File Encryption Service

From SysCAD Documentation

Navigation: User Guide -> File Encryption Service

Related Links: PGMs, Reaction Block (RB)

Contents 1 Introduction 2 Examples of Reasons to Encrypt 3 How to Encrypt Files 4 Suggested Workflow 5 File Management 6 Encrypted PGM Files 7 Encrypted RCT Files 8 Encrypted DXF Files

Introduction

As a service to users with a current SysCAD maintenance agreement, Kenwalt provide a web-based file encryption service. An encrypted project is the ideal way to share a SysCAD project with a third party.

The file encryption service can be used to encrypt General Controller(PGM), Reaction(RCT) AND Graphics Page(DXF) files, which are used with SysCAD projects. When a file is encrypted, it will be

1. Illegible outside of SysCAD, this is especially useful to keep intellectual property implemented in one or more PGM files protected and hidden from third parties.
2. Read only within SysCAD. This will help prevent any unwanted changes to the project.
   • A General controller with an encrypted PGM file will have the Edit_PGM function disabled. User will be able to view and edit the PGM data field values from the Access window, but they will not be allowed to view or make any changes to the file on a code level.
   • A Reaction Block with an encrypted Reaction file will have the Edit_RCT function disabled. User will be able to view all the reactions on the access window and adjust any adjustable values as normal, but they won't be able to add or remove reactions. An encrypted reaction file will not be shown on the Reaction Editor.
   • A graphics window with an encrypted DXF file will have all the Graphics Editing commands disabled. User will be able to see the drawing, navigate around the window (eg zoom) and gain access to the model data, but they will not be allowed to make any changes to the drawing. The user will not be able to delete or add models, nor will they be able to manipulate the graphics in any way.
3. The encrypted files will stay encrypted as projects are saved (or save as).

The concept of the web based encryption service is simply. User will submit the file(s) for encryption, when the file is encrypted, it can be downloaded for use. As a precaution, since the encryption file can not be edited, the user is responsible for keeping copies of the original files. If the user needs to make any changes, they need to change the original files and re-submit them for encryption.

All encrypted files in a project can be identified by an extra .x file extension.

A project is allowed to have a mixture of encrypted and unencrypted files. The reduced functionality only applies to the encrypted files.

Kenwalt provides no guarantee on the security of the encrypted files. Kenwalt do not retain a copy of any file submitted or encrypted.

Although earlier versions of SysCAD can work with encrypted files, the functionality has been improved and we recommend that SysCAD 9.2 Build 131.6944 or newer is used for PGM and RCT encryption and Build 132 for DXF encryption. In the future, Kenwalt plan to allow encryption of other file types as well as use this mechanism to disable selected functionality in a project.

Note: Files must be at least 100 bytes in size before they can be encrypted.

Examples of Reasons to Encrypt

Some examples of situations where it might be useful to encrypt files:

1. If you wish to keep the contents of the PGM and RCT files secret from a party who does not have a SysCAD license.
2. If you wish to provide a copy of the project to a third party (perhaps an internal client) who has a SysCAD license, but you do not wish them to be able to edit the PGM or RCT files. This prevents accidental or deliberate changes being made to the some parts of the project.
3. If you wish to provide a copy of the project to a third party (perhaps an external consultant) who has a SysCAD license, but you do not wish them to be able to edit or copy the PGM, RCT or DXF files for use on a similar project.
4. If you wish to provide a copy of the project to a third party (perhaps an external consultant) who has a SysCAD license, but you do not wish them to see the equations/logic used in your PGM files as the equations may be confidential.

How to Encrypt Files

This is a web based service so access to the internet will be required.

1. Go to http://www.syscad.net and choose SysCAD Utilities from the menu on the left hand side (or go directly to http://encrypt.syscad.net).
2. Enter your user name and password. This is the same User Name and Password used for downloading SysCAD updates. Please contact Kenwalt if you do not know what your current user name and password are (go to http://syscad.net/contact.html or email support@syscad.net).

Once you are logged in to the encryption service you can choose to encrypt single files or a group of files as described below:

If you want to encrypt multiple files:

1. Zip the files together into a single zip file (the zip file can contain other files, for example, you could just zip up your whole project).
2. Browse for the zip file which contains the (PGM and RCT) files you want to encrypt.
3. Choose the file type/s you wish to encrypt (PGM and/or RCT).
4. Press the Encrypt button.
5. The results will be displayed. If the encryption was successful then you can save the new zip file with the encrypted files by pressing the Download button. The zip file will be called the same as the file you submitted except it will end in ".x.zip". The files to be encrypted will be replaced in the zip file with encrypted files which have the same name except have a ".x" added to them. (eg. abc.pgm -> abc.pgm.x)

Note: Files must be at least 100 bytes in size before they can be encrypted. If one of the files you submit is smaller than 100 bytes then the result for that file will be "File too short". This will not prevent other valid files from being encrypted.

If you want to encrypt a single file:

1. Browse for the individual (PGM or RCT) file you want to encrypt.
2. Press the Encrypt button.
3. The result will be displayed. If the encryption was successful then you can save the file by pressing the Download button. The file will be called the same as the file you submitted except it will have a ".x" added to it. (eg. abc.pgm -> abc.pgm.x)
4. To encrypt another file, press the Back button.

Note: Files must be at least 100 bytes in size before they can be encrypted. If the file you submit is smaller than 100 bytes then the result will be "File too short" and there will not be an encrypted file to download.

Suggested Workflow

The suggested workflows for encrypting PGM files prior to distribution of the project to a third party for single or multiple files are described below.

If only a single file is to be encrypted or only selected files of the same type in a project are to be encrypted:

1. Save a version of the final project and then close the project.
2. Submit the files required to be encrypted to the encryption service.
3. Save the encrypted files back to the same subfolders as the original files in the final project.
4. Delete the original files from the new version of the final project once they have been encrypted (or open the project and perform a save version).
5. Load the new version of the project and ensure that the project still runs as required.
6. Check the access window for each of the general controllers/reaction blocks which require an encrypted file. The access window will show if an encrypted file is being used and the Edit PGM/RCT button will not be present.
7. Close the project.
8. Send the project to the third party.

If all PGM/RCT files in a project are to be encrypted:

1. Save a version of the final project and then close the project.
2. Zip the project folder of the newly saved version of the final project.
3. Submit the project zip file to the encryption service.
4. Unzip the returned zip file into a folder with a different name.
5. Load the unzipped project and ensure that the project still runs as required.
6. Check the access window for each of the general controllers/reaction blocks which require an encrypted file. The access window will show if an encrypted file is being used and the Edit PGM/RCT button will not be present.
7. Close the project.
8. Send the project to the third party.

File Management

A project may have a mixture of encrypted and non-encrypted PGM files.

Encrypted PGM/RCT files are only recognised by SysCAD if they have a ".x" on the end of the file name. If both the original file and an encrypted version of the file are in the same folder, SysCAD will load the encrypted file. Hence if you change the original file, SysCAD will not see this change. You must re-encrypt the file and replace the encrypted version.

If both the original file and an encrypted version of the file are present in a project, then if a save as/save version is performed only the encrypted version is copied to the new version.

Encrypted PGM Files

To make use of the file encryption, a PGM file must located in the Controls subfolder of the SysCAD project folder (ie. it can not be saved in a location external to the project).

A single general controller may use a mixture of encrypted and non-encrypted PGM files.

Some of the advantages of using an encrypted PGM file include:

1. A third party will have no access to the contents of the file without a SysCAD license.
2. Third parties with a SysCAD license will not be able to edit or copy the PGM file.
3. Even third parties with a SysCAD license will not be able to see the equations/logic used in the PGM, they will only be able to observe the results of the logic while running the SysCAD project.

Encrypted RCT Files

Some of the advantages of using an encrypted RCT file include:

1. A third party will have no access to the contents of the file without a SysCAD license.
2. Third parties with a SysCAD license will not be able to edit or copy the RCT file. To replicate it, they will have to create it from scratch.

Encrypted DXF Files

Some of the advantages of using an encrypted DXF file include:

1. A third party will have no access to the contents of the file without a SysCAD license.
2. Third parties with a SysCAD license will not be able to edit or copy the DXF file. To replicate it, they will have to create it from scratch.