We want to install our URCap into one robot, and prevent the customer from accessing the URCap files, which can be easily decompiled, and also from copying the files and use the URCap into another robot. Is there a safe way to do this? Changing the robot root password is enough?
I’m also interested in this topic.
Changing the root password is not enough as long as the customer can create a urmagic script and run it from a USB stick.
Do you mean a custom urmagic script which can copy any folder in the robot SD card?
We‘re also interested in a solution for this.
Even the integrated urcap plugins are not secure as the files are copied into the felix-cache folder on runtime and can easily be copied.
Yes, I mean, a custom urmagic script can be created to copy any folder from the robot file system.
If you can write the most important business logic in C/C++ and compile the source code without any debug info, it will be much more difficult to reverse-engineer the binary executable. In the C++ part you can also verify the robot serial number - for example - and terminate the process if the serial number does not match your criteria. (Implement some kind of ‘Static license’.)
Thank you all for the input. It is highly appreciated!
There is more details on the topic here and possible approaches:
Is the biggest issue that reverse engineering is possible or a need for embedded license handling, so every user is forced to purchase a license.
The biggest issue is to make sure that the URCap compiled files can’t be read/copied from the robot SD Card. In this way we can install the URCap to the customer robot and be sure that it will run only in that machine.
It would be a plus to protect in some way the source code in the
.urcap archive from de-compiling, so that a licence mechanism or a check on robot serial number could be embedded and the customer could install the