Protect know-how of PC-DMIS routines

bherrin & JesseB413

Both Operator mode and Inspect unfortunately don't fit all the needs.
We already use the German Version of Inspect called "Operator Interface". -> https://ftp.hexmet.de/PC-DMIS/PC-DMIS_Operator_Interface/

While one can hide the PC-DMIS code, when the files get copied and opened on another machine all the information is visible.

In my opinion it should be a setting imbedded into the .prg and .cad files so no matter where the files get opened they don't show the information.

Then you need to order PCs with no USB ports other than what the DEMON needs to run or you can lock the PC cabinet and put all of the keys away.

Then you need to order PCs with no USB ports other than what the DEMON needs to run or you can lock the PC cabinet and put all of the keys away.

I have heard of IT departments deliberately damaging or gumming up ports to protect their systems.

If you use older style PS/2 keyboards and mice there would be no need to have external USB ports at all. You could install internal USB ports for software keys and system maintenance.

Let's take a few steps back.
When you say you want to protect routines from "know how theft"...

I'm guessing you are a contractor, who gets paid to produce inspection routines for-profit, and likely on a per-PRG basis, and you want to make sure your "intellectual property" is protected, correct?
You don't want your customers to learn how your routine works, so they (or others) can't:
1: Learn any of your programming tricks,
2: Enable the client to go on their own and make routines based upon your code as a template.

--OR-- are you talking about what everyone above is inferring (IT security of the PC)?

If my hunch is correct, I think you are talking about the first topic. Protecting your work product as a contractor and preventing others from undermining your business.

I recall the old protect mode as well, it didn't obfuscate access to the edit window.

Maybe you could contact hexagon with your question.
--My guess is that they have a solution already made. (think of the FSE's calibration tools) They can sell you a solution that will embed PRG's into an EXE or batch file (or something similar)...
The EXE file will open and force PCDMIS to execute the routine using INSPECT user interface and make sure the routine closes/terminates upon routine end... that way the only means of running the routine is to run the EXE. or maybe it will allow pcdmis to execute the routine, but in the background..

I've never done it but the DEMON does have the capability to export a program as VB and I'm assuming that this could be recalled and ran as VB too.

louisd

Thanks for the detailed response!

Actually the company I work for asked me this question today.

They want to manufacture parts, that we designed and also manufacture ourselves, in another country. They are afraid that this knowledge will be stolen and are looking into ways to protect from this happening.
Locking down the computer is one possibility but also has its disadvantages. Like how do you get the programs on to the machine and how do you get the results from the machine to the quality software.

The "wish" is to handle it basically like software development. Difference between closed and open source software. The customer/manufacturer/contractor gets the program but not the knowledge within.
Like when you buy a software you get a working software but you mostly can't see how the developer programmed his software.

I also wrote Hexagon today but didn't get an answer yet.

Also I don't know yet how much my company is willing to invest in a solution yet (money or time wise).

My goal is to get as much information about this topic before reporting back to the requestor.

I believe you would need a "new" part program format container for this (with encryption) and a new PC-DMIS EXE that will handle the execution of the program while "locking down" the process of execution together with some anti-debugging techniques.

In PC-DMIS' current state, this is not possible.

Could virtual machines be a solution? Contractor connects (with his computer connected to his CMM) to your virtual machine which is running PC-DMIS and the part program? All communication between PC-DMIS and the contractors CMM goes through the virtual machine, so in theory, your virtual machine (with PC-DMIS running the part program) is driving the contractors CMM. I believe this would be a question for the Hex people. Some software solutions (ie. licensing) don't like VM's at all (for obvious reasons) provided this solution is even feasible.

vpt.se

Yes that is what I was thinking too... an encrypted part program.
I thought that, because PC-DMIS is used in industries with very sensitive data (like military), this could maybe already be included.

Today I also got the feedback from Hexagon where they say, they don't have this kind of protection available.

I will no wait and see if my company wants to further pursue this topic.

Thank you all for your feedback!

The Edit window is not visible in Operator Mode.

Our corporate IT Dept has blocked reading of any external storage device that has not been "white-listed"
We recently got a USB stick from Hexagon with the latest version of PC-DMIS. Our local IT guy had to get it white listed by corporate before he could install it on my computers.

Regardless of your efforts to insulate the code, there will always be a way for motivated individuals to extract the code.
This post seems like it could be a good start for VB script.
Run a Program from VB Application with PC-DMIS Open - PC-DMIS User Forum (pcdmisforum.com)​