byte EthernetMacsecSecureEntity.RegisterOnBeforeSendMKPDU(functionPtr callback);

dword OnBeforeSendMKPDU(EthernetMacsecSecureEntity, EthernetPacket*)

EthernetMacsecSecureEntity secY1;
secY1 = ethGetMacsecSecureEntity(ethernetport::Ethernet1::Port1);
if (secY1.isValid)
{
  secY1.RegisterOnBeforeSendMKPDU(ProcessMKPDU);
}

dword ProcessMKPDU(EthernetMacsecSecureEntity secy, EthernetPacket* packet)
{
  if (packet.mka.IsAvailable())
  {
    // invert the bytes of the MKPDU’s ICV
    byte disturbData[16];
    int i;
    packet.mka.icv.GetData(0, disturbData, 16);
    for (i=0;i<16;i++)
    {
      disturbData[i] = ~disturbData[i];
    }
    packet.mka.icv.SetData(0, disturbData, 16);
  }
  return 1; // MKPDU shall be transmitted
}