amirm Posted October 30, 2013 Report Share Posted October 30, 2013 As far as I know, once you enable a Vision CLP as Modbus master you can access any MI, MB, ML, DW, etc. This leads to a security problem, as anyone can view data (passwords?) or even worse, write random data. The chances are low, but the risk is high. One customer is a manufacturer and will use V130 to assist the control of high power UPS, rectifiers and Inverters. Among other things, the V130 will provide HMI to configure battery charge voltage. If someone writes MI9999, he will set a new charge voltage. Even though the program limits the value to a valid range, the maximum value can destroy the battery bank or even start a fire. This can be accidental or intentional. To minimize the risks, I tell the user to read data on MIs 1900 - 1999, which hold copies of the real values - the real source data is stored somewhere else. If someone writes anything on these MIs, nothing will happen and values will be refreshed on next scan. I can also change the port of Modbus from 502 to something else, to avoid the risk of an application writing data on V130 thinking it´s another device on same IP. But these measures do not avoid tweaking of the memory outside of the 1900-1999 range. Question: Is there a way to limit modbus access to a given set or range of MI, MB, etc? Any operation outside the box will return "Invalid operation" I just had a crazy idea of using data tables: 1 - Load MI, ML, DW with data from data tables (do this on first net of !Main Routine) 2 - Run the program and use MI, ML, DW 3 - Store MI, ML, DW back to data tables (do this on almost last net of !Main Routine) 4 - Call MODBUS SCAN32 on last net of !Main Routine This way, if the user changes any MI by Modbus, nothing will happen, because all MIs will be reloaded on step 1. And data tables are not accessible by modbus... Going 2 steps further... 1 - Load MI, ML, DW with initialization data (on SB2_PowerUpBit) 2 - Store MI, ML, DW on data tables (on SB2_PowerUpBit) 3 - Load MI, ML, DW with data from data tables (do this on first net of !Main Routine) 4 - Run the program and use MI, ML, DW 5 - Store MI, ML, DW back to data tables (do this on almost last net of !Main Routine) 6 - Vector fill sensitive MIs with 0 - If user tries to read password with modbus, he will read 0. 7 - Call MODBUS SCAN32 on last net of !Main Routine I just wonder how this affects performance, and what is faster? DT Direct RAW Read or DT Read Column? I´ll give it a try and post results, when I have the time. Comments are welcome. Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.