I was referring to Julian’s original mails, but you explain it well.
On December 13, 2018 at 01:15:32, Christofer Dutz (christofer.d...@c-ware.de) wrote: Ok this time a email not only to Otto ... Seems commenting on emails on my phone has it's disadvantages ;-) If that question was intended for my last email: I'm not trying to protect anything. Only perhaps the simplicity of the API. All I did was provide some thoughts on how we could implement this and mention that we would not only need extension of the scraper, but also the protocol implementation. If that was intended for Julian's proposal: With the non symbolic addressing of normal s7 PLCs a variable is defined by it's start address. Now someone could modify a data block. For example add a new variable somewhere in the middle, or change the size of a variable (int to long or similar). This would shift all addresses in that memory block located after that, but there would currently be no way to detect that change and plc4x would continue to work without complaint, but the produced data would be completely corrupted. With Julian's proposal the scraper could be configured to expect a db-version and report a warning in case this is not as expected. Chris Outlook for Android <https://aka.ms/ghei36> herunterladen ------------------------------ *From:* Otto Fowler <ottobackwa...@gmail.com> *Sent:* Thursday, December 13, 2018 4:43:34 AM *To:* dev@plc4x.apache.org; Christofer Dutz *Subject:* Re: Versioning for Datablocks What exactly are you trying to protect from happening? On December 12, 2018 at 14:19:11, Christofer Dutz (christofer.d...@c-ware.de) wrote: Definitely opening an issue and attaching the capture is a good idea. Probably we have to implement something in the S7Protocol layer in order to read that. I would expect it not to detect malicious modification, but accidental update sold be detectable. I would probably suggest to define a special address syntax for that usecase and not add some new API functions. Chris Outlook for Android<https://aka.ms/ghei36> herunterladen ________________________________ From: Julian Feinauer <j.feina...@pragmaticminds.de> Sent: Wednesday, December 12, 2018 5:31:34 PM To: dev@plc4x.apache.org Subject: Re: Versioning for Datablocks Hey all, We spontaneously digged into it with wireshark and have generated a .cap to evaluate. The request is a "Get Block Info" Request and the Response contains: "Code timestamp", "Interface timestamp" and "Block checksum". I will think about how or where we could implement this as I'm really eager to have this feature in the scraper at least to avoid problems we had in the past. @Chris: Should I place the capture in the Repo? Otherwise I will create an issue and append it there for somebody to implement it : ) Julian Am 12.12.18, 17:09 schrieb "Julian Feinauer" <j.feina...@pragmaticminds.de >: Hi all, I had (have, in fact) a very interesting Discussion with an PLC programmer about S7. He told me that there is the possibility (or Siemens does that…) to read out timestamps of “last changed” for each datablock. This could be very interesting for us to avoid situations where someone changes something in a block and suddenly you start to read … well, dump. I could imagine adding this somewhere in an “upper” layer like the scraper or OPM to have an additional “security” layer. @Chris: Do you know something about that? Julian
