Project encryption on a target device

Encrypt projects on any device with FactoryTalk Optix Update Server installed.

Encryption scope

Project

YAML

files, which represent the project information model, are transferred as encrypted binary files to target devices. For more information, see Project source format.

By default, Emulator components are encrypted. You cannot disable the encryption of Emulator components.

Encryption operation

Target devices generate symmetric encryption keys based on the current hardware, independently from the host platform. The encryption key is stored in

EncryptionKey.bin

on the target device in the

Runtime

folder. The encrypted application is tied to the specific target device hardware.

You cannot copy and run an encrypted project on a different target device. Exporting a project to a USB device or folder does not encrypt the compiled project.

TIP: To upload an encrypted project, you need to:

Upload the project with

Transfer application source files

selected for the target device. See Add a target device.

Use the password of the local user of the target device that transferred the application.

TIP: Project encryption is not related with the

FactoryTalk Hub

account. You can upload encrypted projects from a device while opening a project even if you are not logged in or are logged into a different organization than the organization used to develop the project.

Manage target devices

Provide Feedback

Have questions or feedback about this documentation? Please submit your feedback here.