Категории: Protection

CmReady – Three Cheers for Diversity!

A favorite of developers with decades of success in the software industry has truly arrived in the hardware world of modern industry: CodeMeter for software protection and license management. A new partnership with Swissbit and the CmReady label by Wibu-Systems is creating a world of opportunities for engineers in the field.

In Focus: Product security and monetization

Wibu-Systems has been innovating the software and know-how protection landscape and offering flexible monetization solutions for a range of target platforms since the company was founded more than 30 years ago, and it has never ceased to follow its pursuit. What started for software makers only has now become a popular choice for industrial enterprises around the world. Industrial devices like Programmable Logic Controllers (PLCs) are run by the software and firmware on board, and the makers of CodeMeter soon realized that they could transport their protection and licensing know-how to a whole new market by tweaking it for the needs of industrial automation and engineering clients.

On top of pure product security considerations, driven not least by legal requirements (e.g. IEC 62443, Cyber Resilience Act) or the wish to protect one’s know-how in the form of software or data, more and more businesses are interested in how they can monetize product features and create new business models through licenses. Most hardware devices are, in essence, built with the entire feature set on board, but it is left to the end users to decide which of these features is worth paying for and should be activated. They can buy the licenses for individual features when they need them for a specific purpose, creating an attractive aftermarket sales channel.

The advantages of CmDongles

Device makers have a choice of ways to get their licenses rolled out to their users, depending on the use case. Alongside pure software license containers (CmActLicense) that are bound to a specific hardware fingerprint of the target device, or cloud-based licenses (CmCloudLicense), fully hardware-based dongles (CmDongle) remain a popular evergreen choice for industrial device makers in particular. Their key unique selling point (USP), the ability to store cryptographic keys in a secure element physically built into the dongle, goes hand in hand with the great mobility afforded by the licenses, especially when devices need to be serviced. If needed, the device makers can even choose CmDongles with added flash storage for the hat trick: IP protection, monetization, and storage space, all on one medium.

All shapes and sizes

Wibu-Systems was quick to realize these requirements and has long offered a range of CmDongle formats and form factors. Many makers of embedded and IoT devices prefer run-of-the-mill mass storage media like SD or microSD cards, which avoid the need for adding a USB interface or integrating a CmASIC to add CodeMeter functionality right into their devices’ inner workings. The CmCard line was made for them. Whatever the form factor, all options support the complete feature set and all flexible licensing models allowed by CodeMeter.

Bane or boon?

Every upside comes with a downside: Which type (SLC, pSLC, MLC) and which size of flash storage a device maker picks has a major impact on costs, translating directly to higher costs in the device maker’s bill of materials. This can become a dealbreaker for low-end or discount devices in particular. At the same time, the vast range of memory types and sizes means that there is a CmDongle for virtually any requirements in the field, even if this means higher costs for development and qualification. Would it not be better to have a new concept that combines the many advantages of CodeMeter with standard storage cards? It would, and that is why CmReady was born.

The solution: CmReady

The technological wizardry that makes all of this possible is not as complex as one might think: Wibu-Systems’ purely software-based container type, a CmActLicense, is normally bound to a fingerprint of the target device’s hardware properties. Instead, it is now bound to a CmReady-compatible card and stored directly on it. This makes the licenses much more portable, while keeping them as easy to use as ever, since they can be managed with the popular and familiar CodeMeter license management system – no additional implementation required to bind the licenses. Technically, the binding is done by a combination of the hardware‘s Unique ID (UID) with a specially protected incremental counter that prevents replay attacks against the license container. This keeps the binding secure and the licenses mobile, a great advantage when the system requires service. Even in a catastrophic scenario, the card could simply be taken out of the broken device and inserted in its replacement. There is no easier way to move licenses around. Cards that use the CmReady standard are supported by both CodeMeter Runtime and CodeMeter Embedded, making them perfect for any type of use case.

Swissbit supports CmReady

Swissbit, a long-standing partner of Wibu-Systems and specialist for industry-grade storage and security solutions based in Switzerland with operating manufacturing facilities in Berlin, is the first maker using the CmReady standard for its Data Protection Edition (DP) cards. This makes the DP range of industry-grade microSD and SD cards equipped with CodeMeter technology ideal for know-how protection and monetization.

Which containers for which purposes?

The different properties and capabilities of each license container type are visualized in the table. All types support the tried-and-tested CodeMeter protection and licensing functions, which make it easy to introduce versatile licensing schemes like feature-on-demand, pay-per-use, or subscription licenses. The latter is protected against tampering by means of a virtual clock built into the container or, optionally, an actual batterysupported real-time clock fitted on the CmDongle.

For the perfect combination of product security, licensing, and flash storage, CmDongles and CmReady-compatible cards are the way to go. Both options offer great portability for the licenses, with an attractive choice of ardware variants in the case of CmReady cards in particular. In addition to pure software protection, CodeMeter can be used for working with signatures, for encrypting files, or for authentication purposes. CodeMoving alone, the sophisticated ability to run protected code in the safe confines of the container, is exclusive to CmDongles and CmCloud containers.

Three cheers for diversity!

With CmReady, Wibu-Systems has created nothing short of a new global standard for the combination of storage media with software and IP protection as well as CodeMeter-enabled monetization. It allows device makers to pick the optimal storage options from a choice of CmReady-compatible options and lets them benefit from the great diversity of hardware choices and the versatility of CodeMeter’s protection and licensing mechanisms.

 

KEYnote 46 – Edition Fall/Winter 2023

To top