Wibu-Systems Blog

There can be no digital sovereignty without security, but what is the correct approach to building that security?

The perceived benefits of smart devices, systems, and entire factories are gaining momentum in the Industrial IoT world.

The IIoT Trustworthiness Framework Foundations doc explains key concepts and benefits of trustworthiness in industry.

As any downtime in smart factory processes translates into financial loss, data networks play a central role.

The ability to scale IT infrastructure and systems is critical for any size business. Is security scalable as well?

Subscriptions and consumption-based licensing models have overtaken traditional perpetual licensing as the new normal.

Pros, cons, and key considerations for integrating a licensing system into a Greenfield software development.

With the digitalization of industry and the networking of the IoT, the opportunities for cyber-attacks increase exponentially.

Brownfield development approaches: Pros, cons, and key insights for license management integration.

IT security has finally found its niche in the rundown of the global coolest Internet of Things companies of this year.

The benefits of cloud licensing include high availability, flexibility, scalability, management automation, and lower costs.

Virtualization adds another layer of challenge to ISVs for software protection and license management alike.

ISVs are transitioning to deliver SaaS solutions instead of traditional on-premise software apps, but the road is far from easy.

A collection of bold predictions from market analysts and industry experts on the next "big thing" in the IT/OT convergence process.

The new CodeMeter 7.20 supports M1-based devices, the next macOS generation, Big Sur, as well as the familiar Intel-based Macs.

A host of public frameworks and best practices is available to guide secure development efforts of digital transformation projects.

The current talent pool of cybersecurity experts and experienced software developers is insufficient to meet the demand.

Data and network security threats to ICS have severe consequences for nation-states and supply chains.

When licenses break, best practices recommend to trust your customers and blacklist the associated containers.

How acute is the threat posed by quantum computing to existing cryptographic methods and critical systems?

The flexibility to offer licensing models tailored more closely to customers business needs and preferences is critical.

In their latest white paper, the IIC has captured the many challenges and technological hurdles that accompany the DX journey.

IP cyber theft has remained in the shadows, while media mainly covered the theft of personally identifiable information.

Subscription-based business have fared the best in weathering the near-catastrophic economic storm during the COVID-19 crisis.

Home-based workers operating beyond the safeguards of their corporate IT infrastructure are an easier target for cybercriminals.

Technology is inherently empowering. Should then access to technology be controlled and who is controlling the controllers?

Medium-long term trends that will be impacted by COVID-19 across technology, business, operations, investment, and macroeconomics.

When Freedom is more than just a theory and opens up new business growth and customer service opportunities.

Many companies and employees are seeing the advantages of a remote workforce, but what does this shift entail in the long term?

A powerful license management system is the key to stay competitive in the global market and fully monetize software.

Product piracy has reached an all-time high of 74% among German companies in the mechanical and plant engineering industry.

Exploring four key security areas to harden the shopfloor and run an efficient and profitable Industry 4.0 operation.

Our personal contribution in these trying times: a free license container that lives in the cloud to support all home office workers.

What does it take to achieve trustworthy software that produces predictable business and operational outcomes in the IIoT?

The use of 3D printing technology and the move to outsourcing are creating an environment for unintended consequences.

Exploring the main differences between protecting a desktop application and a Windows service or a server application.

During the COVID-19 crisis, our Business Continuity Plan is mitigating threats to public health and maintaining business ops.

A secure approach to cloud licensing is our contribution to the cloud technologies propelling the digital transformation.

IoT devices have long passed through the early adopter phase, but have security measures kept up the pace?

How to mitigate risks and take the necessary steps to securely and regularly perform updates that reduce cyberthreats.

2020: the pivotal year for ubiquitous connectivity and digitalization and for 20 bn. exploitable points of entry.

The U.S. government has recently taken action and passed three pieces of legislation aimed at promoting safe IoT growth.

The rise of digital twins increases the number of software vulnerabilities, risk of IP theft, and exposure of critical processes.

Software runs the world and as such should be considered critical infrastructure. A lack of software security is a national threat.

As new software based technologies, products, and applications emerge, a flexible and secure licensing platform is a must

AI research is largely focused on augmenting and improving the practice of radiology and, consequently, patient care.

With cloud licensing, users can access their software licenses wherever, whenever, and however they need them.

With the shift from hardware towards software enabled technologies, IP protection is paramount in the IIoT.

Encouraging manufacturers to ensure they ship their devices in a secure state is the key objective of the UK government.

Nearly 80% of industry professionals regard the growing interconnectedness of OT and IT as a cybersecurity challenge.

The U.S. software market grew twice as fast as the overall economy supporting 1 in every 10 jobs and will rise even further.

Embracing the shift in customer preferences led by Industry 4.0 and radically transforming the entire business strategy.

The software licensing tools must be readily adaptable to the new purchasing and delivery models of the connected age.

AI, IoT, and predictive analytics are transforming the healthcare sector and shifting the focus from products to services.

In its latest publication, the NIST addresses the many cybersecurity risks inherent in IoT device manufacturing.

What are the challenges, risks, and benefits of AI as it enhances efficiency, reliability, and effectiveness of IIoT processes?

Is the "right-to-repair" concept an essential service for customers or a violation of manufacturers' intellectual property?

Only the enhancement of Industry 4.0 cybersecurity will lay a solid foundation for future security technology developments.

A novel license-based protection solution that far surpasses the password authentication still typical of modern PACs..

Preventing embedded systems vulnerabilities related to physical access, lack of monitoring, and software updates.

The approach to software security should be flexible, adaptable, outcome-focused, risk-based, cost-effective, and repeatable.

A critical shift in focus onto digital security solutions is required for the expanding digital footprint of the healthcare landscape.

Digitalization places high demands on security technology and leads to far-reaching changes in production facilities.

Given the significant impact of the software industry, it is critical to create new policies that generate economic opportunity.

Whether your decision is driven by technology or market reasons, the migration to CodeMeter is smoother than you may think.

The U.S. Congress introduced legislation to address the cybersecurity concerns related to IoT devices.

Using CmDongles as oracles with an Hyperledger Blockchain in the context of 3D printing applied to a healthcare environment.

One of the most frequent questions asked in developer communities is when to use .NET framework and when to use .NET Core.

The actors behind the SecUnity Cybersecurity Roadmap agree that effective security and privacy measures require a systematic and holistic approach.

What are the collateral damages of a severe cyberattack for economy, healthcare system, water supply, electricity or transportation?

The IoT Security Standards Gap Analysis from ENISA maps existing IoT standards against requirements on security and privacy.

In this new era, subscription experiences are built around services that meet consumers’ needs better than static, out-of-the-box offerings.

It is time to create a separate engineering discipline designed to cover the specific CPS and IoT knowledge.

Secure hardware-based license dongles remain the platform of choice for the ultimate in software protection against unauthorized usage or illegal tampering.

Recent reports in the U.S. indicate that military weapons and security systems offer the same vulnerabilities found in key infrastructure

The Trustworthy System Status Model helps designers plan a system that proactively prevent damaged, disastrous or permanently lost system status.

The next frontier in DLTs is developing reliable interactions between events and data pushed into a distributed ledger and the physical world.

A never-ending discussion between law enforcement and their ability to obtain useful crime evidence and the need for personal data to be protected.

Trustworthiness is the degree of confidence that the IIoT system performs as expected in terms of safety, security, privacy, reliability, and resilience.

The report by RUSI showed that nearly half of the manufacturers and companies do not have the right tools to estimate potential cyber risk.

With modern software applications being a combination of public software libraries and custom code, software supply chain security risks are on the rise.

Endpoints are ubiquitous across the IIoT landscape and the 2018 SANS IIoT Survey reveals that IIoT endpoint security is the leading concern.

"Bricking" in software license management translates into the ability to lock down a license if an appropriate or illegal use of the software is detected.

The speed in which development teams are releasing new software is making it difficult for the security operations team to keep up.

The Dynamic Monetization model proposes to move the payment for industrial systems from upfront to the time of usage with revolutionary consequences.

Alarming insights and compelling guidelines in the 2018 BSA global survey: Software Management: Security Imperative, Business Opportunity.

With national elections soon coming up in the U.S., the mere thought of further interference with the democratic process is raising deep concerns.

Embedded software engineers of the future will have a very different skillset from their predecessors - Where does the software security skillset fit?

VDMA Product Piracy Study 2018 indicates that, while the overall scale of damage remains unchanged, damages have worsened in the last two years.

When choosing the right system software for medical devices, secure communications, multi-CdPU design, modularity and scalability are key.

Product liability in the cyberworld opens up a whole new area of litigation, as the ISV becomes also responsible of software exploitation for malicious intent.

The U.S. points to China for rampant IP theft, which they believe has significantly weakened U.S. companies’ position in the global market.

Only 3% of the executives surveyed expressed that they were not challenged by the adoption of  new technologies inherent with the IoT.

We support BSA US 2018 Policy Agenda in developing international consensus on cybersecurity best practices and leveraging innovative solutions.

Modern software monetization ensures customers use the services they pay for while taking advantage of cloud adoption and real-time analytics tools.

The best integrity protection solutions are based on cryptography and the associated use of digital signatures and authentication.

Medical device manufacturers can leverage software licensing to unlock unique business models that generate new revenue streams.

Since the IP of today’s of most medical equipment is encapsulated in embedded software, the industry is ripe for attack.

CodeMeter products are not affected by Meltdown and Spectre, even if a would-be attacker should manage to access the application memory.

Established due diligence best practices provide a roadmap to ensure a successful migration to a modern, flexible and robust licensing system.

The pay-per-use model is widely embraced by consumers, has tangible benefits for ISVs and embedded system developers, and is industry-agnostic.

Cybercrime will cost up to $6 trillion by 2021 - nearly half of today’s US GDP and more profitable than the global trade of all major illegal drugs combined.

The next generation of software monetization is about enabling business models that provide additional opportunity for monetization to drive growth.

Do we all share a common understanding of IIoT terms? Most likely not, and that’s why the IIC continues to update its IIoT Vocabulary Report.

Will this legislation remedy the market failure that has occurred and encourage device manufacturers to compete on the security of their IoT products?

Unlike the often used obfuscation approach, Blurry Box cryptography offers software protection that is completely based on publicly available methods.

A cloud-based licensing and software protection service with private Blockchain to address non-repudiable logging is under investigation.

Modern usage-based licensing is trending in the software monetization market as customers gain say in how they want to consume their software.

In today’s age of the IoT, true offline computers are a relic of a bygone age. Go for proxy strategies or securely controlled outbound connections.

Software issues can have a dramatic impact on industrial processes, bringing an entire production line to a halt and affecting bottom-line profits.

To demonstrate the validity and strength of Blurry Box, its novel encryption mechanism, Wibu-Systems has launched a global hackers' contest.

Under the cloud of increasing cybersecurity threats, it is clear that a security by design approach is a necessity for any embedded system.

Most content is created, stored, and transmitted digitally. Left unprotected, it can be distributed electronically to millions of people in just seconds.

Fritz Stephan structured a scalable licensing model where they can remotely activate features on-demand and create new post-sales revenues.

“The system should not require secrecy and it must not be a problem if it falls into enemy hands.”

The Smart Factory is driven by real-time interactions of people, machines, assets, systems, and things that collectively enable self-governed processes.

Much has been written lately about IIoT endpoints and their many potential security vulnerabilities.

In the past decade, the Internet has dramatically changed the way software and the corresponding licenses are delivered.

The push for some form of liability for vendors who sell faulty or insecure software has been the subject of debate for many years with little or no clear agreement on its legality or how to enforce it.

The US FDA recently published new recommendations for both manufacturers and regulators to address medical device cybersecurity.

With just a few shopping days left before Christmas, the retail frenzy is at its height.

Industrie 4.0, a.k.a. the fourth industrial revolution, is representative of the global strategic initiative to revolutionize industry by integrating digital automation, interoperability and advanced data exchange into manufacturing technologies.

Software entrepreneurs who are developing their first time application have the luxury of building-in their software licensing and protection solution from the outset.

An attack to an Industrial Internet of Things (IIoT) system typically starts with an attack on one or more endpoints.

A flexible software license management system is critical for enabling ISVs to keep pace with end user expectations, not only in the way the software is licensed, but also in the manner by which end users can manage licenses internally once purchased. 

The vulnerability of Internet-enabled endpoints in the Industrial Internet of Things (IIoT) is a critical security concern.

The tone of the many well-meaning discussions about the Industrial Internet of Things (IIoT) varies widely from one viewpoint of unbridled optimism about the seemingly endless possibilities to another filled with apocalyptic doom and gloom about the safety of the planet and everyone on it.

The more that is written about the Internet of Things and its myriad of potential game changing applications, it seems that the terms “IIoT” and “disruption” become more closely aligned. 

More than 81% of organizations believe successful adoption of the Industrial Internet of Things (IIoT) is critical to their future success, yet ironically, only 25% of these organizations have a clear IIoT strategy in place and only 24% of those organizations are happy with its execution.

Whether you are a total believer or not, it looks like the shift from perpetual software licensing to the software subscription model is here to stay.

Software licensing and monetization continue to be critical factors in a successful deployment for ISVs, particularly as the IoT and embedded systems market evolves and end user licensing preferences change.

Late last year, the World Economic Forum’s Global Agenda Council on the Future of Software & Society issued a very interesting report on Deep Shift: 21 Ways Software Will Transform Global Society.

The Trusted Computing Group (TCG) is a not-for-profit organization formed to develop, define and promote open, vendor-neutral, global industry standards, supportive of a hardware- based root of trusted computing platforms.

It was difficult to avoid the barrage of headlines coming out of the last week’s annual RSA Conference, the purported largest annual gathering of security professionals in the world.

When I recently watched a report about Tofaş, with its impressive one-million square meter operation and its leading position in the Fiat-Chrysler world in terms of World Class Manufacturing (WCM), I seriously wondered what else Smart Factories could offer in the near future. 

This past summer, the Trusted Computing Group (TCG) published an interesting document entitled, Architect’s Guide: IoT Security.

Security and the IoT are terms becoming intrinsically linked in the grand discussion of connected devices and their envisioned applications in virtually every aspect of our ecosystem, whether it be consumer wearables, medical devices, or industrial systems.

Many software developers have turned to the free trial business model to market their enterprise software – simply put, offer free software for a timed period and hope the end user performs a thorough evaluation and sees enough value to warrant a purchase of the software after the trial expires.

The close of a year and the anticipation of what’s to come in the New Year always brings about some interesting reviews of the past 12 months and predictions for the future by industry analysts, company executives and the trade press.

IDC recently released their annual top 10 software licensing and pricing predictions for 2016 and I think they are right on target based upon feedback from organizations who are using our CodeMeter secure licensing platform.

There were some interesting findings released in a global study this past June conducted by Harbor Research (in conjunction with Progress Software) on the State of IoT: 2015 Global Developer Study.

Endpoint Security for a rail system: another Industrial internet system success story.

The Industrial Internet Consortium held an interesting TweetChat last week in preparation for their Security event held on Tuesday, November 4 in NYC.

The SD Association recently celebrated the 10th anniversary of the microSD™ Card.

The intellectual property gained during the development of an ISV’s flagship software product most likely represents an investment in hundreds and hundreds of man hours. 

Whether it be Stuxnet or an iPhone virus, it is people who are the cause for trouble.

We’ve all seen the disturbing software piracy statistics released by BSA | The Software Alliance in their Global Software Survey.

The Deloitte Centre for Health Solutions paints an interesting picture of the healthcare and life science sectors in their report, Healthcare and Life Sciences Predictions 2020 – a bold future?

It has been several years since Kevin Ashton introduced the concept of the Internet of Things, based on RFID and sensor technology that enable computers to observe, identify and understand the world—without the limitations of human-entered data.

The Industrial Internet Consortium (IIC) recently released the first version of a document entitled "Industrial Internet Reference Architecture Technical Report".

Aside from the widespread attention and hype surrounding the prolific growth expectations of the Internet of Things (IoT), industry focus has been on potential (IoT) device vulnerabilities and cybersecurity.

A recent report released by the Economist Intelligence Unit entitled Long-term Macroeconomic Forecasts: Key trends to 2050 highlighted some of the emerging economic issues expected to shape global business in the coming decades.

Attackers — in ever greater numbers and with increasing sophistication — see, in the growing promise of our tech-connected world, opportunities to steal or cause major disruption or destruction by exploiting vulnerabilities.

Software for embedded systems is based more and more on open system platforms – Linux Embedded, VxWorks, Windows Embedded, QNX and many others.

If you have decided to integrate a 3rd party licensing solution for your software application, you’ve made the right choice.

With today’s cloud or virtual solutions, there are many available license management options to evaluate and even more questions to consider – What about security? Service levels? Architecture? Server location? Support? Cost and fees?

I recently read an interesting article in Engineering and Technology Magazine, entitled ‘Immature’ Internet of Things Hackable with Primitive Methods.

ISVs today must address many questions in your product development and delivery strategies as the software licensing landscape has become increasingly complex.

Former U.S. Vice President Dick Cheney acknowledged that he once feared that terrorists could use the electrical device that had been implanted near his heart to kill him and had his doctor disable its wireless function.

The U.S. Federal Trade Commission recently released an in-depth report entitled, The Internet of Things: Privacy & Security in a Connected World, which included a long list of considerations and recommendations on how manufacturers should secure IoT devices.

During the early 2000's, there was much skepticism about the value and viability of virtualization.

Software for embedded systems is based more and more on open system platforms, such as Linux Embedded, VxWorks, Windows Embedded, QNX and many others.

By now, many of you have heard about the "BadUSB" exploit, where two security researchers at Security Research Labs demonstrated how they could perpetrate an attack on USB devices.

Faced with an increasingly complicated network environment, made only more complex by the addition of virtualization, cloud services and bring your own devices (BYOD), many of your customers are also struggling to keep track of their software assets, contracts, and entitlements.

Adobe may have raised some eyebrows last year when they announced they were moving their packaged Creative Suite PC software to the cloud, but most industry analysts predicted this day was coming – it was just a matter of how soon.

In their book, Embedded Systems Security, David and Michael Kleidermacher point out some all-to-real scenarios about the consequences of malicious threats to embedded systems.

When describing software protection dongles in a 2007 article appearing in PC Magazine, John C. Dvorak, a well-respected (but self-described curmudgeon) and award winning columnist said, “The dongle was a mostly failed copy-protection device that came into existence in the 1980s. It was also a point of controversy…”

We’ve been hearing the term "software monetization" bandied about. What does it mean?

We talk a lot about copy protection in this space but what I want to focus on today is what is meant by the phrase "secure software licensing."

The big news for crypto-wonks this week is that an international group of researchers has cracked a portion of RSA encryption.

Thomas Friedman argues in his classic work that modern telecommunications makes global trade and competition a simple fact of modern life.

There are plenty of reasons to use a software protection dongle even when you're running an embedded system.

Hackers are out there. So you can't take for granted--now or ever--that it won't happen to you.

Anytime you add a 3rd party component into your overall product stack you need to be thoughtful before you decide.