What is your first line of defense against cyberattacks? Secure endpoints! Endpoints are everywhere in the IIoT landscape. Without proper security, Industrial Internet of Things (IIoT) systems are not trustworthy, putting organizations, their missions and the greater public at increased risk. The viability of the IIoT depends on proper implementation of security to counter the growing and ever changing threats that are emerging.
Addressing this challenge is critical to the success of the Industrial IoT, Industrie 4.0 and the Industrial Internet revolution. To that end, Industrial Internet Consortium members have developed a common security framework and an approach to assess cybersecurity in Industrial Internet of Things systems: The Industrial Internet Security Framework (IISF).
Watch the webinar: https://youtu.be/t0GC4Fp-NXQ
Overload: Critical Lessons from 15 Years of ICS VulnerabilitiesTripwire
In this presentation, FireEye's Allison Wong discusses the fundamentals of industrial cybersecurity and the evolving threat environment, while offering practical advice to protect industrial control systems, endpoints and networks.
IoT Security: Debunking the "We Aren't THAT Connected" MythSecurity Innovation
In a world where convenience is key, consumers are adopting every new connected device that hits the shelves - and doing so with the assumption that due diligence security has been considered. But recent IoT attacks suggest otherwise.
As organizations migrate from a primarily offline to online business model, they are failing to consider IoT’s unique threats which traditional solutions are unable to secure. As a result, steps must be taken to ensure that the device, connections and infrastructure are hardened, especially software which runs IoT devices and is the source of ~90% of attacks.
This webinar is ideal for risk, technology, and security professionals that want to understand why a hacker would want to attack their “harmless” IoT device and what the stealth risk to their organization and consumers is.
Topics covered include:
- IoT security – why it’s so different….and tough
- The IoT ecosystem and attack surface
- Managing liability - IoT risks to consumers and vendors
- Auditing IoT software development
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdprUlf Mattsson
Do you have a GDPR Roadmap?
- How to measure Cybersecurity Preparedness
- Oversight of Third Parties
- Related International Standards
- Killing Cloud Quickly?
Technology aspects:
- International/EU PII Customer Case Studies
- Available Data Protection Options
- How to Integrate Security into Application Development
- Security Metrics
Overload: Critical Lessons from 15 Years of ICS VulnerabilitiesTripwire
In this presentation, FireEye's Allison Wong discusses the fundamentals of industrial cybersecurity and the evolving threat environment, while offering practical advice to protect industrial control systems, endpoints and networks.
IoT Security: Debunking the "We Aren't THAT Connected" MythSecurity Innovation
In a world where convenience is key, consumers are adopting every new connected device that hits the shelves - and doing so with the assumption that due diligence security has been considered. But recent IoT attacks suggest otherwise.
As organizations migrate from a primarily offline to online business model, they are failing to consider IoT’s unique threats which traditional solutions are unable to secure. As a result, steps must be taken to ensure that the device, connections and infrastructure are hardened, especially software which runs IoT devices and is the source of ~90% of attacks.
This webinar is ideal for risk, technology, and security professionals that want to understand why a hacker would want to attack their “harmless” IoT device and what the stealth risk to their organization and consumers is.
Topics covered include:
- IoT security – why it’s so different….and tough
- The IoT ecosystem and attack surface
- Managing liability - IoT risks to consumers and vendors
- Auditing IoT software development
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdprUlf Mattsson
Do you have a GDPR Roadmap?
- How to measure Cybersecurity Preparedness
- Oversight of Third Parties
- Related International Standards
- Killing Cloud Quickly?
Technology aspects:
- International/EU PII Customer Case Studies
- Available Data Protection Options
- How to Integrate Security into Application Development
- Security Metrics
#OSSPARIS19 : The evolving (IoT) security landscape - Gianluca Varisco, ArduinoParis Open Source Summit
IoT is at the peak of the hype cycle - what they call the 'Peak of Inflated Expectations’. The complexity of the cybersecurity landscape is at an all-time high, with security researchers, vendors and even governments all trying to come to a consensus for making the cyber-world a safer place. In this world of lightning-fast development cycles, it may intuitively feel like security gets left behind. The battle over standards is always a struggle. The unresolved problem of software updates and short vendor support cycle combined with the lack of effort into security makes these devices an easy target. Companies not only need to update their technology stack for the evolving security landscape but also their mindset, processes and culture. This talk will shine a light on some of the challenges that today’s executives face in finding and fixing systemic problems in and outside of security through people, tools and understanding.
The security story behind critical industrial networks odix (ODI LTD)
ICS, Industrial control systems, are required to adopt unique methods when it comes to protect their networks from cyber attacks,
Dr. Oren Eytan, ODI CEO share his vision, thoughts and experience at the CPX 2019 (Checkpoint experience) conference in Vienna
In a world ever more connected to the internet, Security should be paramount. However, to keep pace with the new trends and technologies, companies and individuals, overlook the importance of security and the risks this poses.
In this presentation we discuss the Internet of Things (IoT) and the concept of Bring Your Own Device (BYOD) and the security challenges and risks they can be to companies, systems, and ultimately to the mainframe.
Andrew Ginter, Waterfall's VP Industrial Security speaks to three networks at the DHS ICSJWG 2019 event in Springfield, MA. Secure sites, however, generally do not use three security standards - two are unavoidable and three is two too many.
odix introduction ransomware prevention in WFH reality 2020odix (ODI LTD)
With a growing number of companies shifting to WFH (work from home) reality, digital channels becomes the major engagement path in certain circumstances such as hurricane, typhoon or global pandemic like the COVID 19.
It's also the time for hackers who find great opportunities to attack companies.
Karen Worstell, CEO at W.Risk Group leading a comprehensive session about WFH security strategies at the Cyberhub virtual summit.
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...PECB
The webinar covers:
• Development and implementation of ICS Security Management System
• Using ISO 27001 as the ISMS fundamental platform
• NIST SP 800-82 usage as the audit platform against ICS object
Presenter: Pedro Putu Wirya, an IT and ICS Security Consultant with an extensive experience in ISMS.
Link of the recorded session published on YouTube: https://youtu.be/iuI2QYsUYZQ
IIoT solutions are providing operators with massive volumes of data while making it easier to apply them to improvements in quality and efficiency. However, the cybersecurity risk to IIoT solutions is often overlooked. Many IIoT devices reside on networks that use open connections such as Wi-Fi, cellular, or satellite. Those could inadvertently increase an ICS threat surface.
Participants in this session will learn how to configure new and existing IIoT devices in a manner that will continue providing the value of the IIoT solution while reducing the exposure to cyberattacks. Guidelines will also be provided in cases of IIoT devices, which do provide inherent security configuration options.
Augmentation of a SCADA based firewall against foreign hacking devices IJECEIAES
An Industrial firewall is a system used to supervise and regulate traffic to and from a network for the purpose of securing appliances on a network. It analyzes the data passing through it to an already defined surveillance criteria or protocols, discarding data that does not meet the protocol’s requirements. In effect, it is a filter preventing undesirable network traffic and selectively limiting the type of transmission that occurs between a secured transmission line. In this research paper a SCADA based Firewall is implemented for protection of the data transmission to a PLC, against external hacking devices. This firewall is virtually exposed to several external hackers and the degree of vulnerability is carefully studied, in order to develop an ideal Firewall.
Innovative software solutions for industry 4.0 (English+Mandarin)Ishay Tentser
Covering different topics(software and hardware) of Industry 4.0 including AI, BigData, ML, Blockchain, IoT,5G. Human-machine interaction, cybersecurity.
Marcellus Buchheit (Wibu-Systems) and Terrence Barr (Electric Imp) talk about how to secure IIoT endpoints, why they are so vital to secure, and how the Industrial Internet Security Framework (IISF) can help. This talk was given during a webinar as part of the #IICSeries, a continuous series of webinars on the industrial internet hosted by the Industrial Internet Consortium.
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...team-WIBU
An attack to an Industrial Internet of Things (IIoT) system typically starts with an attack on one or more endpoints.
As defined by the Industrial Internet Consortium (IIC), an endpoint is a component that has an interface for network communication and it can be of various types, including a device endpoint or an endpoint that provides cloud connectivity.
Endpoints are the only place in an IIoT system where execution code is stored, started and updated and data is stored, modified or applied. In many cases, an attacker will, therefore, try to access the execution code and attack the weakest point in the devices’ security implementation, then modify or replace the execution code with malicious intent.
The IIC has recently presented an endpoint protection/security model and policy in its Industry Internet Security Framework (IISF) document. The technical report is an in-depth cross-industry-focused security framework reflecting thousands of hours of knowledge and experiences from security experts, collected, researched and evaluated for the benefit of all IIoT system deployments.
#OSSPARIS19 : The evolving (IoT) security landscape - Gianluca Varisco, ArduinoParis Open Source Summit
IoT is at the peak of the hype cycle - what they call the 'Peak of Inflated Expectations’. The complexity of the cybersecurity landscape is at an all-time high, with security researchers, vendors and even governments all trying to come to a consensus for making the cyber-world a safer place. In this world of lightning-fast development cycles, it may intuitively feel like security gets left behind. The battle over standards is always a struggle. The unresolved problem of software updates and short vendor support cycle combined with the lack of effort into security makes these devices an easy target. Companies not only need to update their technology stack for the evolving security landscape but also their mindset, processes and culture. This talk will shine a light on some of the challenges that today’s executives face in finding and fixing systemic problems in and outside of security through people, tools and understanding.
The security story behind critical industrial networks odix (ODI LTD)
ICS, Industrial control systems, are required to adopt unique methods when it comes to protect their networks from cyber attacks,
Dr. Oren Eytan, ODI CEO share his vision, thoughts and experience at the CPX 2019 (Checkpoint experience) conference in Vienna
In a world ever more connected to the internet, Security should be paramount. However, to keep pace with the new trends and technologies, companies and individuals, overlook the importance of security and the risks this poses.
In this presentation we discuss the Internet of Things (IoT) and the concept of Bring Your Own Device (BYOD) and the security challenges and risks they can be to companies, systems, and ultimately to the mainframe.
Andrew Ginter, Waterfall's VP Industrial Security speaks to three networks at the DHS ICSJWG 2019 event in Springfield, MA. Secure sites, however, generally do not use three security standards - two are unavoidable and three is two too many.
odix introduction ransomware prevention in WFH reality 2020odix (ODI LTD)
With a growing number of companies shifting to WFH (work from home) reality, digital channels becomes the major engagement path in certain circumstances such as hurricane, typhoon or global pandemic like the COVID 19.
It's also the time for hackers who find great opportunities to attack companies.
Karen Worstell, CEO at W.Risk Group leading a comprehensive session about WFH security strategies at the Cyberhub virtual summit.
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...PECB
The webinar covers:
• Development and implementation of ICS Security Management System
• Using ISO 27001 as the ISMS fundamental platform
• NIST SP 800-82 usage as the audit platform against ICS object
Presenter: Pedro Putu Wirya, an IT and ICS Security Consultant with an extensive experience in ISMS.
Link of the recorded session published on YouTube: https://youtu.be/iuI2QYsUYZQ
IIoT solutions are providing operators with massive volumes of data while making it easier to apply them to improvements in quality and efficiency. However, the cybersecurity risk to IIoT solutions is often overlooked. Many IIoT devices reside on networks that use open connections such as Wi-Fi, cellular, or satellite. Those could inadvertently increase an ICS threat surface.
Participants in this session will learn how to configure new and existing IIoT devices in a manner that will continue providing the value of the IIoT solution while reducing the exposure to cyberattacks. Guidelines will also be provided in cases of IIoT devices, which do provide inherent security configuration options.
Augmentation of a SCADA based firewall against foreign hacking devices IJECEIAES
An Industrial firewall is a system used to supervise and regulate traffic to and from a network for the purpose of securing appliances on a network. It analyzes the data passing through it to an already defined surveillance criteria or protocols, discarding data that does not meet the protocol’s requirements. In effect, it is a filter preventing undesirable network traffic and selectively limiting the type of transmission that occurs between a secured transmission line. In this research paper a SCADA based Firewall is implemented for protection of the data transmission to a PLC, against external hacking devices. This firewall is virtually exposed to several external hackers and the degree of vulnerability is carefully studied, in order to develop an ideal Firewall.
Innovative software solutions for industry 4.0 (English+Mandarin)Ishay Tentser
Covering different topics(software and hardware) of Industry 4.0 including AI, BigData, ML, Blockchain, IoT,5G. Human-machine interaction, cybersecurity.
Marcellus Buchheit (Wibu-Systems) and Terrence Barr (Electric Imp) talk about how to secure IIoT endpoints, why they are so vital to secure, and how the Industrial Internet Security Framework (IISF) can help. This talk was given during a webinar as part of the #IICSeries, a continuous series of webinars on the industrial internet hosted by the Industrial Internet Consortium.
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...team-WIBU
An attack to an Industrial Internet of Things (IIoT) system typically starts with an attack on one or more endpoints.
As defined by the Industrial Internet Consortium (IIC), an endpoint is a component that has an interface for network communication and it can be of various types, including a device endpoint or an endpoint that provides cloud connectivity.
Endpoints are the only place in an IIoT system where execution code is stored, started and updated and data is stored, modified or applied. In many cases, an attacker will, therefore, try to access the execution code and attack the weakest point in the devices’ security implementation, then modify or replace the execution code with malicious intent.
The IIC has recently presented an endpoint protection/security model and policy in its Industry Internet Security Framework (IISF) document. The technical report is an in-depth cross-industry-focused security framework reflecting thousands of hours of knowledge and experiences from security experts, collected, researched and evaluated for the benefit of all IIoT system deployments.
As the Internet of Things is deployed across a wide range of industrial, consumer, and business environments, of special interest and concern is the need to implement IoT solutions with careful attention to security. While many of the challenges in IoT security are similar to the challenges of securing information technology (IT) computing environments, there are special considerations due to the scale, operating conditions, system capabilities, and wide range of device types which are used in IoT solutions. Further, these systems, by connecting the electronic and physical worlds, must address both operations technology (OT) security and information technology (IT) security.
In this session we will discuss the existing and emerging capabilities from IBM which we are both building into our IoT platform as well as the solutions built on top of that platform. Security features address the full spectrum of designing, building, deploying, and operating IoT solutions and are being built to enable a risk-based approach to applying these security capabilities. Both well-established and new technologies such as blockchain-based collaboration are part of these security capabilities. We consider device, network, application, and user security, with consideration for confidentiality, integrity, and availability of the systems and information. Considerations for safety and privacy also factor into the capabilities which IBM is building to secure IoT environments.
Technology & Policy Interaction Panel at Inform[ED] IoT SecurityCableLabs
As IoT insecurity creates vulnerabilities, policymakers become concerned about the health of the Internet. How can public policy address these concerns in a smart way, targeting their efforts to improve IoT security without imposing unnecessary costs across the Internet ecosystem or creating unintended effects? What is the role of government versus industry?
Rob Alderfer, Moderator
Vice President Technology Policy, CableLabs
Gerald Faulhaber
Professor Emeritus, Business Economics & Public Policy, Wharton School
Chaz Lever
Lead Reseacher, Georgia Tech
Jason Livingood
Vice President, Technology Policy & Standards, Comcast
[Webinar] Why Security Certification is Crucial for IoT SuccessElectric Imp
[View the Webinar] - https://electrici.mp/2v1fQlI
Electric Imp CEO, Hugo Fiennes, and UL’s Director of Connected Technologies, Rachna Stegall discuss the unique demands of helping to secure the IoT — and why independent certification is even more critical in the fast-evolving world.
Join us to hear Fiennes & Stegall share candid insights into why establishing an IoT Security Benchmark, such as UL 2900-2-2 Cybersecurity Certification, is critical for due diligence of edge to enterprise technologies — and the future of commercial, industrial and consumer IoT overall.
The session with highlight Intel’s vision for IoT Security and the fundamental building blocks and capabilities Intel and the ecosystem are providing to organizations to build security in from design through deployment and maintenance.
The Subversive Six: Hidden Risk Points in ICSTripwire
n the past, Industrial Control Systems (ICS) were separate from other business technologies, operating as on-premise systems. However, as ICS becomes more dependent on IT infrastructures and devices for command and control functions, new unforeseen risks are being discovered.
Industrial cyber security experts from Tripwire, FireEye and Tofino/Belden examine the six key weaknesses attackers use to compromise critical infrastructure and industrial controls operation. You will get real-life threat breakdowns and mitigation options available to proactive security teams.
Key Takeaways:
· Learn how to protect legacy ICS systems not designed with security in mind
· Understand the risks associated with an interconnected OT environment
· Discover available remediation options to your system's vulnerabilities
This presentation discusses about IoT, challenges associated with it, common threats to IoT. It also briefs about how OWASP introduces Vulnerabilities in IoT.
The Industrial Internet is an internet of - things, machines, computers and people, enabling intelligent industrial operations using advanced data analytics for transformational business outcomes.
Industrial domain is expected to be largest consumer of IoT devices and systems in terms of value
BT Cloud Enterprise Service Store - Rob RowlingsonDigital Catapult
Rob Rowlingson, Principal Security Researcher at BT Research and Technology, gave this presentation at the EIT ICT Labs Interactive Cloud Clinic event.
IoT Systems provide powerful, flexible features for IT systems — tracking, monitoring, and other data sharing. Today’s IoT devices utilize microservices and APIs that make them easy to put into production. But securing them isn’t as easy.
This webinar will look at security risks of IoT devices, interfaces, and implementations. We’ll provide practical steps and checklists any DevOps team can use to make their IoT components as secure as possible. We’ll also cover some testing best practices that can be done pre- and post-production to verify security and resilience on an ongoing basis.
Application security meetup k8_s security with zero trust_29072021lior mazor
The "K8S security with Zero Trust" Meetup is about K8s posture Management and runtime protection, ways to secure your software supply chain, Managing Attack Surface reduction, and How to secure K8s with Zero-Trust.
Similar to IIoT Endpoint Security – The Model in Practice (20)
Post Quantum Cryptography – The Impact on Identityteam-WIBU
As PQC continues to be a major topic for many companies and Government Institutions, we take a dive into the topics of quantum computers, post-quantum-cryptography, and the potential relevance for (ID) use cases.
This seminar would like to present the principles of the technology and the latest developments in this field as well some indication as to the relevance, impact, and consequences on (Government) ID projects or use cases. The seminar may also look towards the relationship with these projects not only from a hardware standpoint but also from a software algorithmic stance as we migrate from current used crypto systems to quantum-proof systems.
KEY TAKEAWAYS
What is a Quantum Computer, what is Post Quantum Cryptography and when will we see a quantum computer?
The migration from current crypto systems to quantum proof systems.
How will PQC and QC affect (Government) ID projects and implementations.
What will QC mean for the security proofing of ID and Information in the future.
TARGET AUDIENCE
Interested parties in the field of Identity and Security.
Government bodies looking to the future for ID document management systems
Enterprises looking to understand the potential impact of QC upon their business and industries.
PRESENTATION: Cryptoagility and Quantum Resistance: Easier Said Than Done.
Ever since the publication of Shor’s quantum algorithm for the factorization of large numbers, it has been known that quantum computers could at some point pose a threat to our communication and data security. Today we have cloud access to small, functioning quantum computers. The answer to this threat is quantum-resistant cryptography: cryptographic methods for classical computers that are robust against attacks by quantum computers.
The standardization of such methods is currently ongoing. However, these methods are based on mathematical problems, that are much younger than the factorization problem already investigated by Euclid. On the other hand, currently used cryptographic methods such as RSA or ECDSA are broken as soon as a sufficiently large quantum computer exists. Cryptoagility is therefore recommended, software should be built or modified in such a way that cryptographic algorithms are easily substitutable. But how great is the danger posed by quantum computers? To what extent is cryptography affected, and when do we need to take action? Is cryptoagility really so easy to implement in practice or is this perhaps much easier said than done?
Unlocking the Future: Empowering Industrial Securityteam-WIBU
In today's fast-paced digital era, where industries globally are evolving through rapid digital transformation and digital assets form the core of industrial innovation, ensuring software integrity, safeguarding intellectual property, and enabling software monetization through sophisticated and adaptable software license management systems are of utmost importance.
In the realm of IoT devices and PLCs (Programmable Logic Controllers), memory cards frequently serve as an essential component of the infrastructure. Recognizing this, we've chosen to expand upon this foundation by enhancing an already crucial element in practical scenarios with additional functionalities. This strategic extension aims to not only fulfill a fundamental requirement but also to elevate the utility and performance of these devices by integrating advanced features into the existing framework.
Join us for a webinar that showcases the groundbreaking collaboration between Swissbit and Wibu-Systems, introducing CmReady – a revolutionary solution at the nexus of state-of-the-art technologies designed to meet these critical needs.
What is CmReady?
CmReady revolutionizes software protection and licensing by enabling the binding of a CmActLicense – a software license container – to a certified CmReady memory device in the form factor of an SD or microSD card, rather than tethering it exclusively to the target device running the protected software. This innovative approach grants unparalleled mobility to CmActLicenses, equating their portability with that of traditional dongles, yet with the added convenience and flexibility of removable memory devices.
Why CmReady?
Industrial memory cards, integral to manufacturers for specific project needs, already populate the field in diverse capacities and features. Recognizing the necessity to enhance these deployed units for increased sustainability, CmReady emerges as a groundbreaking solution. It not only upgrades existing memory cards with new functionalities but also transforms them into secure anchors for IP protection and software licensing. This innovative approach ensures that existing infrastructure can adapt to evolving security demands without the need for complete replacement, representing a leap forward in sustainable technological advancement.
All the Benefits of CmReady in a Nutshell
With CmReady, industrial customers gain access to a plethora of benefits:
Portable licenses bound to CmReady memory cards
Effortless activation and renewal processes
Seamless compatibility with CodeMeter Runtime starting from release 8.00 and CodeMeter Embedded starting from release 3.00
Plug and Play functionality, eliminating implementation hassle
Enhanced data protection and integrity features, safeguarding against piracy and unauthorized access
The Power of Partnership: Enabling Success Togetherteam-WIBU
A common piece of wisdom highlights the value of collaboration over solitary efforts. Working together, partners can pool their resources and expertise, achieving greater results than either could alone. This is particularly true when partners possess deep industry knowledge or local insights, like language and customs.
Another key insight is the benefit of enabling partners to operate independently. This approach can lessen your workload, accelerate the delivery of solutions, and enhance partner satisfaction by granting them more control and autonomy.
To achieve this, providing partners with the tools and knowledge for self-sufficiency is essential. While setting up processes with a partner may initially require more effort than handling tasks yourself, this investment in empowerment is sustainable and ultimately more rewarding.
These principles are universally relevant, particularly in the realm of software sales. CodeMeter License Portal is designed to facilitate this process with your partners. It can be tailored to fit various use cases and integrate with your existing processes, such as those in your ERP system, ensuring a customized and effective partnership.
Unleash the Power of CodeMeter - CodeMeter Basicsteam-WIBU
Over the history of Wibu-Systems, there have been certain recurring reasons that have brought customers to select the CodeMeter protection and licensing solution: usually, these are hacking of software, revenues lost, the long-term limitations of a homegrown solution, the wish to supply multiple licensing models, or the plan to integrate licensing into an existing back-office system. However, once primary licensing needs are met, there is still a number of features that remains underutilized or not explored at all, just as is the case with smart phones or basic office applications.
Whatever features you rely upon most with CodeMeter today, it can make sense for you to get acquainted with the complete set of options at your disposal, optimize your processes even further, and make full use of the investment you have made. Additionally, the new generation of CodeMeter offers some special features that we are first to introduce to the worldwide market.
This webinar is a great opportunity for our current CodeMeter customers as well as those who are early in their journey towards automated license lifecycle management; both can get a complete overview of the special features of our technology and the best practices we strongly encourage. And, all should be aware that several features of CodeMeter are supplied with free lifetime maintenance included.
Discover the product highlights and the latest innovations that come with the latest version of CodeMeter.
Keine Zeit für Leerlauf – Lizenzverfügbarkeit für Geschäftskontinuitätteam-WIBU
Für Softwarehersteller oder Hersteller von intelligenten Systemen ist Lizenzierung ein wichtiger Bestandteil der Monetarisierungsstrategie von Software und Geräten. Nur mit Hilfe einer Lizenzierungslösung wie CodeMeter ist es möglich, das wertvolle geistige Eigentum zu schützen und gleichzeitig Raubkopien zu vermeiden, und dadurch ein Maximum an Lizenzen an die Kunden zu verkaufen. Auf der anderen Seite ist für die Anwender aber auch wichtig, dass die erworbenen Lizenzen kontinuierlich zur Verfügung stehen. Einen Produktionsausfall aufgrund nicht vorhandener Lizenzen gilt es unter allen Umständen zu vermeiden. Das gilt nicht nur für automatisierte Fertigungslinien beispielsweise in der Automobilindustrie, sondern auch bei Anwendungen innerhalb kritischer Infrastrukturen oder für Unternehmen, die global tätig sind und regional auftretende Ausfälle vermeiden müssen, aber auch keine Zeitfenster mehr für Wartungsarbeiten haben.
Die kontinuierliche Bereitstellung von Lizenzen ist bei Ausfällen von Teilsystemen ein wichtiger Aspekt für bestimmte Kunden und Branchen. Dies wird über eine ausfallsichere, hochverfügbare Lizenzierungsumgebung CodeMeter TMR-Server realisiert. TMR steht dabei für „Triple Mode Redundancy“ und kombiniert ein Konzept ausfallsicherer Lizenzverfügbarkeit (2-aus-3) mit bewährter Rechenzentrumstechnologie. Ein Cluster aus fünf Servern, davon zwei Load-Balancer und drei Lizenzserver, agiert dabei als ein Verbund-System. Solange zwei der drei Lizenzserver sowie ein Load-Balancer verfügbar sind, bleibt die gesamte Lizenzierungsumgebung betriebsbereit und garantiert damit eine Hochverfügbarkeit der Lizenzen für die Anwender.
Das Webinar gibt einen Einblick in den grundlegenden Aufbau und die Funktionsweise des CodeMeter TMR-Servers.
No Time to Idle – License availability for business continuityteam-WIBU
For software developers and the makers of smart systems, licensing is a key element in their software’s or hardware’s monetization strategies. Licensing solutions like CodeMeter empower them to protect their invaluable intellectual property, prevent product piracy, and sell as many licenses as possible. At the same time, their customers want to know that the licenses will actually be available whenever they need them: Losing valuable working hours or having your machines running idle because of a missing license would be the worst-case scenario. This goes for modern, automated production lines as are common in the automotive industry and elsewhere, but it can be even more relevant for applications running critical infrastructures or for global enterprises that cannot afford to waste their limited maintenance opportunities or even shift operations from continent to continent simply because one regional license is missing.
No Time to Idle: Making sure that licenses are reliably available to avoid systems or parts of systems falling idle might not be a matter for a 00 agent of His Majesty’s Secret Service, but it can be a matter of commercial life and death for many companies or sectors of industry. This is where CodeMeter’s Triple Mode Redundancy comes in: A high-availability licensing environment that uses a concept of two-out-of-three fail-proof TMR servers and robust data center technology. A cluster of five servers, including two load balancers and three license servers, works together to make sure that the licensing environment keeps doing its job as long as two of the three licensing servers are up and running. This guarantees that licenses are available for their users whenever they need them.
This webinar offers an insight into the design and operation of the CodeMeter TMR server concept.
Cloud-Based Licensing in Offline Scenariosteam-WIBU
Using the cloud for software licenses is all the rage at the moment, especially for enterprise software where admins take over most of the day-to-day management tasks on behalf of the users in their organization. The advantages are obvious: Providers and users can access their license information at any time, and often usage data as well. Licenses can be changed on the fly; they can be created, updated, or revoked as needed. For admins, it becomes easy to actively organize which users can use which licenses on which devices.
Manufacturing facilities on the proverbial shop floor are, however, often not hooked up to the Internet, but instead run offline and fully autonomously. The reasons for this are obvious: Machines will not suddenly come to a standstill should the Internet connection break down. This could lead to massive costs down the line – just imagine a furnace falling cold in a steelworks. At the same time, keeping machines separate from the Internet protects against cyberattacks and sabotage. Attackers cannot tamper with devices they simply cannot reach.
As part of Industry 4.0, more and more manufacturing data is sent over the Internet, e.g., for predictive maintenance. In most cases, the data is captured and passed onto the Internet via dedicated gateways. Still, there is no direct Internet connection on the shop floor for the reasons named above.
What does that mean for licensing? A lot, for architectural purposes. The servers needed to create and manage licenses are usually on the Internet. The users, like the operators of manufacturing lines, need to activate the licenses directly on the computers and devices on the shop floor. As with the data collected for Industry 4.0 purposes, this works without a direct Internet connection. All that is needed is an intermediate medium, which can be a regular PC, to move the license from the online to the offline world. If need be, this can happen completely offline by physically sharing data.
In this webinar, we will follow the process of activating licenses with an offline device and CodeMeter License Central in detail. Which data is needed at what point? How can that data be shared? Which steps are optional and can be skipped for the offline process? And how does CodeMeter License Central make all of this simpler?
Optimizing Cloud Licensing: Strategies and Best Practicesteam-WIBU
In principle, there are two different approaches to cloud licensing: On the one hand, licenses can be created, managed, and updated via the cloud. However, the licenses are actually located on the local device and can be used offline, at least for a certain period of time. On the other hand, the licenses can be used directly in the cloud. This case requires a permanent online connection to the server in the cloud. Especially if the number of licenses used simultaneously needs to be counted reliably, such a connection to the license server is inherent. In the webinar, we will look at best practice tips for this "license server" use case.
For "always-on" licenses, CmCloudContainer is the best solution from the CodeMeter product family. The license server is operated by Wibu-Systems for you in the cloud. You create a CmCloudContainer, transfer the licenses in advance into this CmCloudContainer, and send your customer the access data (credential file). When creating the CmCloudContainer, you can choose between a Personal Container and an Enterprise Container.
The Personal Container is typically used as a container for a user (person). They can have the container active on up to three workstations. Through the License Quantity, you define on how many workstations the user can use your software simultaneously. Three active workstations do not automatically mean three licenses for simultaneous use; by default, a match of one license on one workstation is set.
The Enterprise Container is used when multiple users share a license, almost like a license pool. From an installation point of view, there is the possibility to set up a local proxy CodeMeter license server. All users access this server and do not need direct access to the cloud. This case is mainly used when devices on the shop floor are indirectly connected to the cloud via edge devices.
Alternatively, all users or devices consuming licenses can communicate directly with the CodeMeter Server in the cloud. Mixed forms of direct and indirect access through several local license servers are also possible. The exciting question here is how to disavow a device or user from the list of units of people that were initially granted access rights.
Here is where CodeMeter License Portal comes in handy and provide a turnkey solution. You and your customers create groups and users. Each user can access two CmCloudContainers, their own Personal CmCloudContainer, and the Enterprise CmCloudContainer of the group to which they belong. Depending on the use case, you can either leave the choice to your user or make it transparently in the background for them.
“A fistful of licenses” is no problem: You simply create them manually with CodeMeter License Editor or the command line tool CmBoxPgm. But “for a few licenses more”, you should think about automating the license creation, distribution, and management process. Enter CodeMeter License Central! As in Ennio Morricone’s famous western, where the Man with no Name and Colonel Mortimer team up to beat the bad guys, the unique strengths of CodeMeter License Central and ERP systems work best when they work together. They are not opponents, but perfect companions.
Depending on your use case, you need to decide which system should take the lead for licensing: the ERP system or CodeMeter License Central? You can also mix and match them both in a hybrid setup if you need to account for different workflows. One typical use case would be a combination of subscription licenses sold either directly by you or distributed via a reseller. In this situation, your resellers could create their licenses via a portal with CodeMeter License Central, and the ERP system is notified each month about the number of active licenses for an aggregated bill for the reseller. You could even sell more subscriptions directly by moving them from the ERP system to CodeMeter License Central. Alternatively, you can run reseller licenses first through the ERP system or direct-sale licenses first through CodeMeter License Central.
To make the link between the ERP system and CodeMeter License Central, you have a choice of a simple or a sophisticated SOAP interface, a generic connector with a REST-like API, or some custom layer to slot in between the two sides. When using the generic connector and a custom layer, you can adjust the operating logic to suit your specific needs, letting you respond to any changes in your requirements with little interventions and expansions that do not force you to move everything into the ERP system.
For SAP, you have two turnkey solutions ready and waiting: Our partner Informatics has created a framework for integration in SAP, typically used in the SD (Sales and Distribution) modules. Alternatively, CodeMeter License Central can be contacted directly from SAP’s EMS module.
One important aspect is the backchannel between CodeMeter License Central and the ERP system. When the ERP system is in the lead, the backchannel can feed back information about the current state of licenses, e.g. whether and where they are activated. All of this information can be sent via the notification dispatcher (push) or requested by the ERP system when they are needed (pull). If licenses are created in CodeMeter License Central, the backchannel is still key for the ERP system to bill those licenses, again with push or pull options available.
The Industrial Internet of Things has well and truly arrived, with manufacturers around the world having access to a vast assortment of smart machines with clever app features for tailoring their functionality perfectly to their needs. But where to start? To really kick off the connected, app-driven, and smarter industry of tomorrow, end users need an app marketplace that they trust and know how to use, with apps that they know will work on their equipment, and everything with confidence in legal, commercial, technical and – not least – security terms. The Open Industry 4.0 Alliance, Hilscher, and Wibu-Systems have come together to showcase how this can be done with the OI4 Community App Store, Docker containers for interoperability, and CodeMeter for safe operations and secure intellectual property.
Today, the world of industrial applications is very diverse and forms a complex ecosystem that entails a multitude of technical requirements. Due to the current complexity of the brownfield environment, a broad acceptance of existing applications and their ease of use are bogged down, if not made even impossible.
The overarching goal is to place the user experience first and foremost so that end users can move to the ecosystem of their choosing, without being permanently tied to a particular infrastructure. Wider choice, more flexibility in deployment, and rapid response to changes are the direct results of these greater freedoms.
As we all know, digitization is now in full swing. Triple-digit billions are being invested in this sector, with everyone, regardless of their role in the value chain, expecting increased productivity and shorter delivery and setup times. The end game: improved inventory management, shorter market entry cycles, reduced batch sizes, and sustainability in the form of energy efficiency and optimization of the resources utilized.
The Open Industry 4.0 Alliance (OI4) gathers manufacturers and providers of Industry 4.0 solutions and services worldwide aimed at successfully transitioning customers to the Industrial Internet of Things. The group has developed a joint approach with all its members to reach tangible results on the path towards a complete digitization of the manufacturing industry.
Three main stakeholders come into play:
1. The application providers, who bundle their expertise in professional apps and make them available to a broad market;
2. The store operators, who provide the end users with a large number of applications and map legal, commercial, and technical aspects in their systems;
3. The end users, who don’t want to deal with the complexity of different store systems and expect trustworthy platforms.
Hilscher, a name that has stood for trendsetting automation solutions for over 35 years, and Wibu-Systems, a global leader in software monetization via protection, licensing, and security, are members of OI4 and ready to demonstrate this constructive attitude during this live masterclass.
Protecting and Licensing .NET Applicationsteam-WIBU
.NET has seen a surge in its popularity as a development platform since 2018, powered not least by the multiplatform capabilities introduced with .NET Standard. According to the Tiobe Index, C# currently ranks in fifth spot as a choice for developers in .NET, outranked only by Python, C/C++, and Java. Python is particularly in demand for internal projects or automation use cases, as Java is for servers, and .NET for end user devices. For traditional standalone and client applications, it is safe to say that .NET is a sure second choice alongside C/C++.
Security matters, and it matters especially when applications are run out in the field, on an end user’s device. This is true for the end users themselves, as they don’t want their machines affected by malware or other harmful code, which is usually avoided by solutions like signed code. But it is also true for software developers who want to protect their work from piracy or IP theft. .NET differs from C/C++ in that the source code does not go through a compiler to run as machine code on a specific platform. Instead, it is turned into intermediate code that can still run on multiple platforms. The downside to this is that the intermediate code remains accessible for snooping and tampering by would-be attackers. License checks can be removed or replaced by forged ones, and business secrets contained in the code may simply be stolen.
Our answer: AxProtector .NET from our CodeMeter Protection Suite. AxProtector .NET works perfectly with code signatures, meaning developers do not have to make that decision between security for the end user or protection for their own IP. They can, and should, have both.
AxProtector .NET makes clever use of the easy legibility of the intermediate code: it extracts all the classes and methods contained in a .NET assembly and encrypts them piece by piece. The encrypted code is then placed back instead of the original code.
During runtime, the methods are decrypted on the fly when they are called for. The actual intermediate code remains in the device’s working memory only for a brief moment to run through the Just In Time Compiler (JIT) and create the machine code, and then it is erased from memory. A native C/C++ component, CPSRT, takes over part of the decrypting and runs cyclical security checks in the background. By comparison to a straight-up .NET solution, adding this native component increases the security of the system again. CPSRT is available for most common platforms and processes, including Windows, macOS, Linux, Intel x86 and x86-64 as well as ARM and AARCH64. It does not normally mean any limitation to the application’s ability to run on multiple platforms.
Rolling out or updating licenses should be as simple and straightforward as possible. CodeMeter already comes with lots of workflows for the purpose on its License Portal. Many jobs can be automated through that portal, and the work for the user reduced to a few simple clicks. However, all of this needs a user who would manually start the activation or updating process. For larger organizations that depend on up-to-date transparency about the licenses that are active in the field, the License Portal is also the optimum solution.
But how could you streamline the process on the user’s side even more? This is where a bit of magic comes into play in the form of the Software Activation Wizard.
CodeMeter has many different use cases covered with a choice of source code examples for different developer languages to help you put in place your own Software Activation Wizard to match your processes, workflows, and requirements. All you need is CodeMeter License Central and the right gateways in the cloud.
There are many use cases that could include automatic license updates, such as:
Adding or removing features
Revoking entire licenses
Automatically renewing subscriptions after payment has been received
Updating service technicians’ licenses
Automatically renewing maintenance contracts
Locating or locking lost licenses
An automatic update removes the need for the user to do anything. Nobody has to be reminded to activate an update over the License Portal. Not only is this easier and more comfortable for the user, it also gives you, as the vendor, full control over the process. The Software Activation Wizard can become a perfect fit for your business by being integrated in your software and tailored to your processes and your corporate design.
Automation saves costs, and it gives you a great means to collect data and retrieve it via CodeMeter License Central. One popular option is to register users during license activation, which is particularly appealing when your licenses are sold through diverse channels, but you still want to know who your users are in the wild. This even works with free software: it can be activated and registered in the same manner, with the license created in the background during activation, and you will know who is using your software.
The first step is always the most decisiveteam-WIBU
“You don’t get a second shot at a good first impression.” We have all heard this deceptively simple saying. It applies to your and our relationships with potential new customers, but it also applies to your first impression of working with our software protection and licensing technology CodeMeter. Workflows that used to be state of the art only a few years ago are no longer accepted without question today. Just think of the old habit of distributing trial versions of software on CD-ROMs or DVDs at expos. Nobody does so anymore, because very few people have the necessary drives left on their new computers. As a software developer or vendor, you will recognize many of the challenges we at Wibu-Systems face when it comes to providing test versions of our product to potential clients. That is why we have prepared a webinar to share our ideas and experiences with designing the new evaluation process with you. In this masterclass, you will discover the workflows we use with our clients, with a look behind the scenes to show you how and why we do it this way. You can do everything we have done in this process yourself with CodeMeter for your own processes.
In the past, Wibu-Systems delivered its test versions through the mail, i.e. a physical SDK toolkit including two dongles and a DVD. The disadvantage is obvious: Potential clients had to wait for the package to arrive before they could test our technology, and they had to have a DVD drive to use the included disc. In short: We needed a new approach. Our goal was to enable our clients’ testing team to start their tests immediately, while keeping the cryptographic keys needed for the process as secure as they were on the hardware-based CmDongle.
The combination of CmCloudContainers and CmDongles means that all possible requirements are covered. The cryptographic keys are always kept safe; users with online access can start to test the software immediately, and users forced to go the offline route can still carry their licenses and keys around on the CmDongle. Should the situation change later on, everything can be switched around as needed.
The CodeMeter Developer Portal is modelled on the CodeMeter License Portal. If you want, you can copy our choice of offering a combination of dongles for offline scenarios and cloud containers for a faster response. You can also get access to the CodeMeter Evaluation Portal, a trial version of the License Portal that lets you review the processes from your specific vantage point and see in action how you would produce trial versions of your software or even enable your sales partners and resellers to do so.
Protection and monetization of 3D printed objects in the spare parts business...team-WIBU
Bus operators depend on their vehicles, and any spare parts they need have to be available as quickly as possible. Up to now, this meant massive local stocks or complex on-demand logistics, but now digitalization is hailing in a new age. The owners and operators of Mercedes Benz and Setra busses can now produce the parts themselves with 3D printing. All they need for these mini-factories are a certified 3D printer and the licenses for the parts they want to print. Wibu-Systems’ CodeMeter provides the technological basis for a secure digital process chain with full control over how many parts can be and are printed on the ground.
Additive manufacturing was long considered a technology for nerds or select specialists. There were too many technical challenges still to be overcome, and the cost of 3D printed parts was far too high compared to conventional manufacturing. But times have changed, and many of these problems have been solved. New service concepts are being introduced and are already creating new global, digital markets. Our webinar introduces the solution thought up by Daimler Buses in partnership with the 3D printer specialists Farsoon Technology and the CodeMeter security technology of Wibu-Systems. The system solves two essential problems: The protection of the digital object data and the monetization of the entire process with a reliable license management system.
The challenge is to be able to produce parts wherever and whenever they are needed. This promises a new field for service providers to get active in, offering 3D printing services for their clients. However, when the parts are processed and printed by a third party, there need to be systems in place to protect the intellectual property involved and to make the entire value chain correctly traceable and, crucially, billable. This is where Daimler Buses has found a solution with the potential to revolutionize the current conventional parts business. The system creates exciting new prospects for the service business and for the availability of spare parts, both economically and ecologically speaking.
Many parts and components are now available in digital format on the OMNIplus 3D printing license shop. Bus operators and service partners around the world can purchase these and produce them at their leisure and at the point of need. The parts are provided as encrypted downloads. As in any online store, the buyer adds the right items to their cart. At the checkout, the buyer then receives a preprinting license to prepare the print job with the Buildstar® software made by Farsoon Technologies and the actual printing license for the right number of parts. The licenses can then be used with the Makestar® software on Farsoon-certified 3D printers. Both protected and unprotected parts can be combined in one job to reduce the printing costs. Order processing is handled by the combination of CodeMeter License Central and the SAP system already in place at Daimler Buses.
Authenticate and authorize your IIoTdevicesteam-WIBU
“Who’s who” is an important question, not just for the publishers of biographical encyclopedias. Identities and reliable ways to identify people, devices, and real or virtual objects have become more important than ever before as much of our lives, including the industrial world, has gone digital. The new opportunities coming from this also contain new challenges: From biometric passports making travel safer and more secure to eID technologies facilitating virtual transactions and digital certificates establishing themselves as the technology of choice to authenticate devices and actors in the industrial IoT, the tech world is exploring how identity can be represented both online and offline.
Digital certificates are a great tool to uniquely identify people or devices with the tried-and-tested reliability and security of a pair of cryptographic keys acting as the currency of trust: One key is public and confirmed by a neutral authority, the Certificate Authority, to belong to the person, device, or digital object, and the other is private and secure. With a certificate signed with that private key and the private key stored safely away from prying eyes, there should be no way to tamper with or steal the identity it confirms.
CodeMeter Certificate Vault is our answer: The keys are kept safe and the necessary cryptographic operations handled in the smart card chips embedded in our secure hardware elements, our CmDongles. But CodeMeter Certificate Vault is more than that: It acts as a PKCS#11-compliant token provider, acts as a go-between when keys need to be accessed, e.g. through the OpenSSL API, it works perfectly in the important M2M communication standard OPC UA, and it simplifies the often laborious process of distributing and managing certificates by bringing the whole comfort and great performance of CodeMeter License Central to the certificate world. Key pairs are created, bound to their intended container, and packaged in a secure file that can simply be shipped over to their destination. With CodeMeter’s award-winning encryption, the entire process is safe from theft and tampering. In his talk, Guenther Fischer will look at three use cases that show the power of CodeMeter Certificate Vault in action.
How and Why to Create and Sell Consumption-Based Licensesteam-WIBU
"Pricing policy is an executive matter" – this should underline how important it is who defines prices and how they are defined. If the price is too steep, you scare off potential customers and lose revenue. If the price is too low, you may win more customers, but the revenue will plateau at some point, because the increased numbers will not make up for the financial shortfall. Low prices naturally affect profits, and sometimes dramatically so.
For software developers, retail prices are directly related to different licensing options. The most common choices are still the traditional "One-off purchases" or "One-off purchases with maintenance contracts". But there are more and more software vendors offering more modern models like subscriptions or consumption-based licenses.
This webinar will cover both the commercial and the technical sides of these licensing models, specifically consumption-based models. For pricing decisions, two factors matter most: "What does it cost me to produce the software?" and "What is the software worth to our customers?". In many cases in the market, the second question ought to take precedence both when calculating prices and when trying to sell the actual software: "This printer can print 1000 pages" might be a great statement for gadget lovers. But when trying to sell the printer’s real added value, it should be "This printer is 20% faster and can save you a lot of expensive labor."
Modern licensing models can benefit from using cloud solutions, as the cloud makes it easy to capture and collect usage data immediately and renew subscriptions on the fly. But has the whole world really gone online already? Our experts at Wibu-Systems know: That is not true. In industrial shopfloor scenarios in particular, there is so much legitimate concern about cyberattacks, sabotage, or data theft that many devices are not always available online. Often, outbound connections through dedicated gateways are the limit of what can be accepted. And availability is also another legitimate worry for many users of cloud services. It only takes a misguided shovel, and the fastest fiberoptic interconnection is cut and production comes to a standstill. What good is a 20% faster connection with a network printer, if the printer has been physically cut from the network? All the time and effort saved with modern connectivity is quickly lost again to such incidents.
The technical part of the webinar will cover the concrete ways to implement consumption-based licenses with CodeMeter.
Serving Up Features-on-Demand for Every Appetiteteam-WIBU
Nobody would eat a whole salami from end to end. We might all want to, but we wouldn’t try (or manage). Instead, we proceed slice by slice. This strategy, also called the salami tactic, can be applied to many other walks of life, and software licensing is one of them. Over their evolution, many software products tend to get bigger and bigger as the developers try to fulfil new user expectations or add new technology capabilities. Some call this bloat, but it is actually a reasonable way of responding to a growing user base with a growing set of needs and expectations. However, few users will need all of the features at once. Usually, they only need a few selected features, creating a dilemma for software developers and their clients: Users don’t want to pay for things they never use, but developers don’t want to give their work away for free.
This is where the salami tactic comes back into the picture. Called features-on-demand in the software world, it means that the users are not forced to buy or pay for the entire package (or salami), but only for the features (or slices) they want. Although the term had negative connotations for its originator, Zoltán Pfeiffer, the salami tactic is a great example of a win-win strategy. The seller gets their software to the user at a lower entry price, and the users have the opportunity to spend more for the features they want on top.
Security and Protection for Machine Learning.pptxteam-WIBU
Machine learning. We believe that it has the potential to be a game changer that will transform the course of our future. But what actually is machine learning? The term refers to training an artificial intelligence with typically massive sets of data. The resulting trained model can then predict other data. To illustrate this, we can see how medical data could be processed automatically by an artificial intelligence.
Think of a doctor screening a patient for TBC. The doctor takes a look at the X-ray image to tell whether the patient is infected or not. This needs years of training and lots of experience. A trained AI could do the same job much more efficiently and make the technique available even to general practitioners. Imagine that a maker of TBC screening systems produces a system that read the X-ray scans and make the diagnosis by itself. All it needs is a good set of X-ray images with the right diagnoses attached. The system is trained with these scans to produce a model that can predict the diagnoses for future scans. What is immediately clear is that the data that the machine is being fed with has to be sound: All incorrect or flawed data has to be screened out, and the meaningful data has to be identified and correlated. The model that slowly grows from this process becomes the intellectual property of the manufacturer. And as soon as intellectual property comes into the picture, we get problems: There will be counterfeiters trying to build similar systems by abusing the property of the original maker. There might even be outright saboteurs who want to manipulate what the system can do in practice.
Latest at this point – much sooner, if you ask us – the device maker should start thinking about ways to protect that IP. The IP comes in multiple forms: It is the data used originally to train the model, the training setup itself, and the eventual trained model. It does not matter whether the model in question is a virtual system operating in the cloud or an actual device sitting on a desk in a doctor’s surgery room somewhere. At stake in both cases is a data model that can be accessed via the physical device and that needs to be securely stored in the cloud. And for both threats, CodeMeter has a perfect solution: Encrypting the model to protect it against unauthorized use, copying, or espionage.
Nobody enjoys being bossed around. Nobody enjoys having their every move monitored, especially if the checks and controls make life harder than they should. But if everybody did what they wanted, there would be anarchy. And the same is true for software licensing: Without any protections, your software will eventually fall victim to thieves and pirates. Tough and strict controls can help minimize that risk. Tools like CodeMeter Protection Suite make it easy to encrypt software and bind it irrevocably to a license. But when things go wrong – maybe the computer with the license breaks – it can mean that the user cannot keep working with their software on a new device.
This is where a license portal comes into play as the perfect self-service solution for your clients. You define what your users and distribution partners should be able to do on their own. Our license portal and CodeMeter License Central keep track of all license actions of your users and partners. You can check up on what happened at your leisure and intervene if there is any funny business with anybody.
You can set smart cut-off values to stop people from abusing the freedom you have given them. When one of these points is passed, it would be up to you to allow or disallow any action manually. This is the perfect compromise between the two extremes “Allow everything first and check up on it later” and “Allow nothing and control everything yourself”.
Self-service options for single users include:
- Moving licenses to other devices / dongles / users
- Recovering lost licenses
- Creating and activating emergency licenses
- Creating demo or trial licenses
- Binding cloud licenses to other devices
- Changing the access details for cloud licenses
But license portals are not just there to make life easier for individual users. They include features and functions that are perfect for commercial clients or multi-level distribution models. On top of individual users, you can define hierarchies of different roles for different client or partner levels. For instance, administrators and partners could see all licenses for their part of the tree, while end users can only see the licenses allotted to them or their specific unit.
License portals can also be set up to allow resellers or distribution partners to create their own full-scale licenses at the point of need. As with all of these features, this is an optional setting that you could configure for all partners or only for specific partners of your choosing.
Running code in secure hardware or cloud environmentsteam-WIBU
Software protection has one prime mission: To prevent your software from being run and taken apart by a debugger. Paradoxically, this makes life harder not just for hackers, but also for legitimate developers trying to test their work and remedy any bugs that might be hidden in it. Now, with CodeMoving, you can take the leap into optimal protection: CodeMoving lets you move essential code into a secure CmContainer for execution far away from the prying eyes of would-be hackers. But how can developers test their work under these circumstances? The new generation of AxProtector comes with a simulation mode, built specifically for that purpose.
CodeMeter Protection Suite includes a variety of AxProtector flavors that make protecting applications easy. There are versions of AxProtector for native Windows, macOS, Linux, and Android applications and for applications in Java, .NET, Python, and JavaScript. AxProtector itself is available as a standard version for encrypting either entire applications or individual functions. File encryption, IP Protection mode, and CodeMoving are available as optional resources.
File encryption allows your application to load protected files, such as models used for AI. The IP Protection mode works against reverse engineering without your software needing a CodeMeter license and without CodeMeter being installed on the user’s system. With CodeMoving, you can have sensitive parts of your software executed in the secure confines of a CmContainer. This masterclass will show you how to make the most of CodeMoving, including the ability to test and debug even protected code.
With CodeMoving, you can create as many code fragments as you want for execution in a CmDongle or CmCloudContainer. To move the code, the application is encrypted with AxProtector; all functions to be moved are compiled and encrypted by AxProtector and normally kept in the application like their peers with regular AxProtector protections. While AxProtector decrypts and executes the function in question in the memory of the computer during runtime, CodeMoving first moves it into a CmDongle or CmCloudContainer to be decrypted and executed with the right input parameters. The output parameters are then returned to the application. CodeMoving is more secure than AxProtector used by itself, while regular encryptions with AxProtector offer better performance for the protected code. To find the optimal balance for your application, a combination of CodeMoving and functions encrypted with AxProtector is possible.
First Steps with Globus Compute Multi-User EndpointsGlobus
In this presentation we will share our experiences around getting started with the Globus Compute multi-user endpoint. Working with the Pharmacology group at the University of Auckland, we have previously written an application using Globus Compute that can offload computationally expensive steps in the researcher's workflows, which they wish to manage from their familiar Windows environments, onto the NeSI (New Zealand eScience Infrastructure) cluster. Some of the challenges we have encountered were that each researcher had to set up and manage their own single-user globus compute endpoint and that the workloads had varying resource requirements (CPUs, memory and wall time) between different runs. We hope that the multi-user endpoint will help to address these challenges and share an update on our progress here.
Developing Distributed High-performance Computing Capabilities of an Open Sci...Globus
COVID-19 had an unprecedented impact on scientific collaboration. The pandemic and its broad response from the scientific community has forged new relationships among public health practitioners, mathematical modelers, and scientific computing specialists, while revealing critical gaps in exploiting advanced computing systems to support urgent decision making. Informed by our team’s work in applying high-performance computing in support of public health decision makers during the COVID-19 pandemic, we present how Globus technologies are enabling the development of an open science platform for robust epidemic analysis, with the goal of collaborative, secure, distributed, on-demand, and fast time-to-solution analyses to support public health.
Enterprise Resource Planning System includes various modules that reduce any business's workload. Additionally, it organizes the workflows, which drives towards enhancing productivity. Here are a detailed explanation of the ERP modules. Going through the points will help you understand how the software is changing the work dynamics.
To know more details here: https://blogs.nyggs.com/nyggs/enterprise-resource-planning-erp-system-modules/
May Marketo Masterclass, London MUG May 22 2024.pdfAdele Miller
Can't make Adobe Summit in Vegas? No sweat because the EMEA Marketo Engage Champions are coming to London to share their Summit sessions, insights and more!
This is a MUG with a twist you don't want to miss.
Check out the webinar slides to learn more about how XfilesPro transforms Salesforce document management by leveraging its world-class applications. For more details, please connect with sales@xfilespro.com
If you want to watch the on-demand webinar, please click here: https://www.xfilespro.com/webinars/salesforce-document-management-2-0-smarter-faster-better/
Prosigns: Transforming Business with Tailored Technology SolutionsProsigns
Unlocking Business Potential: Tailored Technology Solutions by Prosigns
Discover how Prosigns, a leading technology solutions provider, partners with businesses to drive innovation and success. Our presentation showcases our comprehensive range of services, including custom software development, web and mobile app development, AI & ML solutions, blockchain integration, DevOps services, and Microsoft Dynamics 365 support.
Custom Software Development: Prosigns specializes in creating bespoke software solutions that cater to your unique business needs. Our team of experts works closely with you to understand your requirements and deliver tailor-made software that enhances efficiency and drives growth.
Web and Mobile App Development: From responsive websites to intuitive mobile applications, Prosigns develops cutting-edge solutions that engage users and deliver seamless experiences across devices.
AI & ML Solutions: Harnessing the power of Artificial Intelligence and Machine Learning, Prosigns provides smart solutions that automate processes, provide valuable insights, and drive informed decision-making.
Blockchain Integration: Prosigns offers comprehensive blockchain solutions, including development, integration, and consulting services, enabling businesses to leverage blockchain technology for enhanced security, transparency, and efficiency.
DevOps Services: Prosigns' DevOps services streamline development and operations processes, ensuring faster and more reliable software delivery through automation and continuous integration.
Microsoft Dynamics 365 Support: Prosigns provides comprehensive support and maintenance services for Microsoft Dynamics 365, ensuring your system is always up-to-date, secure, and running smoothly.
Learn how our collaborative approach and dedication to excellence help businesses achieve their goals and stay ahead in today's digital landscape. From concept to deployment, Prosigns is your trusted partner for transforming ideas into reality and unlocking the full potential of your business.
Join us on a journey of innovation and growth. Let's partner for success with Prosigns.
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus
As part of the DOE Integrated Research Infrastructure (IRI) program, NERSC at Lawrence Berkeley National Lab and ALCF at Argonne National Lab are working closely with General Atomics on accelerating the computing requirements of the DIII-D experiment. As part of the work the team is investigating ways to speedup the time to solution for many different parts of the DIII-D workflow including how they run jobs on HPC systems. One of these routes is looking at Globus Compute as a way to replace the current method for managing tasks and we describe a brief proof of concept showing how Globus Compute could help to schedule jobs and be a tool to connect compute at different facilities.
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisGlobus
JASMIN is the UK’s high-performance data analysis platform for environmental science, operated by STFC on behalf of the UK Natural Environment Research Council (NERC). In addition to its role in hosting the CEDA Archive (NERC’s long-term repository for climate, atmospheric science & Earth observation data in the UK), JASMIN provides a collaborative platform to a community of around 2,000 scientists in the UK and beyond, providing nearly 400 environmental science projects with working space, compute resources and tools to facilitate their work. High-performance data transfer into and out of JASMIN has always been a key feature, with many scientists bringing model outputs from supercomputers elsewhere in the UK, to analyse against observational or other model data in the CEDA Archive. A growing number of JASMIN users are now realising the benefits of using the Globus service to provide reliable and efficient data movement and other tasks in this and other contexts. Further use cases involve long-distance (intercontinental) transfers to and from JASMIN, and collecting results from a mobile atmospheric radar system, pushing data to JASMIN via a lightweight Globus deployment. We provide details of how Globus fits into our current infrastructure, our experience of the recent migration to GCSv5.4, and of our interest in developing use of the wider ecosystem of Globus services for the benefit of our user community.
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERRORTier1 app
Even though at surface level ‘java.lang.OutOfMemoryError’ appears as one single error; underlyingly there are 9 types of OutOfMemoryError. Each type of OutOfMemoryError has different causes, diagnosis approaches and solutions. This session equips you with the knowledge, tools, and techniques needed to troubleshoot and conquer OutOfMemoryError in all its forms, ensuring smoother, more efficient Java applications.
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...Juraj Vysvader
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I didn't get rich from it but it did have 63K downloads (powered possible tens of thousands of websites).
Accelerate Enterprise Software Engineering with PlatformlessWSO2
Key takeaways:
Challenges of building platforms and the benefits of platformless.
Key principles of platformless, including API-first, cloud-native middleware, platform engineering, and developer experience.
How Choreo enables the platformless experience.
How key concepts like application architecture, domain-driven design, zero trust, and cell-based architecture are inherently a part of Choreo.
Demo of an end-to-end app built and deployed on Choreo.
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptxrickgrimesss22
Discover the essential features to incorporate in your Winzo clone app to boost business growth, enhance user engagement, and drive revenue. Learn how to create a compelling gaming experience that stands out in the competitive market.
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamtakuyayamamoto1800
In this slide, we show the simulation example and the way to compile this solver.
In this solver, the Helmholtz equation can be solved by helmholtzFoam. Also, the Helmholtz equation with uniformly dispersed bubbles can be simulated by helmholtzBubbleFoam.
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...Mind IT Systems
Healthcare providers often struggle with the complexities of chronic conditions and remote patient monitoring, as each patient requires personalized care and ongoing monitoring. Off-the-shelf solutions may not meet these diverse needs, leading to inefficiencies and gaps in care. It’s here, custom healthcare software offers a tailored solution, ensuring improved care and effectiveness.
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...Shahin Sheidaei
Games are powerful teaching tools, fostering hands-on engagement and fun. But they require careful consideration to succeed. Join me to explore factors in running and selecting games, ensuring they serve as effective teaching tools. Learn to maintain focus on learning objectives while playing, and how to measure the ROI of gaming in education. Discover strategies for pitching gaming to leadership. This session offers insights, tips, and examples for coaches, team leads, and enterprise leaders seeking to teach from simple to complex concepts.
Understanding Globus Data Transfers with NetSageGlobus
NetSage is an open privacy-aware network measurement, analysis, and visualization service designed to help end-users visualize and reason about large data transfers. NetSage traditionally has used a combination of passive measurements, including SNMP and flow data, as well as active measurements, mainly perfSONAR, to provide longitudinal network performance data visualization. It has been deployed by dozens of networks world wide, and is supported domestically by the Engagement and Performance Operations Center (EPOC), NSF #2328479. We have recently expanded the NetSage data sources to include logs for Globus data transfers, following the same privacy-preserving approach as for Flow data. Using the logs for the Texas Advanced Computing Center (TACC) as an example, this talk will walk through several different example use cases that NetSage can answer, including: Who is using Globus to share data with my institution, and what kind of performance are they able to achieve? How many transfers has Globus supported for us? Which sites are we sharing the most data with, and how is that changing over time? How is my site using Globus to move data internally, and what kind of performance do we see for those transfers? What percentage of data transfers at my institution used Globus, and how did the overall data transfer performance compare to the Globus users?
1. IIoT Endpoint Security –
The Model in Practice
February 22, 2017
Industrial Internet Security Framework
#IICSeries
2. Guest Speakers
2
MARCELLUS BUCHHEIT
President and CEO, Wibu-Systems USA
Editor, Industrial Internet Consortium Security Framework
@WibuSystems
TERRENCE BARR
Head of Solutions Engineering, Electric Imp, Inc.
@electricimp
3. Motivation
3
Unprotected devices in internet are dangerous!
They can be used to:
• Intrude into local networks: stealing or deleting private data
• Block or alter websites or internet communication
• Upload viruses and start Denial-of-Service (DoS) attacks
Additional for IIoT:
• Shut down public or private services (electricity, water, sewer etc.)
• Prevent commercial usage (production, hospitals, hotels, PoS etc.),
• Damage or destroy industrial installations or produced parts
4. Motivation
4
Unprotected devices problematic for component manufacturer
• Example: FTC charges D-Link for unsecure routers and IP cameras
• https://www.ftc.gov/news-events/press-releases/2017/01/ftc-charges-d-link-put-consumers-privacy-risk-
due-inadequate
Unprotected devices problematic for users/operators
• Example: Point-of-Sale (POS) attack at Target end of 2013
• 40 million credit cards and 70 million addresses stolen
• Target paid $50M+ for settlements
• http://krebsonsecurity.com/2014/02/target-hackers-broke-in-via-hvac-company/
5. A few words about Wibu-Systems
5
• Wibu-Systems was founded in 1989 in Germany
• Global company targeting secure software licensing
• Offer security and licensing solutions for IIoT systems and devices
• More about the company: www.wibu.com
• More about the key product: http://www.wibu.com/codemeter
• More about IIoT security: http://www.wibu.com/embedded-software-
security
• And since 2015 member of the Industrial Internet Consortium (IIC)
6. About the IIC
Industrial Internet Consortium
Security Webinar
February 22, 2017
Kathy Walsh, walsh@iiconsortium.org
Director of Marketing
7. The Industrial Internet is Leading the Next Economic Revolution
7
GDP data extracted from the Futurist 2007
8. Bring Together the Players to Accelerate Adoption
8
Connectivity
Standards
Technology
Research Academia
Systems
Integration
Security
Government
Big Data Industries
The Industrial Internet:
A $32 trillion opportunity
9. The IIC: Things are Coming Together
9
Things are coming together.
Academia
Standards
Research Systems Integration
Government
IndustriesConnectivity
Technology
Big Data
Security
10. The Industrial Internet Consortium is a global, member supported
organization that promotes the accelerated growth of the Industrial
Internet of Things by coordinating ecosystem initiatives to securely
connect, control and integrate assets and systems of assets with people,
processes and data using common architectures, interoperability and
open standards to deliver transformational business and societal
outcomes across industries and public infrastructure.
Launched in March 2014 by five founding members:
AT&T, Cisco, General Electric, IBM & Intel.
The IIC is an open, neutral “sandbox” where industry, academia and
government meet to collaborate, innovate and enable.
Industrial Internet Consortium Mission
Over 250 Member Organizations
Spanning 30 Countries
10
11. Securing IIoT Endpoints --
The Model
Industrial Internet Consortium
Security Webinar
February 22, 2017
Marcellus Buchheit, mabu@wibu.com
Wibu-Systems USA Inc.
12. Overview
12
What is an endpoint?
Why endpoint security?
Security functions of an endpoint
Implementing endpoint security
13. What is an Endpoint?
13
The IIoT Landscape: Where are Endpoints?
E
P
E
PE
P
E
P
E
P
E
P
E
P
14. What is an Endpoint (II)?
14
IISF and IIC defines endpoints similar as ISO/IEC 24791-1:2010 standard does:
• An endpoint is one of two components that either implements and exposes an interface
to other components or uses the interface of another component.
IIC simplified this definition (see IIC Vocabulary, version 2.0):
• An endpoint is a component that has an interface for network communication.
… but added a note for clarification:
• An endpoint can be of various types including device endpoint or an endpoint that
provides cloud connectivity.
Endpoint 1 Endpoint 2
Communication
15. What is an Endpoint (III)?
15
The IIoT Landscape: Endpoints are
everywhere!
E
P
E
PE
P
E
P
E
P
E
P
E
P
16. What is an Endpoint (IV)?
16
Summary:
• Endpoints are everywhere in an IIoT System (including edge and cloud)
• One single (security) model for all locations
• A single computer, even a device, can have several endpoints
• Example Router: One LAN endpoint, one WAN endpoint
• Frequently shared code/data between multiple endpoints
• Endpoint and its communication is another model
17. Why endpoint security?
17
Endpoints are the only location in an IIoT system where:
• Execution code is stored, started and updated
• Data is stored, modified or applied (“Data at Rest” / “Data in Use“)
• Communication to another endpoint is initiated and protected
• Network security is analyzed, configured, monitored and managed
Result: An attack to an IIoT system typically starts in attacking one or more
endpoints:
• Try to access the execution code and analyze to find weak security
implementation
• Attack weak communication protection via network
• Modify or replace (“hijack”) the execution code in a malicious way
• ...
19. Threats and Vulnerabilities to an IIoT Endpoint
19
1. Hardware components
2/3. Boot process
4. Operating System
5. Hypervisor/Sep. Kernel
6. Non-OS Applications
7. Applications and their API
8. Runtime Environment
9. Containers
10. Deployment
11. Data at Rest, Data in Use
12. Monitoring/Analysis
13. Configuration/Management
14. Security Model/Policy
15. Development Environment
20. Endpoint security: Solutions
20
• Start with a clean design of the security model and policies
• Define endpoint identity, authorization, authentication
• How other endpoints see me? What can they do with me?
• Define proper data protection model
• Integrity and confidentiality, especially of shared data-in-rest but also data-in-
use
• Define secure hardware, BIOS, roots of trust
• Includes lifetime of hardware, BIOS update, consistent root of trust
• Select secure OS, hypervisor, programming language
• Consider lifetime of (open source?), dynamic of programming language
• Consider isolation principles (4 different models explained in IISF)
• Plan remote code update and provide code integrity
• Security has an unspecific expiration date: needs update
• Code integrity prevents malicious remote code-hijacking
21. Endpoint security: Solutions (II)
21
• Plan “beyond the basics” security instantly
• Plan security configuration and management
• For example: defining, replacing and updating of keys and certificates
• User-friendly setting of access rights and authorization
• Plan endpoint monitoring and analysis
• For example: log all security configuration changes
• Log all unexpected remote activity
• Provide user-friendly analysis, alerts etc.
• Implement “state of the art”:
• Have a team of experienced security implementers
• Use latest versions of development tools, OS, hypervisors, libraries
• Test a lot, including malicious attacks
• Prepare and test your first remote update
22. Securing IIoT Endpoints --
In Practice
Industrial Internet Consortium
Security Webinar
February 22, 2017
Terrence Barr, terrence@electricimp.com
Head of Solutions Engineering
33. Thank you!
33
Things are coming together.
Community. Collaboration. Convergence.
www.iiconsortium.org
Additional Resources available as attachments
• Industrial Internet Security Framework Document
• White Paper: Business Viewpoint of Securing the Industrial Internet
• Upcoming Monthly Webinars on IIC BrightTALK channel:
• March 2017 – Enabling & Securing the Smart Factory
• April 2017 Preview of IIC/I4.0 at Hannover Messe