+7
Completed

Protected measuring routines

frank.herr 2 years ago in Software / PC-DMIS updated by neil.kay 6 days ago 20 2 duplicates

We need a possibility that an user can only open the measuring routine (.PRG) for execution. User in that case means also an operator with full PC-DMIS access and administrator privileges.


Here is the story:

  • Customer  has 2 Leica trackers from us with PCDMIS.
  • Customer constructs big machines for producing car tires. At several moments they measure the setup from their machine with the tracker. Works all fine.
  • Next step: if they sell a VMI machine to a customer they think about also selling a Leica Tracker with PC-DMIS as a kind of measuring tool for their customers.
  • They create the .PRG, and want that the routine can only be run in Operator Mode. Reason: they do not want that their customers can edit the original .PRG
  • Note: the protected mode in PC-DMIS is not an option.

Another example is the ISO acceptance routines. We have to make sure that they can't be changed.

GOOD, I'M SATISFIED
Satisfaction mark by frank.herr 7 months ago

Duplicates 2

Thanks for the suggestion, Sinead. We do offer "Protected Mode", which was added to cover the FDA requirement. Can you please clarify where you feel this falls short? Please use one or more of your 3 allocated votes on your suggestion. The more votes an item gets from the user community, the sooner you would see it implemented. Thanks

Thanks Frank. Can you please give more information as to why protected mode is not an option?

Somebody at the end user side will have the password and can change the routine. In both examples the measuring routine is created from Hexagon, a supplier or a service company. They will protect the routine against changes of everybody beside of themselves.

Hi Neil, the reason is that, once the protected mode is de-activated, the original measurement routine can be changed or edited.  So, the customer has to have the ability to make his own measuring routines (online, without protected mode) and run routines created by our customer, but these have to be unchangable. It's a kind of 'read only in Operator Mode'... I hope this is clear for you...

Would a level of protection similar to Excel VBA Project be enough security for protection in PC-DMIS ?


I think an individual password for a measuring routine can be a solution. Like the protection of an Excel workbook:


I can also see this type of protection will be useful for a routine template that is being used for a sub routine call command within a measuring routine. This way the template routine can be protected separate from the measure routine.

If the file can be protected by a password and the customer knows the password, i suppose he can edit the .PRG .

The main question is that the .PRG only can be opened in Operator mode (and not in online or offline mode)


other question: does our customer has a possibility to join this conversation? i think yes, so i can send him this link and he can directly add his comments / wishes...

this all looks very good,

the idea is that.

i have a .PRG file i want to make that file a operator only file.

so when i start that Save file PcDmis wil go to a Operator State.


in this way we are able to sell this file in combination with the VMI machines.

so that means we will sell machines in combination with tracker and this program.


it is exactly what Mr Eric is saying i want to be able to creat a .PRG that will only be able to open in operator mode.

to secure the program text.



The issue I have with Operator mode is that I can create a shortcut key Example: Ctrl+F12 to view the Edit window.
Once I create this shortcut key I can use this to view the Edit window in Operator mode. Now with the Edit window
open in Operator mode I can place the cursor on a Example: Auto feature and then select F9 (Edit) to open the Auto
feature and edit this feature in Operator mode. Now if the Edit window had a level of protection to prevent this with
a password would be a nice option.

I have a different requirement for this feature. We have inspection programs that, for security purposes, must be locked down, as any modification is only permitted under strict revision control. For this reason, these programs are currently written in MeasureMax and check summed for security.

It would be nice when the subcontractors are running a .PRG provided by his customer. 👍

Another issue with protected mode is that once you unprotect in order to do an edit you aren't required to reenter the same password to re-protect.  If (when) someone fat fingers the password or changes the password without notifying the rest of the team then the next person editing has some semi-major problems.  It would be better if it worked more like a Windows or network login. 

This would also allow the ability to be the only entity that could service said program.

Version 1.0 of Protect launched with PC-DMIS 2019 R1.

Neil,

I'm pretty sure I have a duplicate suggestion:

https://hexagonmi.userecho.com/communities/1/topics/685-password-embedded-program-permissions

Feel free to do as you see fit.  I haven't had a chance to download 2019 R1 yet to verify if this is the same. 

Thank you!

Just a reminder Protect Version 1.0 is a cost option.

PC-DMIS 2019 R1 Protect