Issuing and using your own OEM licenses

With the help of TwinCAT 3 license technology a PLC application can be protected against cloning through binding to hardware (Beckhoff IPC or TwinCAT dongle). Also, additional functions of the application can be licensed to end users through the creation of so-called "feature licenses".

Here you can find the Quick start.

System requirements

Operating system:

At least Windows 7 (or its Embedded version) is required in order to be able to use all the functions for the protection of the application software. Windows XP and Windows CE (Windows Embedded Compact) do not support either the encryption of the boot file or OEM licenses.

TC3 PLC Lib Tc2_Utiltities:

Use at least version 3/3/24 of the TC3 PLC Lib Tc2_Utilities, as they provide various functions for the comfortable handling of TwinCAT 3 licenses. It is mandatory for the use of TwinCAT 3 dongles for OEM application licenses. The TC3 PLC Lib is included from TwinCAT 3.1 Build 4022.16.

TwinCAT Version:

The functionalities described above require TwinCAT 3.1 build 4024 or higher.

	Reliable protection only when using the latest TwinCAT 3 version For reliable protection (e.g. secure encryption), always use the latest TwinCAT 3 version. This provides the maximum security. Use at least TwinCAT 3.1 Build 4024.x. For security reasons, do not use an older version!

General notes

	If you use OEM licenses make sure you encrypt your boot project! Remember that the license ID queried via FB_CheckLicense in the binary code can easily be found and (with a little effort) manipulated with a hex editor. Therefore, be sure to encrypt your boot project (safest), or at least disguise the queried license ID in the source code as best as possible.

A user database is not required for the application licensing.
The license is validated by the TwinCAT 3 runtime (XAR). The TwinCAT 3 runtime must therefore be installed on the IPC.
The validity of the application license is independent of the validity period of the OEM certificate. The application license thus remains valid even after the validity of the OEM certificate has expired.
The use of OEM application licenses always requires a TwinCAT 3 dongle or a Beckhoff IPC.
For IPCs with a platform level >= 90 (non-Beckhoff IPCs) a TwinCAT-3 dongle must always be used as a "License Device" for security reasons!

Prerequisite for using this function: Issue of a TwinCAT OEM certificate

Licensing process

The licensing process is subdivided into the following steps:

Creating a general license description file.
The license description file is used for describing and selecting a specific license type during the licensing process. Among other information it contains a unique license ID, which is used to unambiguously identify the license type.
Creating a License Request File for the required target system.
Signing the License Request File with the OEM certificate, thereby creating a License Response File for the specified target system. This activates the corresponding OEM application license on the respective target system.

Issuing and using your own OEM licenses 3:

The details of the licensing process are described in the following sections.

Further Information