Re: [CAD_CAM_EDM_DRO] Re: CNC Control software recommendations

Alex wrote:

>> 1. Don't install development tools on the machines you ship.
>
>
> Ok, I understand but how available are these tools on the internet for a free download?

They are readily available, but the amount of knowledge required to use
them is pretty big. I just don't see this as a very likely scenario in a
machine shop environment. Even a little effort at system security would
be enough to deter the casual tinkerer.

>> 2. Password protect configuration files, or put them (or the whole
>> system for that matter) on read only media. An example would be that
>> your system booted from and ran from a CDROM (can be done today). You'd
>> probably need a hard drive for program storage, but there would be NO
>> user alterable files that affect system operation.
>
>
> I agree but due to access speed and other factors I would prefer to have the system on the hard drive.

Actually, the system boots from the CD and then uncompresses a disk
image into memory and runs out of a ramdisk from then on, so it's not
bad performance wise after you get past the boot sequence. If this still
isn't satisfactory, see Brian Pitt's comments on solid state disks
(which are currently used with Linux).

> Is it possible to use a parallel port type key with Linux?

Sure, but... gack! The dongle makers all provide c source code for
accessing their devices...

You could accomplish something similar at run time by doing an md5sum of
the system files (or the whole partition, or just the .ini file) and
then checking it against what it should be for a stock system. This
would make it extra hard for someone to make unauthorised changes. You
could also log any failures or strange conditions to
/var/log/alexslogfile and then e-mail it to yourself daily (if the
machine was net connected). You could run the EMC as a regular user and
not give out the root password! That would slow 'em down...

>> As an example, some yahoo could make changes to the
>> parameters of a Fanuc control and cause the same type of problems that
>> you listed, but the manufacturer would disclaim liability because the
>> changes were unauthorized and they couldn't be made inadvertently.
>
>
> Fanuc parameter setting aren't readily available on the internet for download like Linux and its tools.
> Fanuc charges big money for their parameters so they can fall back on - No proof of payment for parameters, no liability.

Maybe Fanuc parameters was a bad example... What I mean is that most all
controls have a "setup screen" or some other place where you configure
the control to fit the machine. I haven't seen one that was even
password protected, and it was possible to really goof up things by
making changes in there.

>> Whoever made the changes had to go to considerable trouble. If someone
>> went to the trouble of downloading the source code, making changes,
>> recompiling, and burning a new boot CD, I think you'd be in the clear.
>> Or at least as "in the clear" as you would be with any other system
>> since they're all at least somewhat user configurable.
>
>
> That's allot to have to prove he/she did. Might be easier for the hacker to prove that my system was bad?

I think you greatly overestimate the computer programming abilities of
the people who would be your typical users. Anyone who can do what I
described in the paragraph above is probably not pressing the green
button for a living ;) . I'm also certain that a Linux based system can
be made as secure as needed to satisfy even the most paranoid insurance
underwriter. As a machine maker you have some liability exposure no
matter what. I've said it before, and I'll say it again, "There's no CNC
for Dummies...".

Matt