Steve,
I pretty much agree with all your comments here, but I did want to add a few things.
The OP worried me a little with the framing of the question, as the information could be used for various nefarious purposes. Locking the processor may be a necessary option, but not deleting the code contained within.
I do not believe that programmed shutdowns are a viable protection scheme if the processor is controlling real-word I/O... triggering an orderly, safe shutdown has the potential of costing a client a lot of money, and raises all kinds of legal issues that I would not wish to confront. Triggering a processor fault by deleting a running program could be deadly.
The A/B line password protection scheme will not allow anyone to view or download the code without an identical off-line version of the program residing at the workstation. Therefore, copying is effectively prohibited.
We 'usually' provide the programming for all clients, as it is often very valuable for them to have access in order to troubleshoot issues. Newer versions of RSLinx alone will allow looking into the data registers, and if documentation is provided, many times that's enough to pin-point problems.
As you said, there is too much work around to worry about nutty schemes insuring payment... you just do business with those who will pay for your effort.
Jake