Chapter 4. CPU Operation
162
PACSystems* RX7i, RX3i and RSTi-EP CPU Reference Manual
GFK-2222AD
4.9.1
Passwords and Privilege Levels - Legacy Mode
Passwords are a configurable feature of the PACSystems CPU. Their use is optional and is set up using
the programming software. Passwords provide different levels of access privilege for the CPU when the
programmer is Online. Passwords are not used if the programmer is in Offline mode.
The default state is no password protection. Each privilege level in the CPU may have a unique password;
however, the same password can be used for more than one level. Passwords can be changed only
through the programming software.
Passwords are one to seven ASCII characters in length.
After passwords have been set up, access to the CPU via any communications path is restricted from the
levels at which the passwords are set, unless the proper password has been entered. Once a password
has successfully been accepted, access to the highest privilege level requested and below is granted (for
example, providing the password for level 3 allows access to functions at levels 1, 2, and 3).
Note:
The RUN/STOP Switch on the CPU overrides password protection. Even though the
programmer may not be able to switch between Run and STOP Mode, the switch on the CPU
can do so.
Privilege Levels
Level Password Access Description
4
Yes
Write to configuration or logic. Configuration may only be written in STOP Mode; logic may
be written in STOP Mode or RUN Mode. Set or delete passwords for any level.
Note:
This is the default privilege for a connection to the CPU if no passwords are defined.
3
Yes
Write to configuration or logic when the CPU is in STOP Mode, including word-for-word
changes, addition/deletion of program logic, and the overriding of discrete I/O.
2
Yes
Write to any data memory. This does not include overriding discrete I/O. The CPU can be
started or stopped. CPU and I/O Fault Tables can be cleared.
1
Yes
Read any CPU data except for passwords. This includes reading fault tables, performing
datagrams, verifying logic/configuration, loading program and configuration, etc. from the
CPU. None of this data may be changed. At this level, RUN/STOP Mode transitions from the
programmer are not allowed.
Protection Level Request from Programmer
In Legacy mode, upon connection to the CPU, the programmer requests the CPU to move to the highest
non-protected level.
The programmer requests a privilege level change by supplying the new privilege level and the password
for that level. If the password sent by the programmer does not agree with the password stored in the
CPU’s password access table for the requested level, the privilege level change is denied and a fault is
logged in the CPU fault table. The current privilege level is maintained, and no change occurs. A request
to change to a privilege level that is not password protected is made by supplying the new level and a
null password. A privilege change may be to a lower level as well as to a higher level.