IUNO2PAKT

Background

IUNO, Germany’s national reference project for IT security in Industry 4.0, concluded in late 2018 with a vast range of solutions to counter the threats challenging Germany’s and the world’s industry on the cusp of the digital industrial revolution. With no fewer than 15 active demonstrators to showcase its achievements, the project partners had reason to celebrate their work – with Wibu-Systems among them showing how its CodeMeter-based protection and licensing technologies could safeguard smart factories, ensure the integrity of data and virtual identities in machine-to-machine communication, and open up new business models.

The innovative work done by the IUNO project has delivered meaningful proofs of concept for all four of its target areas: Customized manufacturing, remote maintenance, data marketplaces, and threat recognition. It was always the intention of the consortium to create these solutions for real-life use by those small and medium-sized enterprises for whom the transition to the Industrial Internet of Things or the highly connected world of Industry 4.0 remain either a prohibitively expensive or a conceptually daunting option.

Project

The second iteration of the IUNO consortium, the IUNO2PAKT, is committed to empowering these enterprises for the digital revolution ahead of them. It intends to do so by building on the solutions produced by the first consortium in a dedicated task force of researchers and innovation leaders of small and medium-size enterprises. IUNO2PAKT is set to pursue its ambitious plans over a period of 3 years, creating and making public the concepts, methods, and tools needed to systematically level up the security and protection in industry and install the backbone of a more resilient industrial landscape with an emphasis on usability in the real world.

Wibu-Systems’ Contribution

Wibu-Systems is again joining the IUNO2PAKT consortium to add its unique technological competences to the mix by combining the long-established protection expertise already applied in the original IUNO’s focus efforts on security for industrial automation and machine communication with its recent innovative work in the area of certificate management.

Certificates are an indispensable building block for secure communication, as they represent the currency of trust: Proofs of identity and proofs of trustworthiness for applications and machines communicating with unknown or remote data sources, controllers, or operators. But creating, assigning, and managing these certificates remains a difficult proposition even for enterprises who already have a sound certificate infrastructure in place, with a professional certification authority and solid certification processes: The practical challenges and security risks lie in the middle passage, from the managing authority to the device or machine on the ground, requiring transit across unprotected legacy networks or complex security precautions when new networks are designed to make factories smart.

Past practice often still relies on a crude form of security by air gap when it comes to managing the certificate distribution and updating process: When they are used at all, certificates are created and managed manually, and manually carried from the certification authority to the device where they are needed.

Modern installations address this problem by placing a global discovery server in the middle to ensure that certificates can be validated in transit and trusted by their target application. For IUNO2PAKT, Wibu-Systems is getting its CodeMeter Certificate Vault to work with Microsoft’s new, open-source GDS (Global Discovery Server) to bridge the gap and get certificates stored on the safest physical repository – CmDongles – built-in CmASICs, or soft CmActLicenses or CmCloud containers.

The all-new Certificate Vault is designed to work with OPC UA stacks, including open62541 and Unified Automation’s ANSI C stack, to fit seamlessly into current industrial automation and smart factory layouts. It offers a holistic security solution designed with the end user in mind to promote acceptance among industrial users. Everything is fully integrated with Wibu-Systems’ established ecosystem, putting CodeMeter License Central in charge of managing the keys, certificates, and licenses needed for the solution to work, and equipping the end user with secure CmDongles, CmASICs, or soft CmActLicenses or the new CmCloud to work on all available platforms.