Protection and licensing solution from the sensor to the cloud

Today’s software and devices are increasingly connecting with and speaking to each other. But in a connected world, cybersecurity and protection against tampering are becoming paramount in order to safeguard and actually implement these new business models.


This article is contributed by Wibu-Systems                 Download PDF version of this article


Software and firmware used to live in separate worlds, existing in isolation as autonomous entities with fixed and clearly delineated jobs and capabilities. Today’s software and devices are increasingly connecting with and speaking to each other. New software and hardware platforms allow functions to be retrofitted or activated at a later time, as smartphones have shown to great effect. This can make development more efficient, reduce the time to market, and enable novel business models, such as pay-per-use concepts. In this new world, cybersecurity and protection against tampering are becoming paramount in order to safeguard and actually implement these new business models with the commercial effectiveness they deserve.

As more and more devices get connected, all sectors of industry stand to benefit from unparalleled efficiency effects. At the same time, the risk of manipulation increases, e.g. by illicit tampering with device configurations. Data incidents and hacker attacks have become a common experience in almost all sectors of industry. Businesses need to shield themselves against this threat with consistent and effective protections that cover every link in the chain, down to the last endpoint. Protecting sensitive data against theft and manipulation is of no less importance.

Devices can only be meaningfully protected with solutions that offer copy, know-how, and integrity safeguards in combination with flexible licensing capabilities. It does not matter whether diagnostics software on PCs or full-blown embedded applications in medical devices are concerned – at the heart, it is all about software and the data generated and used by it. This data can come in many shapes and sizes, from operating parameters to maintenance instructions and from hardware logs to patients’ data.

The purposes of protection can also be very varied. The makers of devices want to know that their products are shielded against reverse engineering, tampering with their operating settings, and other forms of sabotage down to the level of the code itself.

In order to protect the know-how invested in software, the executable application needs to be encrypted before it is released into the wild. This can mean the full encryption of the entire application, or selective encryption of individual functions. All users receive the same protected software, but, depending on the licenses and entitlements they acquire when purchasing the product, they will get only the keys to the functions they have paid for. Product managers can define the right types of user rights and licenses, be it single user, network, or time-limited licenses. The CodeMeter technology made by Wibu-Systems shows how developers can protect and encrypt their work.

The functions of the devices are realized by separately protected functional blocks that are activated by the right licenses and keys – which can be updated at a later point if need be. This simplifies the production process by reducing the number of variants that need to be made, in turn making inventory, ordering, and logistics processes simpler and easier to handle. On top of simply protecting the intellectual property in the device, these new capabilities help bring down the cost of production.  

Following Kerckhoffs’ principle, the encryption protocols themselves are public knowledge. The only secret piece in the puzzle is the encryption key. These keys need to be kept behind particularly tough safeguards. The optimum protection is offered by hardware key storage with integrated encryption, so-called smart card chips that can withstand even side channel attacks (Differential Power Analysis, DPA).

The keys never need to leave their secure home, and all essential cryptographic operations are conducted on the secure hardware. Alternatively, encrypted license files can be used that work with a fingerprint of the devices they are used on, such as the serial number, a TPM, or other combinations of uniquely identifiable and non-modifiable hardware properties.

An ideal solution is flexible enough to accommodate each platform with a specific custom implementation without compromising on the protection technology, its tools, license models, and formats. Despite all optimization for specific platforms, the entire solution has to remain consistent, using the same API in all cases and only adjusting the active feature set to match the given application.

CodeMeter µEmbedded is a CodeMeter variant made in Standard C and designed for portability, with the lower computing power and often very restricted memory footprint of MCUs in mind. CodeMeter µEmbedded is typically packaged with the development platform for each MCU. For instance, developers can find MCUs packaged with the DAVE™ plug-in, the professional development platform for Infineon XMC4500. This makes it perfectly easy for developers to integrate software protection and licensing capabilities for individual functional blocks. Although CodeMeter µEmbedded has been optimized for the special case of MCUs, it includes the same tools and license distribution processes as e.g. CodeMeter Embedded and CodeMeter Runtime. The advantage is that license definitions can be used across CodeMeter variants. The programming interface represents a subset of CodeMeter Embedded, optimized for MCUs, but coming with the identical API and a specially selected feature set that matches the use case.

CodeMeter Embedded is more versatile than CodeMeter µEmbedded as another CodeMeter flavor realized in Standard C and designed specifically for the requirements of embedded systems. CodeMeter Embedded is highly modular and portable; it is integrated in a range of modern development platforms of several makers, including the VxWorks Workbench by Wind River and CODESYS by 3S-Smart Software Solutions.

CodeMeter Embedded is also used in QNX and embedded Linux systems on various microprocessor architectures like ARM, x86, ia64, and PPC. With its modular and portable architecture, there are also several other custom ports of the solution for additional operating systems, ranging from FreeRTOS to bare metal implementations. CodeMeter Embedded again comes with the same tools and license distribution systems as the other variants. The same license definitions can be used with all of them without requiring any adjustments. The programming interface is a super-set of CodeMeter µEmbedded and a subset of the CodeMeter Runtime API, optimized for embedded devices.

CodeMeter Runtime is the premium product for all off-the-shelf operating systems, including macOS, Windows, and Linux and standard x86 hardware. CodeMeter Runtime is a super-set of CodeMeter µEmbedded and CodeMeter Embedded, offers top ease-of-use, and is delivered only in binary format for use with standard hardware and standard operating systems. Embedded devices that can accommodate this with their hardware can use either CodeMeter Embedded or CodeMeter Runtime. Again, the system offers the same tools and license distribution processes, giving device makers a great choice. As a premium product, CodeMeter Runtime comes with the full set of features of all APIs.

The license management system CodeMeter License Central makes easy work of the creation, management, and distribution of entitlements and licenses. It supports product management with the definition of products and licenses. Product managers can use the established ERP or CRM systems to create orders; an automated interface then initiates the creation of the right licenses in the license management system. Users can, for instance, activate add-on features in online appstore-like portals; this creates a completely new revenue stream for the device makers. Pay-per-use and subscription models are similarly easy to introduce.

As part of the German national reference project for IT security in Industrie 4.0 (IUNO prototype technology data market place that employs all of the elements outlined here has been developed. To give this dry-sounding topic a more appealing presence, the consortium has designed a special cocktail mixer: the cocktail recipes with their exact ingredient lists represent the technology data protected from end-to-end. The system can be transferred to other use cases and is available free of charge at https://github.com/IUNO-TDM. For more details and to see the technology in action, visit the IUNO website: https://iuno.axoom.cloud/en/landingpage/start.

Whenever the security of devices is concerned, there are two sides and two special sets of requirements to be considered. The makers of the devices want to protect their work from reverse engineering and manipulation, keep their know-how secret, and put new business models or logistical advantages to use. The operators or users, on the other hand, care most about the integrity of the devices and the data stored on them or used with them. In order to reconcile these two sides, the most promising choice is a protection concept that can fulfill both types of requirements. Ideally, the chosen concept comes with a fully scalable and seamless technology and toolkit included. Since the licenses or containers are the same whether they be used with CodeMeter Runtime, CodeMeter Embedded, or CodeMeter µEmbedded, CodeMeter is a neatly uniform solution perfectly designed for integration into existing business processes. In a departure from the frustrating patchwork often required for tailoring other solutions to the given circumstances, CodeMeter is simply ready to go to work.

 

DIN-Rail Embedded Computers from MEN Mikro

The DIN-Rail system from MEN is a selection of individual pre-fabricated modules that can variably combine features as required for a range of embedded Rail Onboard and Rail Wayside applications. The ...


Embedded Graphics Accelerates AI at the Edge

The adoption of graphics in embedded and AI applications are growing exponentially. While graphics are widely available in the market, product lifecycle, custom change and harsh operating environments...


ADLINK Optimizes Edge AI with Heterogeneous Computing Platforms

With increasing complexity of applications, no single type of computing core can fulfill all application requirements. To optimize AI performance at the edge, an optimized solution will often employ a...


Synchronized Debugging of Multi-Target Systems

The UDE Multi-Target Debug Solution from PLS provides synchronous debugging of AURIX multi-chip systems. A special adapter handles the communication between two MCUs and the UAD3+ access device and pr...


Smart Panel Fulfills Application Needs with Flexibility

To meet all requirement of vertical applications, ADLINK’s Smart Panel is engineered for flexible configuration and expansion to reduce R&D time and effort and accelerate time to market. The...


AAEON – Spreading Intelligence in the connected World

AAEON is moving from creating the simple hardware to creating the great solutions within Artificial Intelligence and IoT. AAEON is offering the new solutions for emerging markets, like robotics, drone...


ASIC Design Services explains their Core Deep Learning framework for FPGA design

In this video Robert Green from ASIC Design Services describes their Core Deep Learning (CDL) framework for FPGA design at electronica 2018 in Munich, Germany. CDL technology accelerates Convolutional...


Microchip explains some of their latest smart home and facility solutions

In this video Caesar from Microchip talks about the company's latest smart home solutions at electronica 2018 in Munich, Germany. One demonstrator shown highlights the convenience and functionalit...


Infineon explains their latest CoolGaN devices at electronica 2018

In this video Infineon talks about their new CoolGaN 600 V e-mode HEMTs and GaN EiceDRIVER ICs, offering a higher power density enabling smaller and lighter designs, lower overall system cost. The nor...


Analog Devices demonstrates a novel high-efficiency charge pump with hybrid tech

In this video Frederik Dostal from Analog Devices explains a very high-efficiency charge-pump demonstration at their boot at electronica 2018 in Munich, Germany. Able to achieve an operating efficienc...


Microchip demonstrates a flexible motion control platform at electronica

In this video Marcus from Microchip explains a motion control demonstration at their booth at electronica 2018 in Munich, Germany. The demonstration underscores the ability of the solution to rapidly ...


Infineon goes over their latest SiC devices for automotive systems

In this video an Infineon engineer goes over their latest Silicon Carbide (SiC) devices for automotive systems at electronica 2018 in Munich, Germany. Among the devices described are an inverter for a...


Bertrand Lombardo of Honeywell, Sensing requirements of IoT

Bertrand Lombardo, Sales director for EMEA for Honeywell SIOT discusses future sensing trends in relation to IoT at Electronica 2019 with Alix Paultre. Links to more information: Dynamic Hone...


Analog Devices updates their Silent Switcher technology

In this video an FAE from Analog Devices explains the latest version of their Silent Switcher technology, which addresses noise issues in power systems. He describes a live demonstration in their boot...


Western Digital talks about their automotive-grade memory solutions

In this video Martin Booth from Western Digital talks about the company's memory solutions specifically designed for automotive applications and the harsh environments involved. Systems such as ne...


Picotest demonstrates their latest advanced power test solutions

In this video Steve Sandler from Picotest shows us two of the company's latest test solutions at electronica 2018 in Munich, Germany. The first demo is of a micro-Ohm-resolution power rail measure...


STMicro describes their latest smart 48V DC brushless motor driver board

In this video an engineer from STMIcroelectronics explains a motor-driver board setup based on their L9907 smart power device at electronics 2018 in Munich, Germany. Based on BCD-6s technology. the de...


Microchip shows their newest PolarFire FPGAs at electronica 2018

In this video Microchip shows a one of the demos highlighting the capabilities of their newest low-power PolarFire FPGAs at electronica 2018 in Munich, Germany. The demonstration shown here is a kit f...


Western Digital discusses their memory solutions for Cloud-enabled devices

In this video Ze'ev Paas of Western Digital talks to Alix Paultre of Aspencore Media about their latest memory products at electronica 2018 in Munich, Germany. Depending on the application space, ...


Picotest explains a couple of power test systems at electronica 2018

In this video Steve Sandler from Picotest explains a couple of his power test systems at electronica 2018 in Munich, Germany. The first demonstration shows a micro-Ohm measurement system, and the seco...