November 2016
56
I
nternet
-
of
-t
hIngs
IoT requirements for embedded system
protection, licensing, and security
By Oliver Winzenried,
WIBU
More and more functions of IoT
devices and machines are realized
with software executed in embed-
ded systems. This article introduces
CodeMeter, a scalable solution that
secures and monetizes any type of
IoT software running on computers,
embedded systems, and even small
microcontrollers.
n
The Industrial Internet business has ignited
a technological revolution and an economic
renaissance that are advancing at an unprec-
edented pace. When the McKinsey Global
Institute mapped out the real value beyond
the hype, they estimated that the IoT has a
total potential economic impact of USD 3.9 to
11.1 trillion a year. From a less visionary and
more analytical approach, Ernst & Young has
come to an additional observation: a combi-
nation of digital disruption and slow organic
growth has propelled the global Tech M&A
to a record second quarter in 2016, with deals
worth more than USD 1 billion.
Analysts of Gartner Inc. estimate that 4.9 bil-
lion connected devices were in use at the end
of 2015, which is 30 percent more than 2014.
Five years from now, this is expected to rise to
25 billion devices. By then, the same analysts
expect 10 billion connected devices (exclud-
ing PCs, smart phones and tablets) will ship
each year.
These devices require protection against
counterfeiting and product piracy, either in
the form of simple 1:1 reproduction or, more
specifically, in the form of reverse engineering,
which remains the number one threat accord-
ing to surveys done by the German Engineer-
ing Federation VDMA. Furthermore, secure
licensing enables manufacturers to configure
the features that can be executed individually
per user. With simplified logistics, a larger
number of devices with identical design can
be produced; the units are then customized
as the last manufacturing step, possibly even
at the user side. By using standard hardware
and software platforms, the time to market
and development resources can be reduced.
By the same token, new business models
can also be introduced, such as pay-per-use
or subscription models that create recurring
revenue streams for device makers, instead
of simple one-time sales. With a form of app
store, additional features can be offered and
more after-sales business can be created, as
is already done with consumer smart phones.
Additionally, security is getting top priority, as
increasing connectivity is increasing the risk
of attacks. Secure firmware updates, secure
identities, and key storage are required for the
protection of code, parameters, and data.
While protection solutions for applications
running on standard computers have been in
the market for almost three decades, the dif-
ferent nature of embedded systems requires
a different approach. They are using a variety
of embedded and real-time operating sys-
tems, they are often limited in terms of system
resources like RAM and storage space, and
they are using different low-power CPU plat-
forms, like ARM, PPC, or X86.
CodeMeter is the universal technology for
software publishers and intelligent device
manufacturers, upon which all other solu-
tions from Wibu-Systems are built. It offers
protection, licensing, and security capabili-
ties. It needs to be integrated into established
software or business workflows at a single
point in time only. Applications and librar-
ies can be encrypted and signed with Protec-
tion Suite. In addition, CodeMeter offers an
API for custom integration, and CodeMeter
License Central can be connected to existing
ERP, CRM, and e-commerce systems. Once
integrated, manufacturers can create licenses
automatically and deploy them seamlessly to
connected target systems or distribute them
via a separate license portal. Essentially, each
user or device receives the same software, but
a different license that entitles them to use the
product in a tailor-made way for their needs.
CodeMeter offers maximum flexibility in
how licenses are stored. CmActLicense stores
licenses in an encrypted and signed file,
bound to a fingerprint of the target system
or to any type of secure element like TPM or
technologies like Intel SGX or ARM Trust-
zone. CmDongles store licenses in a highly
secure fashion in a smart card chip. The secret
keys never leavethis chip. These CmDongles
are available in a chip size package with SPI
and USB interface, as USB devices, microSD
Figure 1. CodeMeter ASIC in
VQFN-32 package with USB
and SPI interface and exten-
ded temperature range from
-40°C…+105°C with integrated
smart card chip and full Code-
Meter functionality
