Protection and licensing solution from the sensor to the cloud

Today’s software and devices are increasingly connecting with and speaking to each other. But in a connected world, cybersecurity and protection against tampering are becoming paramount in order to safeguard and actually implement these new business models.


This article is contributed by Wibu-Systems                 Download PDF version of this article


Software and firmware used to live in separate worlds, existing in isolation as autonomous entities with fixed and clearly delineated jobs and capabilities. Today’s software and devices are increasingly connecting with and speaking to each other. New software and hardware platforms allow functions to be retrofitted or activated at a later time, as smartphones have shown to great effect. This can make development more efficient, reduce the time to market, and enable novel business models, such as pay-per-use concepts. In this new world, cybersecurity and protection against tampering are becoming paramount in order to safeguard and actually implement these new business models with the commercial effectiveness they deserve.

As more and more devices get connected, all sectors of industry stand to benefit from unparalleled efficiency effects. At the same time, the risk of manipulation increases, e.g. by illicit tampering with device configurations. Data incidents and hacker attacks have become a common experience in almost all sectors of industry. Businesses need to shield themselves against this threat with consistent and effective protections that cover every link in the chain, down to the last endpoint. Protecting sensitive data against theft and manipulation is of no less importance.

Devices can only be meaningfully protected with solutions that offer copy, know-how, and integrity safeguards in combination with flexible licensing capabilities. It does not matter whether diagnostics software on PCs or full-blown embedded applications in medical devices are concerned – at the heart, it is all about software and the data generated and used by it. This data can come in many shapes and sizes, from operating parameters to maintenance instructions and from hardware logs to patients’ data.

The purposes of protection can also be very varied. The makers of devices want to know that their products are shielded against reverse engineering, tampering with their operating settings, and other forms of sabotage down to the level of the code itself.

In order to protect the know-how invested in software, the executable application needs to be encrypted before it is released into the wild. This can mean the full encryption of the entire application, or selective encryption of individual functions. All users receive the same protected software, but, depending on the licenses and entitlements they acquire when purchasing the product, they will get only the keys to the functions they have paid for. Product managers can define the right types of user rights and licenses, be it single user, network, or time-limited licenses. The CodeMeter technology made by Wibu-Systems shows how developers can protect and encrypt their work.

The functions of the devices are realized by separately protected functional blocks that are activated by the right licenses and keys – which can be updated at a later point if need be. This simplifies the production process by reducing the number of variants that need to be made, in turn making inventory, ordering, and logistics processes simpler and easier to handle. On top of simply protecting the intellectual property in the device, these new capabilities help bring down the cost of production.  

Following Kerckhoffs’ principle, the encryption protocols themselves are public knowledge. The only secret piece in the puzzle is the encryption key. These keys need to be kept behind particularly tough safeguards. The optimum protection is offered by hardware key storage with integrated encryption, so-called smart card chips that can withstand even side channel attacks (Differential Power Analysis, DPA).

The keys never need to leave their secure home, and all essential cryptographic operations are conducted on the secure hardware. Alternatively, encrypted license files can be used that work with a fingerprint of the devices they are used on, such as the serial number, a TPM, or other combinations of uniquely identifiable and non-modifiable hardware properties.

An ideal solution is flexible enough to accommodate each platform with a specific custom implementation without compromising on the protection technology, its tools, license models, and formats. Despite all optimization for specific platforms, the entire solution has to remain consistent, using the same API in all cases and only adjusting the active feature set to match the given application.

CodeMeter µEmbedded is a CodeMeter variant made in Standard C and designed for portability, with the lower computing power and often very restricted memory footprint of MCUs in mind. CodeMeter µEmbedded is typically packaged with the development platform for each MCU. For instance, developers can find MCUs packaged with the DAVE™ plug-in, the professional development platform for Infineon XMC4500. This makes it perfectly easy for developers to integrate software protection and licensing capabilities for individual functional blocks. Although CodeMeter µEmbedded has been optimized for the special case of MCUs, it includes the same tools and license distribution processes as e.g. CodeMeter Embedded and CodeMeter Runtime. The advantage is that license definitions can be used across CodeMeter variants. The programming interface represents a subset of CodeMeter Embedded, optimized for MCUs, but coming with the identical API and a specially selected feature set that matches the use case.

CodeMeter Embedded is more versatile than CodeMeter µEmbedded as another CodeMeter flavor realized in Standard C and designed specifically for the requirements of embedded systems. CodeMeter Embedded is highly modular and portable; it is integrated in a range of modern development platforms of several makers, including the VxWorks Workbench by Wind River and CODESYS by 3S-Smart Software Solutions.

CodeMeter Embedded is also used in QNX and embedded Linux systems on various microprocessor architectures like ARM, x86, ia64, and PPC. With its modular and portable architecture, there are also several other custom ports of the solution for additional operating systems, ranging from FreeRTOS to bare metal implementations. CodeMeter Embedded again comes with the same tools and license distribution systems as the other variants. The same license definitions can be used with all of them without requiring any adjustments. The programming interface is a super-set of CodeMeter µEmbedded and a subset of the CodeMeter Runtime API, optimized for embedded devices.

CodeMeter Runtime is the premium product for all off-the-shelf operating systems, including macOS, Windows, and Linux and standard x86 hardware. CodeMeter Runtime is a super-set of CodeMeter µEmbedded and CodeMeter Embedded, offers top ease-of-use, and is delivered only in binary format for use with standard hardware and standard operating systems. Embedded devices that can accommodate this with their hardware can use either CodeMeter Embedded or CodeMeter Runtime. Again, the system offers the same tools and license distribution processes, giving device makers a great choice. As a premium product, CodeMeter Runtime comes with the full set of features of all APIs.

The license management system CodeMeter License Central makes easy work of the creation, management, and distribution of entitlements and licenses. It supports product management with the definition of products and licenses. Product managers can use the established ERP or CRM systems to create orders; an automated interface then initiates the creation of the right licenses in the license management system. Users can, for instance, activate add-on features in online appstore-like portals; this creates a completely new revenue stream for the device makers. Pay-per-use and subscription models are similarly easy to introduce.

As part of the German national reference project for IT security in Industrie 4.0 (IUNO prototype technology data market place that employs all of the elements outlined here has been developed. To give this dry-sounding topic a more appealing presence, the consortium has designed a special cocktail mixer: the cocktail recipes with their exact ingredient lists represent the technology data protected from end-to-end. The system can be transferred to other use cases and is available free of charge at https://github.com/IUNO-TDM. For more details and to see the technology in action, visit the IUNO website: https://iuno.axoom.cloud/en/landingpage/start.

Whenever the security of devices is concerned, there are two sides and two special sets of requirements to be considered. The makers of the devices want to protect their work from reverse engineering and manipulation, keep their know-how secret, and put new business models or logistical advantages to use. The operators or users, on the other hand, care most about the integrity of the devices and the data stored on them or used with them. In order to reconcile these two sides, the most promising choice is a protection concept that can fulfill both types of requirements. Ideally, the chosen concept comes with a fully scalable and seamless technology and toolkit included. Since the licenses or containers are the same whether they be used with CodeMeter Runtime, CodeMeter Embedded, or CodeMeter µEmbedded, CodeMeter is a neatly uniform solution perfectly designed for integration into existing business processes. In a departure from the frustrating patchwork often required for tailoring other solutions to the given circumstances, CodeMeter is simply ready to go to work.

 

Perfect Motion Control For the Networked World

We live in a physical world where everything is connected. Trinamic transforms digital information into physical motion with accessible, flexible, and easy to use toolkits putting the world’s be...


New High-Performance Serial NAND: A Better High-Density Storage Option for Automotive Display

The automotive requirements: speed, reliability and compatibility. Winbond's high-performance serial NAND Flash technology offers both cost and performance advantages over the SPI NOR Flash typica...


President Tung-Yi talks about Winbond

Winbond is a leading specialty memory solution provider with a wide rage of product portfolio. Owned technology and innovation are our assets for our industry and our customers. Winbond we are high qu...


New Memory and Security Technologies for Designers of IoT Devices

Internet of Things (IoT) edge nodes are battery-powered, often portable, and are connected to an internet gateway or access point wirelessly. This means that the most important constraints on new I...


Winbond TrustMe Secure Flash - A Robust and Certifiable Secure Storage Solution

Winbond has introduced the TrustMe secure flash products to address the challenge of combining security with advanced process nodes and remove the barriers for adding secure non-volatile storage to pr...


Ultra-Low-Power DRAM: A “Green” Memory in IoT Devices

Winbond is offering a new way to extend the power savings available from Partial Array Self-Refresh (PASR), which was already specified in the JEDEC standard by implementing a new Deep Self-Refresh (D...


Polytronics Thermal Conductive Board (TCB) at Electronica 2018

This video introduce the basic product structure, advantage, and application of Polytronics thermal conductive board (TCB). Polytronics exhibit wide range of circuit protection products and thermal ma...


Arrow and Analog Devices strategic partnership and collaborative approach to provide solutions for our customers.

Mike Britchfield (VP for EMEA Sales) talks about why Analog Devices have a collaborative approach with Arrow Arrow’s design resources are key, from regional FAEs in the field to online des...


WE MAKE IT YOURS! Garz & Fricke to present the latest HMIs and SBCs at Electronica 2018

Sascha Ulrich, Head of Sales at Garz & Fricke, gives you a quick overview about the latest SBC, HMI and Panel-PC Highlights at electronica 2018. Learn more about the SANTOKA 15.6 Outdoor HMI, the ...


Macronix Innovations at electronica 2018

Macronix exhibited at electronica 2018 to showcase its latest innovations: 3D NAND, ArmorFlash secure memory, Ultra Low Vcc memory, and the NVM solutions with supreme quality mainly focusing on Automo...


ams CEO talks about their sensor solutions that define the mega trends of the future

In this video Alexander Everke, ams’ CEO, talks to Alix Paultre of EETimes about their optical, imaging and audio sensor solutions in fast-growing markets – from smartphones, mobile device...


Intel accelerated IoT Solutions by Arrow

Arrow is showing Intel’s Market Ready Solutions in a Retailer shop with complete eco environment. From sensors via gateways into the cloud, combined with data analytics, the full range of Intel ...


CSTAR - Manufacturers of cable assembly from Taiwan

CSTAR was founded in 2010 in Taipei, Taiwan. Through years of experience, we are experts in automotive products, LCD displays, LCD TVs, POS, computers, projectors, laptops, digital cameras, medical ca...


NXP Announces LPC5500 MCU Series

Check this video to discover the new NXP microcontroller LPC5500, the target application and focus area. Links to more information: LPC5500 Series: World’s First Arm® Cortex® -M...


Molex Meets Solutions at Electronica

These are exciting times in the electronics world as Molex migrates from a pure connectors company to an innovate solutions provider. Solutions often start at the component level, such as the connecto...


Alix Paultre investigates Bulgin's new optical fiber rugged connector range at Electronica 2018

Alix Paultre interviews Bulgin's Engineering Team Leader Christian Taylor to find out more about the company's new range of optical fiber connectors for harsh environments. As the smallest rug...


Cypress MCU and Connectivity are the best choice for real-world IoT solutions.

Cypress’ VP of Applications, Alan Hawse, explains why people should use Cypress for their IoT connectivity and MCU needs. Cypress wireless connectivity and MCU solutions work robustly and sea...


Chant Sincere unveils their latest High Speed/High Frequency connection solutions at Electronica 2018

Chant Sincere has been creating various of product families to provide comprehensive connection solutions to customers. USB Series Fakra Series QSFP Series Metric Connector Series Fibro ...


Addressing the energy challenge of IoT to unleash billions of devices

ON Semiconductor introduces various IoT use cases targeted towards smart homes/buildings, smart cities, industrial automation and medical applications on node-to-cloud platforms featuring ultra-low po...


ITECH, world leading manufacturer of power test instruments, shinned on electronica 2018

ITECH, as the leading power electronic instruments manufacturer, attended this show and brought abundant test solutions, such as automotive electronics, battery test, solar array simulator, and electr...


ITECH new series give users a fantastic user experience

ITECH latest series products have a first look at the electronics 2018, such as IT6000B regenerative power system, IT6000C bi-directional programmable DC power supply, IT6000D high power programmable ...


SOTB™ Process Technology - Energy Harvesting in Embedded Systems is Now a Reality

Exclusive SOTB technology from Renesas breaks the previous trade-off between achieving either low active current or low standby current consumption – previously you could only choose one. With S...


Power Integrations unveils their new motor control solution

In this video friend of the show Andy Smith of Power Integrations talks to Alix Paultre from Aspencore Media about their new BridgeSwitch ICs, which feature high- and low-side advanced FREDFETs (Fast ...


Panasonic talks about their automotive technology demonstrator

In this video Marco from Panasonic walks Alix Paultre of Aspencore Media through their automotive technology demonstrator at electronica 2018. The demonstrator highlights various vehicle subsystems an...