Encryption
 | Make an unencrypted backup before encrypting! Before encrypting a project: always make a backup of the project in its unencrypted state! |
TwinCAT 3 uses 256-bit AES encryption and employs a private and public key procedure for the OEM certificate.
Prerequisite for using this function: Issue of a TwinCAT OEM certificate
Following objects can be encrypted in TwinCAT:
- PLC source code
- Project file
- Boot project
| Secure protection only with encryption of the project file The project file must be encrypted in any case when using encryption, because it contains important information about the properties of the project. Manipulation of this information could prevent secure encryption of the source code. |
The key used for the encryption is secured in the user database. The corresponding user database must therefore always be available on the Engineering computer. (Directory: C:\Twincat\3.1\CustomConfig\userDBs)
The user database is not necessary for the decryption of the boot project (= binary file).
System requirements
Operating system:
- At least Windows 7 (or its Embedded version) is required in order to be able to use all the functions for the protection of the application software. Windows XP and Windows CE (Windows Embedded Compact) do not support either the encryption of the boot file or OEM licenses.
TwinCAT version:
- The functionalities described require TwinCAT 3.1 build 4022 or higher.
| Reliable protection only when using the latest TwinCAT 3 version For reliable protection (e.g. secure encryption), always use the latest TwinCAT 3 version. This provides the maximum security. Use at least TwinCAT 3.1 Build 4024.x. |