Demystifying Industrial Security

Swissbit - Wibu-Systems Webinar "Demystifying Industrial Security" 1

CodeMeter Security with integrated Industrial Flash Memory

Oliver WinzenriedCEO WIBU-SYSTEMS AG

[email protected]

DemystifyingIndustrial Security

Speaker 2Speaker 3

October 7, 2015


Connected World

October 7, 2015


Changes in IoT and Industrie 4.0, …

October 7, 2015

Stand-Alone Devices Fixed Features One-Time Business

Product, Upgrades, Service, Spare parts/consumables, replacement

Only Repair / Maintenance

Individual Hardware

TomorrowToday

Connected Devices Upgradable Features (App Store) Recurring Revenues

Pay-Per-Use, Pre-Paid, Post-Paid

New Business Models Shorter Time-to-Market, Cloud

Standard Platforms (HW & SW)


Challenges

October 7, 2015


Security versus Safety

October 7, 2015

Safety Protection of humans or environment against risks that come from a (known) technical system

IT SecurityProtection of a technical system against attacks (unknown) and disruption caused by environment or humans

Human / Environment

Technical SystemTechnical System

Human / Environment


Challenge: Security Threats Today

October 7, 2015

Manipulation & Tampering Espionage: Industrial and NSA, Prism, Tempora, … Cyber-Attacks: Stuxnet, Duqu, Flame, … (German TV, January 2015)


Challenge: Piracy Problem – Latest Studies

October 7, 2015

German Engineering Federation (VDMA) 2014: 7.9 Billion € piracy losses 9 of 10 companies affected 71% affected by piracy 51% affected by counterfeiting

of complete machines

JMF-Study: Japan losses 1.8 times higher BSA-Study: Losses 63 Billion US$, globally 42%

2003 2006 2007 2008 2010 2012 2014

50%

66% 67% 68%62%

67% 71%

N=337

Is your company

affected

by product or brand

piracy?Yes:

71%

No:29%


Opportunities

October 7, 2015

Protection against:

IP Theft Hacking Tampering

Licensing:

License ModelsBusiness ModelsLicense ManagementLicense Deployment


Why CodeMeter with Flash Memory?

Security and memory in ONE Device Retrofitting in Brownfield Cost, Space, Power, … benefits Highest Reliability & Quality Excellent components and

Partnerships:

October 7, 2015


Solutions

Working Principles

October 7, 2015

Wibu-Systems Solutions & Process

Products & Use Cases


Technical Solutions

October 7, 2015

Know-how Protection -> using data and program code encryption IP in software, source code, algorithms IP in embedded systems, PLCs, devices, IoT, data, documents, …

Software and Product Protection -> encryption & unclonable crypto keys Counterfeiting reduction, prevention of unauthorized use (active and passive)

Flexible Licensing -> using encryption and business process integration New business models simplify logistics and monetize software

Tamper Protection -> using digital signature Prevention of manipulation – Cyber-Security – IoT, Industrie 4.0


Requirements in Industrial Applications

Highest Security for IP and tamper protection: Users are not the attackers but organized crime, terrorism, competition

Use of secure elements for industrial interfaces and environments

Flexible Storage for multiple licenses Multiple (device) options and features

Different stake holders and rights owners, i.e. automation or machine supplier, user

Communication Security: Cyber Security Certificates for OPC UA

Retrofitting

October 7, 2015


Wibu-Systems Technologies and Solutions

October 7, 2015

Software Integration

Back Office Integration

Protection Suite: Ax/Ex/Ix-Protector

CodeMeter License Central

CodeMeter®

Secure Key Storage (Hardware / Software)

De-/Encryption (AES, ECC, RSA)

Flexible License Models

Software Integration Automatic Code Protection / API

Secure Boot / OPC UA

Back Office Integration Key and certificate deployment

License deployment

License administration


Integrate Once – Deliver Many

October 7, 2015

Integration into processes

Delivery to the userIntegration into software

Software SoftwareCodeMeter

Protection Suite

Integrate Once Deliver Many

CodeMeter LicenseCentral

LL L L

ERP/CRM

e-commerce

CodeMeter LicenseCentral

Software

License Portal


CmDongle: Storage for Licenses and Keys with highest Security

October 7, 2015

CmCards and CmSticks using: CC EAL 4+/5+ certified security controller

CC EAL 4+/5+ certified crypto libraries

Extended temperature option

Market proven CodeMeter firmware

Combination with flash memory

Hyperstone flash memory controller (S6/8, F4, A2)

Fixed BOM, PCN, long term availability

Swissbit Qualification and Production


CmDongle: Combination of CodeMeter Security and flash memory disk

October 7, 2015

CmCards and CmStick/M open up new use cases: Mobile applications (service, forensic, tax, education, industrial, …)

Delivery media for large data (maps, service documents, databases, …)

Secure storage of log data

Use of CmStick/M with HID (no MSD, no BadUSB risk)

Secure Boot of embedded systems, PLCs, IoT applications

Retrofitting in brownfield

Customization: data duplication, key management, OEM label and package, …


CmDongle – Highest Security Level with integrated Smart Card Chip

CmStick/M Industrial and Commercial

CdRom, CmPublic, CmPrivate, CmSecure

Supports HID communication (CmSecure)

Encrypted storage, secure update (no BadUSB risk)

CmStick/MI 1011-0x-2xx -> Industrial

128 MB…8 GB SLC flash memory, -40°C…+85°C

CmStick/MC 1011-0x-4xx -> Commercial

8 GB…64 GB high-end 2-Bit-eMMC flash memory

October 7, 2015


Security with Industrial Flash compared with consumer products

October 7, 2015


Applications

Banking & Retail

October 7, 2015

Medical & IoT

Industrial Automation and CPS


Banking and Retail: Wincor-Nixdorf

October 7, 2015

Introduction 2009

CrypTA-User worldwide

Central administration and helpdesk using Global Customer Care Center

Fulfills requirements from PCI DSS

Increase of service efficiency through standardized processes


Mobile Forensic Software: Guidance

Guidance Mobile Applications Secure Logging Multi-partition

October 7, 2015


Medical (customed, Sirona, …)

Anti Counterfeiting Licensing Pay Per Use Tamper Protection

(FDA, MPG)

October 7, 2015


Gaming

Features: Secure Boot from CmCard/CF IP Protection for game software Tamper Protection for configuration

October 7, 2015


Industrial Automation

October 7, 2015

CODESYS Boot Project Protection

CodeMeter API

Source Code Protection

Bernecker + Rainer Technology Guard

Rockwell Source Protection

CSPP


1989...2015: More than 25 years in Business

October 7, 2015

Founded in 1989 By Oliver Winzenried and Marcellus Buchheit Headquarters in Germany (Karlsruhe) Focus on Protection, Licensing and Security Technological leader with international patents ISO 9001:2008 certified

WIBU-SYSTEMS worldwide Subsidiaries in Seattle, USA – Shanghai and Beijing, China – Belgium

– France – Ireland – Netherlands – Portugal – Spain – UK Exclusive distribution partners in Japan – Korea – Russia and many

more countries Top 2 vendor in hardware-based protection Top 3 vendor in software licensing Global Awards

WIBU-SYSTEMS AG

26

1989...2015: Cooperations and Memberships

Developer Programs

R&D Projects

Organizations

Standardization

26October 7, 2015 Swissbit - Wibu-Systems Webinar "Demystifying Industrial Security"


1989...2015: Customers and Partners

October 7, 2015


Summary: CodeMeter & Flash Memory in One Device is…

…perfect for IoT-Devices, Cyber Physical Systems & Embedded Systems …space, power and component saving for minimal Total Cost of Ownership …reliable and long-term available …fitting for the use in the brownfield …optimal for tampering protection and IP protection of software and data …ideal for the implementation of new business models

October 7, 2015

Deutschland: +49-721-931720

USA: +1-425-7756900

China: +86-21-55661790

http://www.wibu.com

[email protected]

Deutschland: +49-721-931720

USA: +1-425-7756900

China: +86-21-55661790

http://www.wibu.com

[email protected] - Wibu-Systems Webinar "Demystifying Industrial Security"

Thank you!Questions? Next Steps? Contact us

October 7, 2015

Date post:	16-Jan-2017
Category:	Engineering
Upload:	team-wibu
View:	173 times
Download:	0 times