Oem Protection - Legacy Mode - GE PACSystems RXi User Manual

Chapter 5. CPU Operation
Protection Level Request from Programmer
In Legacy mode, upon connection to the CPU, the programmer requests the CPU to move to
the highest unprotected level.
The programmer requests a privilege level change by supplying the new privilege level and
the password for that level. If the password sent by the programmer does not agree with the
password stored in the CPU's password access table for the requested level, the privilege
level change is denied and a fault is logged in the Controller Fault table. The current privilege
level is maintained, and no change occurs. A request to change to a privilege level that is not
password protected is made by supplying the new level and a null password. A privilege
change may be to a lower level as well as to a higher level.
Maintaining Passwords Through a Power Cycle
Initial passwords are blank for a new controller or a controller that has its passwords cleared.
For passwords to be maintained through power cycles, the controller must either:
Store to RAM and use an Energy Pack to maintain memory.
Store to User Flash with configuration set up to load from Flash at power up.
Disabling Passwords
The use of password protection is optional, unless Enhanced Security is enabled. Passwords
can be disabled using the programming software's hardware configuration.
Note:
5.9.2 OEM Protection – Legacy Mode
Original Equipment Manufacturer (OEM) protection provides a higher level of security than
password levels 1 through 4.
The OEM protection feature is enabled/disabled using a 1 to 7 character password, known as
the OEM key. When OEM protection is enabled, all read and write access to the CPU
program and configuration is prohibited: any store, load, verify, or clear user program
operation will fail.
OEM Protection in Systems that Load from Flash Memory
For OEM protection, it is recommended to store the program to User Flash and set
configuration to always load from Flash. When setting up OEM protection it is important to
download the user program to RAM and User Flash before enabling the OEM protection. For
example, the following steps can be used to set up OEM protection.
If you are storing a non-blank OEM key to flash memory, you should be careful to record the
OEM key for future reference. If disabling OEM protection, be sure to clear the OEM key that
is stored in flash memory.
Note:
90
To enable passwords after they have been disabled, the CPU must be power-cycled
with the Energy Pack removed.
Set OEM Key password (Must be at Access Level 4 to set OEM Key)
1.
Download program to both RAM and User Flash.
2.
Set OEM Protection to the Locked state (refer to firmware note below).
3.
In firmware versions 7.80 and later, OEM Protection Lock must be explicitly set.
In earlier versions, the OEM Protection could be enabled in User Flash without
explicitly setting the OEM Protection to Locked. With the earlier firmware, loading a
non-blank from User Flash at power-up would result in an automatic OEM Lock.
PACSystems* RXi Distributed IO Controller User Manual GFK-2816F