Security Hardware Differentiated Through Licensed Software: a High-Tech Manufacturer’s Case Study

Security Hardware Differentiated
Through Licensed Software

High-Tech Manufacturer’s Case Study

Agenda

• CPU Tech Market
• Company Overview
• Product Overview
• Customer Development Cycle
• Flexera Software Licensing to Support Development

Electronics Component Markets
• Semiconductor Markets in 2011, Gartner:
–Overall estimate about $320 Billion
–Processor-based chips: $144 Billion
–Military/Industrial Market, System-on-Chip, 32-bit+: $500
Million, 20% CAGR

• Of the entire semi-conductor market:
“System-on-Chip Products Will Drive Growth”

Numerous Recent Security Threats

Pendulum Swings in Defense Electronics over
Time
Commercial
Military Driven
Proliferation of
Aviation and Auto
Markets Proliferate
IP Protection Market
Performance Concerns
Standards (Anti-Tamper
Dual Use Required)
Components
Custom Proliferate Commercial
Components Full MIL-STD Cryptography
Requirements Proliferates
‘Perry Memo’
COTS and
Open Source Trust
Rise in Intelligence
Concerns
And Cryptography
Defense Open (US Sources
Sources and Required) Defense
Architectures Funding
War-Time Priorities
Mobilization Availability
Concerns
(US Sources
Required)
No Distinct
Military Market

Tech Boom Marginalizes
Military Requirements Commercial Driven
Market

What We Do: Develop Secure and Compatible
Technology
Understanding
how to build
secure systems
CPU Tech’s Proven Approach

CPU Tech
Founded 1989

Understanding
how to design
secure systems
and eliminate
Understanding System vulnerabilities
Vulnerabilities

1980 1985 1990 1995 2000 2005 2010

Who We Are: Products and Services Clients and Partners

• Founded in 1989 with a vision of making compatible System-on-a-
Chip (SoC) technology economically practical

• CPU Tech produces the Acalis® family of
Secure Processors that protect software and
systems from reverse engineering

• CPU Tech offers secure processing implementation services to
assist customers in achieving security goals and certifications

• Veteran Owned, Small Business, Headquartered in Pleasanton, CA
– Rep Firms across America

Acalis® CPU872 Secure Processor
• Multi-Core Device with Integrated
Security Processor & Offload
Engines
• IBM Trusted Foundry
• Extensive, Multi-Layered Security to
Protect Against Reverse Engineering
• Two Complete PowerPC® Nodes
• Scalable without Additional Devices
• Power Efficient Processing

Acalis® Development Environment

H Acalis® CPU872 H Acalis® EB872
Secure Processor Evaluation
Board

S Security Processor API T Acalis®
Software
Development Kit

T Acalis
S Embedded RTOS/OS SentryTM H Hardware: Devices & Boards

S Software: Embedded User Software

T Development Tools: Software Developer & Security Engineer Tools

Acalis Sentry™ Advantages

• Graphical User Interface: Offers menu-driven, easy-to-use security
configuration

• Secure Data Transfer: Mocana SSL data security and authentication

• Security Engineer Role: Clearly separates security role from software
developer role

• Access Rules: Provides clear implementation of settings on chip firewalls
between processors, IO, and on-chip/off-chip memory

• Trusted Source Environment: Adds hardware trust to your design environment
in critical areas of encryption key and boot code management

How Acalis Sentry™ Works
Acalis® Design Environment

Acalis Sentry™ Management Console Acalis® IDE

Network

Sentry Connection –

Security Config
– Sentry Connection

S/W Encryption
Boot Image

AEC+AES
Encrypted
Image

Acalis Sentry™

The Role of a Security Engineer
• Current Role/Responsibilities
Acalis Sentry™ Management Console – Deeply embedded in software design
– Line-by-line verification
– Constant revision of design practices

With Acalis SentryTM Security Server…

• New Role/Responsibilities
– Security separated from software design
– Menu-defined security decisions
– Clearly defined constraints for software
designers
– Simplifies „what-if‟ scenarios when changing
security requirements

Defense Acquisition Process
Programs have extensive Government reviews and milestones

Phases of Defense Customer Development

Design
System
Requirements System Design and Integration Manufacturing/Support
Test
Prototype

• This Life-Cycle can be 5-10 Years for Defense Programs
• The Full Function of Acalis Sentry not Required in All Phases
• There are sometimes security concerns in design
– Not everyone in integration, test, or manufacturing need to understand sensitive design
details
– Some security settings are „locked down‟ for the remainder of the program
– Some programs „compartmentalized‟, where engineers and users have different accesses

Supply Chain Security

• The fact that „Supply Chain‟ pieces are now global is a concern to some
defense officials
• White House Issued „Comprehensive National Cyber Security Initiative‟
(CNCI) and Declassified in 2010
• Part of the CNCI is Supply Chain Security:
– “Risks stemming from both the domestic and globalized supply chain must be managed in a
strategic and comprehensive way over the entire lifecycle of products, systems and services. “
– CNCI Initiative #11

Acalis Sentry is a customer offering by CPU Tech to help secure the
supply chain in the development process through
role and feature based licensing

Overview of Flexera Software Capabilities
• CPU Tech currently utilizing several Flexera Software products

• For the Acalis Sentry, using:
– FlexNet Embedded
– FlexNet Operations

• This enables us to license several different „subscription
licenses‟ to Acalis Sentry all from the same secure hardware

CPU Tech’s Business Challenges

• Both desktop and embedded software provide different levels of
functionality, operations, and security
• Need to offer feature-based and role-based licensing and
pricing models to our customers
• Need to provide embedded-node-locked and floating licensing
capability
• Need to offer both off-line (for machines operating in a classified
area) and web-based activation options to our customers
• Need to be able to automate the activation process

CPU Tech’s Evaluation Criteria in Selecting
FlexNet Producer Suite
• Appropriate and adequate cryptographic encryption for license
key protection and storage
• Small memory footprint
• Supported our processor architecture
• Supported embedded OS‟s (OS independent, and easy to port)
• Supported programming language
• Performance and reliability
• Easy to manage and track the license entitlement
• License activation automation
• Integration with other management systems, such as
SalesForce
• Total Cost of Ownership

Example Use Case of FlexNet Technology Embedded in
Acalis Sentry
Admin Developer Security
How License
Acalis® EB872
Engineer Works
Evaluation Board
 License Resides
in Bootable
Embedded
Software
 Determines
Accesses and
Privileges Based
Active on Edition
License
 License pre-
installed or
updated by user
Manufacturing
Acalis SentryTM

Future Capabilities Enabled by FlexNet Embedded

Admin Developer Security Engineer
Acalis® EB872
Options:
Evaluation Board
 Off-line activation
locked to device
 Floating license
on a license
server
 Provisioning
server to
Provisioning or automate the
Generated License
license update
 Web-based
license activation
Acalis SentryTM Acalis SentryTM Manufacturing

Role and Mode Rules for Acalis Sentry

Roles Needed in Acalis Sentry: Design Phases for Acalis Sentry:
• Administrator: Sets passwords, • Development: This encompasses all
administrative options, license software development, requires
activities multiple changes and security settings
• Developer: Provides mission • Test/Integration: This phase requires
embedded software, final embedded some controlled code and security
images setting changes
• Security Engineer: Sets security • Manufacturing: This phase requires
settings in secure processor no code changes, but controls sensitive
• Manufacturer: Final distributor of image distribution
encrypted bootable image • Support: This phase typically involves
only documentation, audit, reports

Matching Roles/Modes to Customer Design Model

Design
System
Requirements System Design and Integration Manufacturing/Support
Test
Prototype

Full Sentry
Assembly Creation
Results in
Manufacturing
Four
Static
‘Subscription Assembly
Licenses’ Full Sentry Creation Manufacturing Static
• Admin, Developer, • Admin, Developer, • Admin, • Admin, Security
Security Engineer, Security Engineer Manufacturing Engineer
Manufacturing
• New images result • Unchanging • Security audit only –
• Full spectrum of
from debug image(s) being keeps production
design space changes installed floor intact, no other
needed functions

Matrix of Features to Subscription Licenses
Assembly
FeaturesSubscriptions Full Manufacturing Static
Creation
Product Activation √ √ √ √
Configuration (locking/unlocking,
network) √ √ √ √
Licensing (activation, update) √ √ √ √
Field Upgrade √ √ √ √
Tamper and Activity Log (storing,
retrieving) √ √ √ √
Device Sanitization √ √ √ √
Access Configuration (user group,
users) √ √ √ √
Security Configuration (firewall, key,
event log) √ √ √ √
Assembly Creation √ √
Assembly Upgrade √ √
Target Activity Log Retrieval √ √ √ √
Manufacturing Process √ √ √

Features, Subscriptions, and Roles – Security Engineer
Assembly
Creation
network)
Licensing (activation, update)

retrieving)
Device Sanitization
users)
event log) √ √ √ √
Target Activity Log Retrieval √ √ √ √

Features, Subscriptions, and Roles – Administrator
Assembly
Creation
network) √ √ √ √
Licensing (activation, update) √ √ √ √
retrieving) √ √ √ √
Device Sanitization √ √ √ √
users) √ √ √ √
event log)
Assembly Creation

Assembly Upgrade

Target Activity Log Retrieval

Manufacturing Process

Features, Subscriptions, and Roles – Developer
Assembly
Creation
Product Activation
network)

Field Upgrade
retrieving)
Device Sanitization
users)
event log)
Target Activity Log Retrieval √ √
Manufacturing Process

Features, Subscriptions, and Roles – Manufacturer
Assembly
Creation
Product Activation
network)

Field Upgrade
retrieving)
Device Sanitization
users)
event log)
Assembly Creation

Assembly Upgrade

Target Activity Log Retrieval √ √

Cost Advantages of Flexera Software Licensing
Model in Sentry
• Reduces Manufacturing Cost (Single Version of Hardware)
• Adds a Valuable Security Layer in User Activation
• Operational Savings in Ease up Upgrade/Downgrade
• Flexibility allows CPU Tech to Tailor Subscription Licenses to
Customer
• Protects CPU Tech and Customer Intellectual Property
• Gets us Faster to Market, as we are only limited by hardware
schedule

Example Cost Model to Customer
Cost model allows customers to customize their licensing
package and increase design security

Design and System
Requirements System Design Integration Manufacturing/Support
Prototype Test

Full Sentry
Assembly Creation
Manufacturing
Example: Static
– Two Yrs Fully Sentry (2 x $A)
– Two Yrs Assembly Creation (2 x $B)
– Three Yrs Manufacturing (3 x $C)
– Five Yrs Static (5 x $D)
Total Cost: $XYZ

Summary
• Flexible Licensing helps customer with life-cycle security
• Allows for cost and revenue model that matches customer
process
• Much of what were security „rules‟ to be enforced through audit
are now enforced by fiat
• Customers can play by our licensing rules within their secure
facilities
• Provides flexibility, cost reduction, and ease of
upgrade/downgrade
• Offers protection for intellectual property and revenue

Security Hardware Differentiated Through Licensed Software: a High-Tech Manufacturer’s Case Study

Recommended

Recommended

More Related Content

Viewers also liked

Viewers also liked (20)

Similar to Security Hardware Differentiated Through Licensed Software: a High-Tech Manufacturer’s Case Study

Similar to Security Hardware Differentiated Through Licensed Software: a High-Tech Manufacturer’s Case Study (20)

More from Flexera

More from Flexera (20)

Recently uploaded

Recently uploaded (20)

Security Hardware Differentiated Through Licensed Software: a High-Tech Manufacturer’s Case Study