HaloCAD for PTC Windchill
HaloCAD for PTC Windchill
Breadcrumbs

Release Notes

Introduction 

The release notes provide brief and high-level descriptions of the new features of HaloCAD. Before installing HaloCAD, it is recommended to read the release notes to understand any current limitations or bugs that may apply to this version of the software.

Product Description

The HaloCAD for PLM solution integrates seamlessly with the PLM application, including the features of HaloCAD PROTECT and HaloCAD MONITOR while utilizing Microsoft Purview Information Protection (MPIP), formerly Microsoft Information Protection (MIP), to provide Enterprise Digital Rights Management (EDRM) capabilities.

It provides access to MPIP-protected files, including label handling and privilege enforcement. Any file access actions, such as check-out or export, that may result in a download are intercepted by the HaloCAD for PLM solution, automatically protected based on predefined rules, and then delivered to the end user. Similarly, file access actions such as check-in or upload are intercepted and examined. If a protected file is detected, it is decrypted, and the unprotected file is returned to the PLM vault. For CAD users, the handling of CAD files remains seamless, as these processes occur entirely in the background. By applying MPIP labels, the solution ensures end-to-end security for CAD files, while all upload and download activities are continuously monitored and logged to provide complete traceability.

System Requirements

The following system requirements table specifies the minimum and recommended technical specifications, such as software and network resources, necessary to run the product.

Components

Details

Supported Operating Systems

Windows Server 2022 and above with updates installed.

Supported file types

  1. Creo file types

  2. MS Office native file types

  3. Non-Office file types

Office 365 Subscription

  1. Fully configured Microsoft Purview Information Protection.

  2. An Azure subscription is required to use Azure RMS and the MPIP functionality.

  3. A working Microsoft Entra ID service must be available.

  4. Transport Layer Security (TLS) 1.2 or higher must be enabled to ensure the use of cryptographically secure protocols at all client workstations.

  5. To avail the revoke access feature, the user should be assigned to the Microsoft Purview Information Protection Premium P1/P2 license. (Not required for reader add-on)

  6. Audit logging: Your Azure subscription must include Log Analytics on the same tenant as Microsoft Entra ID.

  7. Register an application to get the Application (client) ID and Tenant ID in the Azure portal. Select the option Web during application registration.

Refer to the Technical Reference Manual for details on TLS 1.2 and application registration.

Others

Install HaloENGINE and HaloCAD for PLM separately on Windows servers.

Requirements

Supported PLM software for HaloCAD for Windchill

You are currently viewing the release notes for the current build. For previous versions, please refer to their respective release notes.

Windchill PLM Software

HaloCAD Component Version

PDMLink 13.0.2.0

2.7

PDMLink 12.x, 13.0.1.0

2.1, 2.2, 2.3, 2.4, 2.5, 2.6

PDMLink 11.0 M030 CPS16

2.0

PLM software and HaloCAD component version

Code Quality and Security

Secude focuses on software quality and security. This is accomplished by adhering to and exceeding best practices in development, testing, and quality control. Secude has chosen SonarQube as the first building block for building and implementing a robust continuous code quality assurance (QA). SonarQube is a platform for static code analysis for continuous inspection of code quality. It performs automatic reviews of code to detect bugs, code smells, unit test coverage, and security issues in 29 programming languages.

SonarQube is utilized throughout the development process at Secude, and only the highest marks are accepted for a product to be released. It helps to regulate code quality from the beginning of development, find and repair issues promptly, and improve overall software stability.

Each build report can be found under its relevant version heading in this release notes.

Reliability Rating 

  • A = 0 Bugs

  • B = at least 1 Minor Bug

  • C = at least 1 Major Bug

  • D = at least 1 Critical Bug

  • E = at least 1 Blocker Bug

Security Rating

  • A = 0 Vulnerabilities

  • B = at least 1 Minor Vulnerability

  • C = at least 1 Major Vulnerability

  • D = at least 1 Critical Vulnerability

  • E = at least 1 Blocker Vulnerability

Security Review Rating 

The Security Review Rating is a letter grade based on the percentage of Reviewed (Fixed or Safe) Security Hotspots.

  • A = >= 80%

  • B = >= 70% and <80%

  • C = >= 50% and <70%

  • D = >= 30% and <50%

  • E = < 30%

Maintainability Rating 

A=0-0.05, B=0.06-0.1, C=0.11-0.20, D=0.21-0.5, E=0.51-1

The Maintainability Rating scale can be alternatively stated by saying that if the outstanding remediation cost is:

  • <=5% of the time that has already gone into the application, the rating is A

  • between 6 to 10% the rating is a B

  • between 11 to 20% the rating is a C

  • between 21 to 50% the rating is a D

  • anything over 50% is an E

Build 2.7

This chapter provides an overview of the updates and quality insights included in this release. It covers the fixed issues, improvements, limitations, new features, and known issues, along with a summary of SonarQube’s key parameters to highlight code quality metrics and analysis results.

New Features

There are no new features to highlight in this release.

Improvements

This section lists improvements added to the current release.

In earlier releases, HaloENGINE and HaloENGINE Service functioned independently and required separate installers. Beginning with this release, HaloENGINE is delivered as a unified component that bundles the HaloENGINE Tomcat Service DLL within a single installer. HaloENGINE now connects to Microsoft Purview Information Protection to fetch the sensitivity labels and make them available for label configuration. Similarly, HaloCAD for Windchill is now delivered as a unified component that includes the HaloENGINE Service DLL, which not only fetches sensitivity labels but also manages file encryption and decryption. These enhancements simplify deployment and improve overall performance. HCADWCL-754

Limitations

This section lists the limitations of the current release.

  1. An authorization error occurs while downloading a file configured with a security label in Windchill. HCADWCL-149

  2. Multiple log entries get updated for a single file download if no action rule is configured and the Fail-safe mode is Strict. HCADWCL-216

  3. It is not possible to retrieve the User_Role if the Site Administrator logs into Creo. Hence, the User_Role does not get logged in the audit log while the file is downloaded/uploaded. However, if the Site Administrator logs in via the browser, the user roles are fetched properly. HCADWCL-240

  4. Protecting a new file based on metadata SYSTEM_CONTEXT is not possible until the background scheduler revaulting process in the Windchill Server gets completed, as configured by the site administrator. Once the scheduler is invoked, the file gets protected, and you can see the details of it in the audit log. However, this limitation does not occur in already uploaded files. HCADWCL-283

  5. When downloading files from the Replica Server, the following metadata, such as Product_Name, Library_Name, and Project_Name do not work; instead, System_Context metadata is utilized to protect the files. Please note that only the Main Server supports the metadata Product_Name, Library_Name, and Project_Name. HCADWCL-422, HCADWCL-412

  6. The metadata Workspace_name does not function while downloading files from the Replica Server.

  7. When you try to enter a different language, such as Chinese or German, the project_name, library_name, product_name, workspace_name, and system_context entries in the Method Server log will have improper values. HCADWCL-504

  8. Non-office or non-CAD files downloaded from the Windchill Workspace/Windchill browser will be protected according to the HaloENGINE rules, but their extension will not be changed to .ptxt or .pfile. For instance, the Text.txt and Image.jpg file extensions stay the same even after protection. This is expected behavior. HCADWCL-84, HCADWCL-86

Fixed Issues

This section provides a list of the fixed issues in the current release.

  1. As of this release, the service has been introduced as a DLL. Linux support has been suspended for now, as it does not natively support Dynamic Link Libraries (DLLs).

  2. In the HaloCAD for Windchill Configuration Tool, under the Primary HaloENGINE Configuration tab, the HaloENGINE Service Port option has been removed, as the functionality is now embedded as a DLL.

  3. With this release, the service is provided as a DLL, and tenant details have been incorporated into the HaloCAD for Windchill UI.

  4. Fixed an issue where an error occurred and the file was not uploaded when uploading a standalone protected drawing that contained a dependent file. HCADWCL-756

  5. Fixed an issue where the service was updated as the Owner for dependent files when downloading ASM/DRW files, even when the Owner was configured as User. HCADWCL-758

Known Issues

This section describes the known issues with the current release.

  1. When an error occurs while uploading the files into Windchill, the audit log file gets updated with improper field values for fname and file type. HCADWCL-163

  2. If a text file is downloaded, the file gets protected as per the rule configured in HaloENGINE, but the extension is saved in native format (i.e., .txt) instead .ptxt. HCADWCL-151

  3. The field value duser gets updated as "null" while uploading a file to the Windchill workspace. HCADWCL-250

  4. The audit log updates file downloads only when files are downloaded multiple times using the Export from Workspace option. HCADWCL-252

  5. When an assembly file with a sub-assembly file and a dependent part file is downloaded via the Export from Workspace option, there will be a log entry only for sub-assembly and dependent part files, excluding the main assembly file. HCADWCL-255

  6. When an assembly file with a dependent part file is downloaded via the Export from Workspace option, there will be a log entry for the assembly and dependent part files. HCADWCL-256

  7. The incorrect value gets updated in HaloENGINE_Monitor.log file for fname and file type fields while uploading a large assembly file. HCADWCL-257

  8. When you download a top-level ASM file using the Open in Creo option, the label on the top-level file is applied uniformly to all its dependent files. This is the expected behavior. However, if you export the top-level ASM file directly from the Export from Windchill option, the downloaded top-level file and its dependent files will be asymmetric. For example, if an action rule is defined for DRW and PRT file-dependent files, the exported DRW and PRT files are assigned the label specified in the rule engine rather than the label of the top-level file. HCADWCL-512

  9. Although the failover method is enabled, when the primary HaloENGINE is down, the monitor log will not be updated in the secondary HaloENGINE. HCADWCL-673

  10. A file is blocked if the HaloENGINE block action is configured correctly. However, an incorrect message will appear as 'This site can't be reached', and then immediately redirect to the Windchill Error page with the incorrect message. HCADWCL-664

  11. If the Save Structure/Save Representation option is used when downloading a file, the file will be blocked. However, an incorrect message, such as 'This site can't be reached' will appear. HCADWCL-659

Quality Gate Report

Please see the table below for a list of SonarQube's key parameters for this version. Refer to the " Code Quality and Security " section for more information on rating definitions.

Metric

Value

Coverage

81.5%

Maintainability Rating

A

Reliability Rating

A

Security Hotspots Reviewed

A

Security Rating

A

Quality Gate report