Progress on the IUNO Research Project
The German national reference project for IT security in Industry 4.0 – or IUNO for short – wanted to understand the threats and risks facing the intelligent factories of tomorrow, develop suitable countermeasures, and put them to the test in powerful use cases. Wibu-Systems and its universal security solution CodeMeter figure prominently in several of the project’s work packages and demonstrations. Over the last three years, the members of the projects have worked hard to develop new practical scenarios for Industry 4.0, pinpoint new security needs, and come up with protective solutions in response. This means reconciling different perspectives: Practitioners in the field have very different priorities on the shop floor vs. companies coming from an IT background. The former care most about reliability, while the latter are concerned with the many possible lines of attack the infrastructure is exposed to. IUNO has managed to bring both worlds closer together and empowered people on both sides to see the common ground they share.
Use Case: Secure Technology Data Marketplace
A technology data marketplace is used to enable trades of data needed in manufacturing processes. Following the lead of smartphone app stores, the marketplace has the potential to make it easier for industry to license and use required designs, parameters, or recipes. The challenge is that the system has to be as seamless and smooth as possible for the intended user, while enabling the licensor to enforce blanket or pay-per-use payment models for their data. At no point should the data be accessible in plain text or usable without the right license. After all, the data is the property and valuable asset of the licensor. The IUNO demonstrator takes the form of an automated cocktail mixer in which case the intellectual property is represented by cocktail recipes. An online marketplace allows consumers to choose the recipe of interest and buy the license for it, pay for it with Bitcoin, transfer the recipe (with the required license and keys) to the mixer, and watch the drink being prepared. Applied to a more industrial setting, a similar system could be used for selling machine settings or blueprints for 3D printers. The system is data-agnostic as it does not matter what type of data is being traded. It can be used across different vendors and systems, covering a wide range of potential customers and environments with a single system.
Use Case: Secure OPC UA and RFID Communication
The use case of a secure RFID reader presents a CodeMeter ASIC integrated into the processing unit of an intelligent RFID system made by Balluff. The ASIC provides a space for the secure storage of certificates for OPC UA communication between the RFID reader and its environment. The CodeMeter API is also used to verify the integrity of the data on the RFID tag by checking its signature. Balluff intends to use the CodeMeter technology now integrated in the system to realize even more features and capabilities with its RFID readers, where an ASIC with a CodeMeter embedded stack can fulfill three separate functions in the processing unit.
Use Case: TPM 2.0
Working in partnership with Infineon, another work package has integrated the Infineon OPTIGATM TPM 2.0 with a Linux system to illustrate how software-based CmActLicenses can be tied to an external secure element. The result is a binding scheme that offers a level of protection between a pure software solution and a full-hardware CodeMeter Dongle or ASIC. In environments that already have a secure element in place or where a TPM is mandatory, this allows a more robust binding to hardware traits.
KEYnote 36 – Edition Fall 2018