Siemens Industry Online Support
Siemens AG
Entry type: FAQ Entry ID: 85237682, Entry date: 12/17/2013

How can you protect STEP 7 (TIA Portal) projects against unauthorized access and modifications?

  • Entry
  • Associated product(s)
In STEP 7 (TIA Portal) you can use "Know-How Protection" to protect your programs.

However, if you want to protect content other than the programs or the complete project, we recommend the following measures:

  • Access protection using file system rights
  • Encrypted ZIP archives
  • Storage in an encrypted drive container

Access protection using file system rights
By assigning rights in the Windows file system you can restrict access to files and directories for specific users or user groups. This permits you to define access rights to the directory of a STEP 7 (TIA Portal) project to suit your needs and wishes.

In the Windows Explorer you right-click the directory in which you have stored your projects and open "Properties" in the pop-up menu. Select the "Security" tab and there you can deny permissions for all non-authenticated users and define individual user rights. For example, for each project you can define a separate Windows user group which has read and write access to the project directory.

Fig. 01

This function is available only for data media with an NTFS format.

Encrypted ZIP Archives
You can use encrypted ZIP archives to protect transported projects (e-mail). In this case you pack the complete project directory or project archive file into a ZIP archive and enable the encryption option of the ZIP program. Proceed as follows:

  1. Use the "Project > Archive..." function to archive a project in STEP 7 (TIA Portal). For this you select a directory with the required access rights (comparable with those of the original project).
  2. In the Windows Explorer you right-click the ZIP file and in the pop-up menu you select "7-Zip > Add to archive...".
  3. In the dialog that opens you select "Zip" for the Archive format and enter a password.

Fig. 02

  1. Confirm with OK.

Now the archive can only be opened by entering the password. Ensure that your password is as secure as possible for the encryption.

Always forward a project with know-how-protected blocks as a project or library archive. This ensures that the know-how protection cannot be bypassed.

Storage in an encrypted drive container
Storage in an encrypted drive container is a measure with an even higher security level but which also involves a lot more handling. You can use the TrueCrypt free security software for this. This permits you to encrypt drives and also incorporate encrypted files (drive containers) as regular drives. You need a password each time to open or incorporate the drives.

  1. In the internet you go to "www.truecrypt.org" to open the "TrueCrypt" dialog. Go to the "Download" tab to install the tool on your hard disk. After downloading, the tool is available in Windows 7 das Tool under "Start > All Programs > TrueCrypt".
  2. Click the "Create Volume" button to create a new TrueCrypt container.
  3. In the dialog that opens you select "Create an encrypted file container" and click "Next".
  4. In the next dialog you select "Standard TrueCrypt volume" and click "Next".

Fig. 03

  1. In the next step you define the desired storage location and the file name for the drive container.
  2. The two options "AES" and "RIPEMD-160" are preset in the subsequent "Encryption Options" dialog. Accept the settings and click "Next".
  3. In the "Volume Size" dialog you define the size of the drive container, in other words the size of your virtual drive. The volume must be at least large enough to store the complete STEP 7 (TIA Portal) project. You should also calculate spare capacity.
  4. Define a password in the next dialog. Confirm the password in the second line and click "Next". The drive container is now encrypted and formatted and can then be used. This process can take up to several hours depending on the size of the drive container.
  5. To use the container you select a drive letter in the top section of the "TrueCrypt" dialog and in the bottom section you select the drive container you have just created. Click the "Mount" button and enter your password. Then you receive a new drive letter.
  6. Now move the project to be protected or create a new project directly on the new drive. You can then process the project in the container as on the hard disk.
  7. Once you have finished your work on the project you close the STEP 7 (TIA Portal) software and the drive container. For this you select the drive letter used in TrueCrypt and click the "Dismount" button.
    All files and directories must be closed on this drive before you can close the drive container.

Once the drive container has been created you need only perform steps 9 to 11 for regular usage.

Security information
In order to protect technical infrastructures, systems, machines and networks against cyber threats, it is necessary to implement – and continuously maintain – a holistic, state-of-the-art IT security concept. Siemens’ products and solutions constitute one element of such a concept. For more information about cyber security, please visit