Ever since software has gained a predominant role in our lives, new revenue streams have been created; at the same time, all countries have been affected by commercial losses due to product, know-how, or data piracy, eroding large chunks of their GDP. In the era of connected devices, as the value in the supply chain is being transferred from hardware to software, the number of counterfeiting, tampering, and espionage incidents is on the rise. Software protection is, therefore, becoming the vital backbone of any mature cybersecurity strategy.
Protecting IP in the IoT with Trusted Computing
By combining endpoint security with skillfully designed licensing models that mirror the success of app stores, software-powered businesses can meet customers’ demands in a granular way and in turn expand their reach globally. In the new economy led by Industrie 4.0, the secure upgradability and updatability of system features and functionalities open the doors for a shorter time to market, adaptive process optimization, and global competitiveness.
How to then protect an application against reverse engineering and counterfeiting, and how to enable new business models with license and entitlement management?
Together with Infineon Technologies, Wibu-Systems has created a two-step process that relies entirely on CodeMeter, the all-in-one technology from Wibu-Systems for the protection of IP and production data designed for intelligent device manufacturers. CodeMeter encrypts software, firmware, and data and creates secure licenses. Hardware secure elements (like industry-grade dongles, memory cards, ASICs, or Trusted Platform Modules) in the target system offer a secure repository where cryptographic keys can be safely stored. All hardware secure elements produced by Wibu-Systems embed a smart card chip from Infineon. The wide range of temperature, humidity, and vibration these security microcontrollers can withstand makes them ideal for ruggedized industrial environments. Their Common Criteria EAL5+ certification provides an additional element of trust for highly sensitive projects.
The protected license associated with individual functions of the software is bound to an OPTIGATM TPM from Infineon. The software would then run only on the IoT device, computer, mobile device, embedded system, or PLC that has been enabled, and provide the functionalities associated with the license, safe from any sort of hacking. The license lifecycle management can also be seamlessly integrated into back-office processes, e.g. ERP, CRM, or e-commerce platforms, to further enhance the monetization process and significantly reduce the bottom line costs related to logistics and service aspects.
The loss of IP can cost companies millions or even jeopardize their actual presence in the market. Hardware secure elements are the vital backbone of cybersecurity. They include dongles, memory cards, ASICs, and TPMs. As part of a cybersecurity initiative of TCG, Infineon and Wibu-Systems are outlining a complete IP protection and licensing process for a thriving business in the IoT age.