Demystifying Industrial Security

CodeMeter Security with
integrated Industrial Flash Memory
Oliver Winzenried
CEO WIBU-SYSTEMS AG
oliver.winzenried@wibu.com
Demystifying
Industrial Security
October 7, 2015 Swissbit - Wibu-Systems Webinar "Demystifying Industrial Security" 1

Connected World

Changes in IoT and Industrie 4.0, …
October 7, 2015 Swissbit - Wibu-Systems Webinar "Demystifying Industrial Security"
 Stand-Alone Devices
 Fixed Features
 One-Time Business
 Product, Upgrades, Service, Spare
parts/consumables, replacement
 Only Repair / Maintenance
 Individual Hardware
TomorrowToday
 Connected Devices
 Upgradable Features (App Store)
 Recurring Revenues
 Pay-Per-Use, Pre-Paid, Post-Paid
 New Business Models
 Shorter Time-to-Market, Cloud
 Standard Platforms (HW & SW)
3

Challenges

Security versus Safety
 Safety
Protection of humans or environment
against risks that come from a (known)
technical system
 IT Security
Protection of a technical system against
attacks (unknown) and disruption
caused by environment or humans
Human / Environment
Technical System
Technical System
Human / Environment
5

Challenge: Security Threats Today
 Manipulation & Tampering
 Espionage: Industrial and NSA, Prism, Tempora, …
 Cyber-Attacks: Stuxnet, Duqu, Flame, … (German TV, January 2015)
6

Challenge: Piracy Problem – Latest Studies
 German Engineering Federation (VDMA) 2014:
 7.9 Billion € piracy losses
 9 of 10 companies affected
 71% affected by piracy
 51% affected by counterfeiting
of complete machines
 JMF-Study: Japan losses 1.8 times higher
 BSA-Study: Losses 63 Billion US$, globally 42%
50%
66% 67% 68%
62%
67% 71%
2003 2006 2007 2008 2010 2012 2014
N=337
Is your company
affected
by product or brand
piracy?
Yes:
71%
No:
29%
7

Opportunities
Protection
against:
IP Theft
Hacking
Tampering
Licensing:
License Models
Business Models
License Management
License Deployment
8

Why CodeMeter with Flash Memory?
 Security and memory in ONE Device
 Retrofitting in Brownfield
 Cost, Space, Power, … benefits
 Highest Reliability & Quality
 Excellent components and
Partnerships:

Solutions
Working Principles
Wibu-Systems Solutions & Process
Products & Use Cases
10

Technical Solutions
 Know-how Protection -> using data and program code encryption
 IP in software, source code, algorithms
 IP in embedded systems, PLCs, devices, IoT, data, documents, …
 Software and Product Protection -> encryption & unclonable crypto keys
 Counterfeiting reduction, prevention of unauthorized use (active and passive)
 Flexible Licensing -> using encryption and business process integration
 New business models simplify logistics and monetize software
 Tamper Protection -> using digital signature
 Prevention of manipulation – Cyber-Security – IoT, Industrie 4.0
11

Requirements in Industrial Applications
 Highest Security for IP and tamper protection:
 Users are not the attackers but organized crime, terrorism, competition
 Use of secure elements for industrial interfaces and environments
 Flexible Storage for multiple licenses
 Multiple (device) options and features
 Different stake holders and rights owners, i.e. automation or machine supplier, user
 Communication Security: Cyber Security
 Certificates for OPC UA
 Retrofitting

Wibu-Systems Technologies and Solutions
Software Integration
Back Office Integration
Protection Suite: Ax/Ex/Ix-Protector
CodeMeter License Central
 CodeMeter®
 Secure Key Storage (Hardware / Software)
 De-/Encryption (AES, ECC, RSA)
 Flexible License Models
 Software Integration
 Automatic Code Protection / API
 Secure Boot / OPC UA
 Back Office Integration
 Key and certificate deployment
 License deployment
 License administration

Integrate Once – Deliver Many
Integration into processes
Delivery to the userIntegration into software
Software Software
CodeMeter
Protection Suite
Integrate Once Deliver Many
CodeMeter
License
Central
LL L L
ERP/CRM
e-commerce
CodeMeter
License
Central
Software
License Portal

CmDongle: Storage for Licenses and Keys with highest Security
 CmCards and CmSticks using:
 CC EAL 4+/5+ certified security controller
 CC EAL 4+/5+ certified crypto libraries
 Extended temperature option
 Market proven CodeMeter firmware
 Combination with flash memory
 Hyperstone flash memory controller
(S6/8, F4, A2)
 Fixed BOM, PCN, long term availability
 Swissbit Qualification and Production
15

CmDongle: Combination of CodeMeter Security and flash memory disk
 CmCards and CmStick/M open up new use cases:
 Mobile applications (service, forensic, tax, education, industrial, …)
 Delivery media for large data (maps, service documents, databases, …)
 Secure storage of log data
 Use of CmStick/M with HID (no MSD, no BadUSB risk)
 Secure Boot of embedded systems, PLCs, IoT applications
 Retrofitting in brownfield
 Customization: data duplication, key management, OEM label and package, …
16

CmDongle – Highest Security Level with integrated Smart Card Chip
 CmStick/M Industrial and Commercial
 CdRom, CmPublic, CmPrivate, CmSecure
 Supports HID communication (CmSecure)
 Encrypted storage, secure update (no BadUSB risk)
 CmStick/MI 1011-0x-2xx -> Industrial
 128 MB…8 GB SLC flash memory, -40°C…+85°C
 CmStick/MC 1011-0x-4xx -> Commercial
 8 GB…64 GB high-end 2-Bit-eMMC flash memory

Security with Industrial Flash compared with consumer products

Applications
Banking & Retail
Medical & IoT
Industrial Automation and CPS

Banking and Retail: Wincor-Nixdorf
 Introduction 2009
 CrypTA-User worldwide
 Central administration and
helpdesk using Global
Customer Care Center
 Fulfills requirements
from PCI DSS
 Increase of
service efficiency through
standardized processes

Mobile Forensic Software: Guidance
Guidance
 Mobile Applications
 Secure Logging
 Multi-partition

Medical (customed, Sirona, …)
 Anti Counterfeiting
 Licensing
 Pay Per Use
 Tamper Protection
(FDA, MPG)

Gaming
Features:
 Secure Boot from CmCard/CF
 IP Protection for game software
 Tamper Protection for configuration

Industrial Automation
 CODESYS
 Boot Project Protection
 CodeMeter API
 Source Code Protection
 Bernecker + Rainer
 Technology Guard
 Rockwell
 Source Protection
CSPP
24

1989...2015: More than 25 years in Business
 Founded in 1989
 By Oliver Winzenried and Marcellus Buchheit
 Headquarters in Germany (Karlsruhe)
 Focus on Protection, Licensing and Security
 Technological leader with international patents
 ISO 9001:2008 certified
WIBU-SYSTEMS worldwide
 Subsidiaries in Seattle, USA – Shanghai and Beijing, China – Belgium
– France – Ireland – Netherlands – Portugal – Spain – UK
 Exclusive distribution partners in Japan – Korea – Russia and many
more countries
 Top 2 vendor in hardware-based protection
 Top 3 vendor in software licensing
 Global Awards
WIBU-SYSTEMS AG

1989...2015: Cooperations and Memberships
 Developer Programs
 R&D Projects
 Organizations
 Standardization
26October 7, 2015 Swissbit - Wibu-Systems Webinar "Demystifying Industrial Security" 26

1989...2015: Customers and Partners

Summary: CodeMeter & Flash Memory in One Device is…
 …perfect for IoT-Devices, Cyber Physical Systems & Embedded Systems
 …space, power and component saving for minimal Total Cost of Ownership
 …reliable and long-term available
 …fitting for the use in the brownfield
 …optimal for tampering protection and IP protection of software and data
 …ideal for the implementation of new business models

Deutschland: +49-721-931720
USA: +1-425-7756900
China: +86-21-55661790
http://www.wibu.com
info@wibu.com
Deutschland: +49-721-931720
USA: +1-425-7756900
China: +86-21-55661790
http://www.wibu.com
info@wibu.com
Thank you!
Questions? Next Steps? Contact us

Demystifying Industrial Security

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (6)

Similar to Demystifying Industrial Security

Similar to Demystifying Industrial Security (20)

More from team-WIBU

More from team-WIBU (20)

Recently uploaded

Recently uploaded (20)

Demystifying Industrial Security

Editor's Notes