Protection of project data on the hard disk and during transfer 

Engineering and parameterization tools (e.g. PLCnext Engineer) often store plain, i.e., unencrypted project data on the harddisk of your computer. The data is therefore unprotected against tampering and theft.

Use a suitable encryption method: 

  • to protect project data, archives, and libraries, etc. on your computer.
  • to protect the transmission of project data, for example, by email.
  • to authenticate the origin and authorship of transmitted project data with the recipient.

Suitable methods can be provided by encryption and signing tools according to the OpenPGP standard as defined by RFC 4880 (such as PGP, or GnuPG). For encrypting project data on your hard disk, for example, FDE (Full Disk Encryption) tools, such as BitLocker can be used. WinZip archives with password can help protect project files/archives or released libraries.

Note: The methods described here for encryption should be supplemented by the general protective and hardening measures for PCs.

Recommendation: encryption on the entire data path

  • Encrypt data on each storage medium (local disks, your network, in the cloud, portable storage media).
  • Only transfer encrypted projects parts or libraries, for example, by email.
    Suitable Tools (e.g., PGP) enable both the encryption as well as signing of emails: Encryption prevents the unauthorized reading of the mail content while the signature is used to verify the integrity and the authenticity of the mail.
  • Transferred data should remain encrypted on its entire way from the sender to the receiver. This includes that the sent data are stored encrypted at the target system as well after the transmission.

 

 


•  Web browser recommendation: Chrome, Firefox 78 or newer, Edge 88 or newer, or Safari • 
• Published/reviewed: 2023-01-13 • Revision 005 •