Categories: Protection

Software protection: An integral part of the process

Software development is a time consuming and costly business for a software vendor. The end product often contains extensive specialist knowledge which must be protected. Each year piracy, reverse engineering and manipulation cost the worldwide software industry billions of dollars in lost revenue. Integrating software protection early on into the existing software development process has a two-fold benefit.

Software protection is essential

These days professional software development is a well-defined process which, on the one hand, requires all functions to be defined with their input/output parameters before development begins, and, on the other hand, allows transparent tracking of schedule and budget. It is irrelevant whether development is based on the classical waterfall model or agile development methods such as SCRUM: early integration of software protection measures always pays off.

Whether the application under development is a custom software, a niche product for a particular sector, a software for the mass ­market, a solution for the cloud or an industrial controller application, besides the time and money spent on its development, the software also contains a large amount of the organization’s intellectual property. If, as a result of piracy or reverse engineering, this knowledge falls into the wrong hands, the organization’s future may be put at risk. Illegal copies are one of the largest causes of revenue loss in the software industry. A recent study carried out by the Business Software Alliance (BSA) in 2012 revealed that 42 per cent of software currently in use is unlicensed.

Integration into the development process

Integration of software protection and license management into the existing software development process inevitably affects every stage of the process. It is therefore advisable to decide your strategy early on or, better still, before starting the project. At this stage the project is at its most flexible and the members are more likely to accept the concepts of software protection. 

Wibu-Systems also offers simple and quick solutions for later phases of the project, including following completion. A few mouse clicks with AxProtector add high level protection to software without making any changes to the source code. The result is a fully encrypted application with protection mechanisms such as anti-debugging, changing keys, intrusion detection and secret locking codes which invalidate the license as soon as an attack is detected. Besides protecting your application, you can also implement a license model to meet your requirements. Here Wibu-Systems’ IxProtector can be used to develop a modular license model which allocates separate licenses to each application module.

A broad diversity of license models is available for your application, ranging from single-user through network licenses, time-limited models, feature on demand to pay per use models. You can combine the models according to your needs, and choose between a hardware dongle (CmStick or CmCard) or 100% software license (CmActLicense) for the license container. The software can be shipped with either or both types of license container which means you can adapt the license model to local market needs. Wibu-Systems is fully committed to the principle of “one solution fits all.”

A major benefit of Wibu-Systems solutions is that no decision needs to be made during development regarding the type of license container (dongle or software license). Following release, product management, for example, can decide the type and scope of the license and revise their decision at a later date without having to modify the software. The result is a simpler development process with more flexibility, lower development costs, and a strict separation of development, software protection and licensing.

The overall process of software encryption and license model specification comprises four simple steps which are illustrated in the diagram below. By using Wibu-Systems solutions, unprotected and unlicensed software is transformed into an application with anti-piracy and reverse engineering protection and a license model. 

Process support

Wibu-Systems provides high performance tools for all four steps. The tools have a corresponding user interface, plus extensive programming interfaces for full integration into the development process environments. For example, a tool may integrated into a build server which automatically compiles and subsequently encrypts newly developed models as part of a specified development process. Pre-defined automatic test scenarios can be subsequently used to test the models.

Summary

Cost-optimized and transparent software ­development requires consistent use of software development processes. It doesn’t make any difference these days if classical or agile methods are used. In both cases, software protection and license management are extremely important aspects which should be addressed at the start of process planning or in the initial backlog for agile methods. 
The result of a well organized and executed process incorporating scalable and versatile  solutions from Wibu-Systems is a fully protected software with flexible license models, increased net income and lower development costs.

The following will then apply to you as well in the future: “Planning is the replacement of chance by knowledge.”                    

Software protection in four simple steps 

­­­­­­

  1. Define the application features: Decide which software modules you want to license individually. 
  2. Protect your software: Fully encrypt your software with easy-to-use AxProtector from Wibu-Systems without modifying the source code. Protect individual modules with ­IxProtector to add an extra layer of protection. Set the basis for customized licensing.
  3. Generate your licenses: Map your own ­license models in a straightforward and flexible manner using CodeMeter License Central. Sale and distribution of licenses can be mapped online directly or offline, and integrated into the organization’s existing back office processes. 
  4. Ship your application: With CodeMeter you have a wide range of shipment options. Choose between a hardware-based dongle (CmDongle) or a computer-specific software  license (CmActLicense), pre-programmed or shipped as license code.

 

KEYnote 24 – Edition Fall 2012

            

To top