access to a Protected Routine
IMPORTANT
Before you remove the source key file (sk.dat) from a computer
either write down the source keys or make a copy of the file
and store it in a secure location.
1. Open the RSLogix 5000 project that is protected.
2. From the Tools menu, choose Security > Configure Source Protection.
3. Click Clear.
A dialog box asks if you want to delete the source key file (sk.dat).
4. Select Yes, to remove or No, not to remove the source key file from the
computer.
40
Publication 1756-PM016B-EN-P - July 2008
Configure Routine Source Protection in RSLogix 5000 Software
Chapter 4
Disable Routine Source Protection
IMPORTANT
Before you remove the source key file (sk.dat) from a computer
either write down the source keys or make a copy of the file and
store it in a secure location.
1. Open the RSLogix 5000 project that is protected.
2. From the Tools menu, choose Security > Configure Source Protection.
3. Click Disable Ability To Configure Protected Routines.
A dialog box prompts you to confirm the action.
4. Choose Yes.
A dialog box asks if you want to delete the source key file (sk.dat).
5. Select Yes, to remove or No, not to remove the source key file from the
computer.
Publication 1756-PM016B-EN-P - July 2008
41
Chapter 4 Configure Routine Source Protection in RSLogix 5000 Software
Notes:
42
Publication 1756-PM016B-EN-P - July 2008
Chapter
5
RSLogix 5000 Software CPU Security Tool
Introduction
This chapter describes how to use the RSLogix 5000 CPU Security Tool to
lock a controller. When a controller is locked, no one can access until it is
unlocked.
Installation
The Logix CPU Security Tool is automatically installed when you install
RSLogix 5000 software, version 17. If you find it is not installed follow these
installation instructions. The install file is located on the RSLogix 5000
installation CD under the Tools folder.
To install the Logix CPU Security Tool, do the following:
1. Double-click the file RSLogix Security Tool Installer.msi file.
The Welcome Screen displays.
2. Click Next.
43Publication 1756-PM016B-EN-P - July 2008
43
Chapter 5 RSLogix 5000 Software CPU Security Tool
3. Review the license agreement, select the I Agree radio button, and click
Next.
4. Accept the default installation location and click Next.
44
Publication 1756-PM016B-EN-P - July 2008
RSLogix 5000 Software CPU Security Tool
Chapter 5
5. Check the Add to Custom Tools box, if it is not already checked and
click Next.
6. Confirm the installation and click Next.
7. Please wait while the CPU Security Tool runs through the installation
process.
8. After the installation completes click Close.
Publication 1756-PM016B-EN-P - July 2008
45
Chapter 5 RSLogix 5000 Software CPU Security Tool
Securing a ControlLogix
Controller with Logix CPU
Security Tool
You can secure a controller with the Logix CPU Security Tool. The tool is
installed under the RSLogix 5000 Tools menu.
1. Start the Logix CPU Security Tool.
Before a controller can be secured, the path the controller must be specified.
2. To specify a path to the controller, use the RSWho button to locate a
controller.
Use the RSWho button to
locate the controller you
need to secure.
46
Publication 1756-PM016B-EN-P - July 2008
RSLogix 5000 Software CPU Security Tool
Chapter 5
3. Select the controller that you need to secure and click OK.
The Logix CPU Security Tool displays the current status of the controller.
Notice that the controller
you selected is currently
unsecured and there is
no password set in the
controller.
4. Click Change Password.
5. Enter a password in the new password field and confirm the password
and click OK.
Publication 1756-PM016B-EN-P - July 2008
47
Chapter 5 RSLogix 5000 Software CPU Security Tool
The Password Status for the controller now indicates a Password exists in the
controller, but the controller is not secured yet.
6. Click Secure Controller.
7. Enter the password for the controller click Secure.
If the controller has Nonvolatile
Memory installed, this check box
would save the security state of the
controller to Nonvolatile Memory.
Refer to the RSLogix 5000 Help for
additional information on how to
Save to Nonvolatile Memory.
The controller is now secured.
The controller is now secured.
48
Publication 1756-PM016B-EN-P - July 2008
RSLogix 5000 Software CPU Security Tool
Chapter 5
Accessing a Secured Controller
When you try to access a controller that has been secured by the Logix CPU
Security Tool and you don’t have a local copy of the project file on your
computer, you will be prompted to select the proper file.
To access a secured controller, do the following.
1. From the Communication menu select Who Active
2. Select the secured controller and select Go Online.
If you don’t have a local copy of the project file on your computer, you
will be prompted to select a file.
Publication 1756-PM016B-EN-P - July 2008
49
Chapter 5 RSLogix 5000 Software CPU Security Tool
3. Click Select file to either find the project file or to identify a location
where to save a project file.
4. Identify a file and click Select.
5. Reply Yes to create the project and upload.
You are prompted with an unspecific error message informational
screen.
6. Click OK to continue.
50
Publication 1756-PM016B-EN-P - July 2008
RSLogix 5000 Software CPU Security Tool
Chapter 5
An error message displays indicating that the controller is currently secured
and will prevent you from going On-Line.
If the project file already exists on the your system, an error message displays
that indicates that the controller is secured and you cannot go online.
Removing Security from a ControlLogix Controller with Logix CPU
Security Tool
To remove security from a controller, do the following.
1. Start the Logix CPU Security Tool.
2. Specify the path to the controller by using RSWho.
3. Select the controller that you want to be unsecured and click OK.
The controller is
currently secured.
4. Select Unsecure Controller.
Publication 1756-PM016B-EN-P - July 2008
51
Chapter 5 RSLogix 5000 Software CPU Security Tool
5. Enter the password for the controller and click Unsecure.
The controller is now unsecured, but the controller still knows the
password.
6. Select Exit.
7. Click Yes to confirm exit and leave the controller in an unsecured state.
Now you can now go online with the controller.
Removing a Password
To remove the password follow these instructions:
1. Click Change password.
2. Remove the “****” empty string and click OK.
52
Publication 1756-PM016B-EN-P - July 2008
RSLogix 5000 Software CPU Security Tool
Chapter 5
The controller status is now UNSECURED.
Publication 1756-PM016B-EN-P - July 2008
53
Chapter 5 RSLogix 5000 Software CPU Security Tool
54
Publication 1756-PM016B-EN-P - July 2008
How Are We Doing?
Your comments on our technical publications will help us serve you better in the future.
Thank you for taking the time to provide us feedback.
You can complete this form and mail (or fax) it back to us or email us at
[email protected]
Pub. Title/Type Logix5000 Controllers Security
Cat. No.
1756 ControlLogix, 1769 Pub. No.
CompactLogix, 1789
SoftLogix, 1794 FlexLogix,
PowerFlex 700S with
DriveLogix
1756-PM016B-EN-P
Pub. Date July 2008
Part No.
Please complete the sections below. Where applicable, rank the feature (1=needs improvement, 2=satisfactory, and 3=outstanding).
Overall Usefulness
Completeness
(all necessary information
is provided)
Technical Accuracy
(all provided information
is correct)
1
2
3
How can we make this publication more useful for you?
1
2
3
Can we add more information to help you?
1
Clarity
1
(all provided information is
easy to understand)
2
3
procedure/step
illustration
feature
example
guideline
other
explanation
definition
Can we be more accurate?
text
2
Other Comments
3
illustration
How can we make things clearer?
You can add additional comments on the back of this form.
Your Name
Your Title/Function
Location/Phone
Would you like us to contact you regarding your comments?
___No, there is no need to contact me
___Yes, please call me
___Yes, please email me at _______________________
___Yes, please contact me via _____________________
Publication CIG-CO521D-EN-P- July 2007
Return this form to:
Rockwell Automation Technical Communications, 1 Allen-Bradley Dr., Mayfield Hts., OH 44124-9705
Fax: 440-646-3525
Email: [email protected]
PLEASE FASTEN HERE (DO NOT STAPLE)
Other Comments
PLEASE FOLD HERE
NO POSTAGE
NECESSARY
IF MAILED
IN THE
UNITED STATES
BUSINESS REPLY MAIL
FIRST-CLASS MAIL PERMIT NO. 18235 CLEVELAND OH
POSTAGE WILL BE PAID BY THE ADDRESSEE
1 ALLEN-BRADLEY DR
MAYFIELD HEIGHTS OH 44124-9705
Publication 1756-PM016B-EN-P - July 2008 59
Supersedes Publication 1756-PM016A-EN-P - September 2007
Copyright © 2008 Rockwell Automation, Inc. All rights reserved. Printed in the U.S.A.
Rockwell Automation
Support
Rockwell Automation provides technical information on the Web to assist you in using
its products. At http://support.rockwellautomation.com, you can find technical
manuals, a knowledge base of FAQs, technical and application notes, sample code and
links to software service packs, and a MySupport feature that you can customize to
make the best use of these tools.
For an additional level of technical phone support for installation, configuration, and
troubleshooting, we offer TechConnect support programs. For more information,
contact your local distributor or Rockwell Automation representative, or visit
http://support.rockwellautomation.com.
Installation Assistance
If you experience a problem within the first 24 hours of installation, please review the
information that's contained in this manual. You can also contact a special Customer
Support number for initial help in getting your product up and running.
United States
1.440.646.3434
Monday – Friday, 8am – 5pm EST
Outside United
States
Please contact your local Rockwell Automation representative for any
technical support issues.
New Product Satisfaction Return
Rockwell Automation tests all of its products to ensure that they are fully operational
when shipped from the manufacturing facility. However, if your product is not
functioning and needs to be returned, follow these procedures.
United States
Contact your distributor. You must provide a Customer Support case
number (call the phone number above to obtain one) to your distributor
in order to complete the return process.
Outside United
States
Please contact your local Rockwell Automation representative for the
return procedure.
Publication 1756-PM016B-EN-P - July 2008 60
Supersedes Publication 1756-PM016A-EN-P - September 2007
Copyright © 2008 Rockwell Automation, Inc. All rights reserved. Printed in the U.S.A.
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Related manuals

Studio 5000 Logix Designer Manual
Logix5000 Controllers Security Programming Manual, 1756
1756-PM016 - Rockwell Automation
RSLogix 500 Getting Results Guide
Linx-GR001 - Literature Library
FactoryTalk Security System - Literature Library
proces-rm001 - Literature Library
- Rockwell Automation
Local PDF
Installation and Configuration Guide
Catalog
SoftLogix Controllers, Version 20
MORE - Rockwell Automation
ControlLogix Controllers, Revision 21 Release Notes
Logix5000 Controllers Controller Information and Status Programming Manual
1756-RM094 - Literature Library
SoftLogix Controllers, Version 21
CompactLogix 5370 Controllers, Revision 21
Training Services Catalog
- Literature Library
Before You Begin - Literature Library
RSLogix 500 Getting Results Guide
Download PDF

advertisement

© 2021
manualzz provides technical documentation library and question & answer platform.Its a community-based project which helps to repair anything.
About us DMCA / GDPR Report