Presentation is loading. Please wait.

Presentation is loading. Please wait.

Do-more Technical Training

Published byDiane Golden Modified over 6 years ago

Similar presentations

Presentation on theme: "Do-more Technical Training"— Presentation transcript:

1 Do-more Technical Training
System Security

2 System Security Hardware Security
Mode Switch in RUN or STOP provides a minimal protection against software-commanded PLC mode change Dipswitch #3 offers the ability to disable firmware/gate array updates

3 System Security Multiple User Accounts Session-based Communication
Protocol-specific Memory Code-Block Protection Sessions Locked Out

4 System Security Multiple User Accounts
Do-more CPU has “Default User” predefined Password is blank (cannot be changed) Has all privileges Privileges can only be modified after adding an Admin & logging in as Admin First user created must be Administrator Can add up to 16 users Each account can have different levels of access RD – Read Data SS – System Settings WD – Write Data PM – Change PLC Mode RP – Read Project PW – Change Password WP – Write Project FW – Update Firmware Minimum privileges are RD (Read Data) & RP (Read Project)

5 System Security Multiple User Accounts Privileges *Minimum privilege
*RD (Read Data) – allows reading of all data locations WD (Write Data) – allows writing of all data locations *RP (Read Project) – allows reading of the ladder program, system configuration & documentation from the PLC WP (Write Project) – allows writing of the ladder program, system configuration & documentation to the PLC SS (System Settings) – allows setting of system clock, clearing system & user logs PM (Change PLC Mode) – allows changing of PLC mode (Program/Run) & invoking of debug features PW (Change Password) – allows management of user accounts; without this privilege the Password Configuration cannot be opened FW (Update Firmware) – allows updating of PLC’s firmware *Minimum privilege

6 System Security Multiple User Accounts
3 Ways to Clear the Password Configuration (1) Use Password Configuration to delete User Accounts Administrator can only be deleted if it is the only account If Administrator is deleted, Default User resets to default privileges & blank password (2) Clear PLC Memory with appropriate option (3) Manual hardware reset

7 System Security Session-based Communication
Unique ID used in all communication telegrams If not present, PLC discards telegram Prevents unauthorized access to PLC Prevents other PCs from accessing wrong PLC Sessions can timeout If it times out, must be reestablished

8 System Security Protocol-specific Memory (Guest Memory)
Prevents external devices from randomly accessing PLC’s I/O & memory Modbus Protocol (RTU & TCP) Server (Slave) MI – Input MIR – Input Register MC – Coil MHR – Holding Register Client (Master) Use MWX – Modbus Network Write instruction Use MRX – Modbus Network Read instruction

9 System Security Protocol-specific Memory (Guest Memory)
Modbus Server (Slave)

10 System Security Protocol-specific Memory (Guest Memory)
Modbus Client (Master)

11 System Security Protocol-specific Memory (Guest Memory)
DL Protocol (K-sequence) Server (Slave) DLX – Input DLY – Output DLC – Bit DLV – V-memory Client (Master) Use DLWX – DirectLOGIC Network Write instruction Use DLRX – Direct LOGIC Netwrok Read instruction NOTE: DirectNET protocol is not supported

12 System Security Protocol-specific Memory (Guest Memory)
DL Server (Slave)

13 System Security Protocol-specific Memory (Guest Memory)
DL Client (Master)

14 System Security Code-Block Protection Full Access
Viewed & modified without restriction Unlocked for this Project Session Password-protected, but can be viewed & modified until the project is closed. Locked Password-protected & can only be modified on a per- operation basis (e.g. editing the Code-Block Configuration), & then only when the correct Password is entered

15 System Security Sessions Locked Out
CPU counts failed attempts to login 8 consecutive fails: 30-second lockout $LoginLockedOut (ST150) = ON This bit could be used in ladders to store the time (i.e. $Now (SDT0)) of the lockout After 30 seconds: Attempts can be resumed $LoginLockedOut (ST150) = OFF $FailedLoginCnt (DST386) is a running total of failed login attempts

16 System Security Associated Instructions
DATAINFO (Category: Misc/Data Manipulation) HWINFO (Category: Hardware/Device)

17 System Security DATAINFO “Query Information about Data memory”
Schema ID Description 1 BIT 265 File 2 Unsigned BYTE 266 Program 3 Signed BYTE 267 Device Reference 4 Unsigned WORD 5 Signed WORD 268 CTRIO 6 Signed DWORD 269 CTRIO Counter 7 REAL 270 CTRIO Timer 271 CTRIO Pulse Catch 256 Timer 272 CTRIO Pulse 257 Counter 273 CTRIO Discrete 258 String 274 CTRIO Raw 259 PID 260 Clock 275 Drum 261 Task 276 Stream 262 Peerlink 277 Server 263 RampSoak 278 Packet 264 Reserved 279 Process Simulator DATAINFO “Query Information about Data memory” Reads the size or Schema ID of a Data Block or Heap Item Parameters: Memory Type: Data Block – a list of all Data Blocks configured Information Type: Number of Elements in Block Number of BYTEs in Block Number of BITs in Block Data Type ID (Schema ID) Heap Item – a list of all Heap Items configured Number of DWORDs in Heap Item Output – location of read value Input Leg Edge triggered Power flow enabled

18 System Security HWINFO “Get Hardware Information”
Reads hardware-specific info from I/O module Parameters: Information Type: Module ID – see Help File for all IDs (there’s a bunch!) X Count Y Count WX Count WY Count DX Count DY Count Master: LocalIOMaster – local I/O base EthIOMaster – Ethernet I/O remote base Base Slot Output – location for read value

Download ppt "Do-more Technical Training"

Similar presentations

Foreseer® Server Editing

Foreseer® Server Editing
/// MELSEC Safety /// QS001CPU /// QS0J61BT12 /// QS0J65BTB2-12DT /// MELSEC Safety /// Mitsubishi Electric - MELSEC Safety - Training Documentation -

/// MELSEC Safety /// QS001CPU /// QS0J61BT12 /// QS0J65BTB2-12DT /// MELSEC Safety /// Mitsubishi Electric - MELSEC Safety - Training Documentation -
Inputs: 8 - 4 Digital and 4 configurable for Digital or 10 bit Analog Outputs:4 - 8 amp Relays or 700ma Transistors (1 PWM) 4 Line by 18 Character fully.

Inputs: Digital and 4 configurable for Digital or 10 bit Analog Outputs:4 - 8 amp Relays or 700ma Transistors (1 PWM) 4 Line by 18 Character fully.
Protocol Configuration in Horner OCS

Protocol Configuration in Horner OCS
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
KX-NS1000 Initial Set Up For step by step : 16 May, 2012 1.

KX-NS1000 Initial Set Up For step by step : 16 May,
CCNA 2 v3.1 Module 2.

CCNA 2 v3.1 Module 2.
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.

1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
1 Semester 2 Module 2 Introduction to Routers Yuda college of business James Chen

1 Semester 2 Module 2 Introduction to Routers Yuda college of business James Chen
1 Chapter 2 ROUTER FUNDAMENTALS By: Tassos Tassou.

1 Chapter 2 ROUTER FUNDAMENTALS By: Tassos Tassou.
Hands-On Microsoft Windows Server 2008

Hands-On Microsoft Windows Server 2008
September 18, 2002 Introduction to Windows 2000 Server Components Ryan Larson David Greer.

September 18, 2002 Introduction to Windows 2000 Server Components Ryan Larson David Greer.
Hands-On Microsoft Windows Server 2008

Hands-On Microsoft Windows Server 2008
PowerFlex 755 DeviceLogix

PowerFlex 755 DeviceLogix
Module 6 – Switch Configuration CCNA 3 Cabrillo College.

Module 6 – Switch Configuration CCNA 3 Cabrillo College.
Module 7: Fundamentals of Administering Windows Server 2008.

Module 7: Fundamentals of Administering Windows Server 2008.
DIT314 ~ Client Operating System & Administration CHAPTER 5 MANAGING USER ACCOUNTS AND GROUPS Prepared By : Suraya Alias.

DIT314 ~ Client Operating System & Administration CHAPTER 5 MANAGING USER ACCOUNTS AND GROUPS Prepared By : Suraya Alias.
1 Chapter Overview Configuring Account Policies Configuring User Rights Configuring Security Options Configuring Internet Options.

1 Chapter Overview Configuring Account Policies Configuring User Rights Configuring Security Options Configuring Internet Options.
Chapter 13 Users, Groups Profiles and Policies. Learning Objectives Understand Windows XP Professional user accounts Understand the different types of.

Chapter 13 Users, Groups Profiles and Policies. Learning Objectives Understand Windows XP Professional user accounts Understand the different types of.
Module 9: Preparing to Administer a Server. Overview Introduction to Administering a Server Configuring Remote Desktop to Administer a Server Managing.

Module 9: Preparing to Administer a Server. Overview Introduction to Administering a Server Configuring Remote Desktop to Administer a Server Managing.

Similar presentations

Ads by Google