GE 90-30/20/Micro Section 5: System Security , Passwords

2-36 Series 90-30/20/Micro Programmable Controllers Reference Manual – September 1998 GFK-0467K

Section 5: System Security

Security in Series 90-30, Series 90-20, and in the Micro PLCs is designed to prevent unauthorized

changes to the contents of a PLC. There are four security levels available in the PLC. The first

level, which is always available, provides only the ability to read PLC data; no changes are

permitted to the application. The other three levels have access to each level protected by a

password.

Each higher privilege level permits greater change capabilities than the lower level(s). Privilege

levels accumulate in that the privileges granted at one level are a combination of that level, plus

all lower levels. The levels and their privileges are:

Privilege

Level Description

Level 1 Any data, except passwords may be read. This includes all data memories (%I, %Q, %AQ,

%R, etc.), fault tables, and all program block types (data, value, and constant).

No values may be changed in the PLC.

Level 2 This level allows write access to the data memories (%I, %R, etc.).

Level 3 This level allows write access to the application program in STOP mode only.

Level 4 This is the default level for systems which have no passwords set. The default level for a

system with passwords is to the highest unprotected level. This level, the

highest, allows read and write access to all memories as well as passwords in both RUN

and STOP mode. (Configuration data cannot be changed in RUN mode.)

Passwords

There is one password for each privilege level in the PLC. (No password can be set for level 1

access.) Each password may be unique; however, the same password can be used for more than

one level. To maintain compatibility with the Hand-Held Programmer, passwords should be up to

four Hex characters in length (up to 7 accepted in the pr ogramming software); they can only be

entered or changed with the programming software or the Hand-Held Programmer.

A privilege level change is in effect only as long as communications between the PLC and the

programmer are intact. There does not need to be any activity, but the communications link must

not be broken. If there is no communication for 15 minutes, the privilege level returns to the

highest unpr ot ect ed level.

Upon connection of the PLC, the programming software requests the protection status of each

privilege level from the PLC. The programming software then requests the PLC to move to the

highest unprotected level, thereby giving the programming software access to the highest

unprotected level without having to request any particular level. When the Hand-Held

Programmer is connected to the PLC, the PLC reverts to the highest unprotected level.