Digital certificate chain of trust for top performance integrity protection of embedded systems
It is a fact that M2M is entering an unprecedented phase of interconnectivity, one where plants and equipment are not just fully automated but also controlled remotely over the Internet, from offsite locations or even via cloud computing. The incremental efficiency, the lower labor cost, the acquisition of competition advantage are clear and obvious to all. Just like any other technological revolution though, Industry 4.0 opens also up to new challenges that original equipment manufacturers need to get ready for.
The forms of attack manifest in several possible ways; they can include tampered components looking exactly like the original ones, or a different set of software commands, or botnet-like actions to gain control over an entire manufacturing line. Whether the attack is carried out from within the plant itself during maintenance, or externally via unauthorized access to the net, the results might be disastrous. The victim can see for instance its warranty terms becoming inapplicable, its production process sabotaged, new competitors springing up at practically zero investment.
A challenge is however nothing more than an identified scenario we can find solutions for. Wibu-Systems, with a proven record history in IP protection against software reverse engineering, and copy protection versus illegal duplication, is standing up to support OEMs. The vendor has in fact joined the Alliance for Cyber Security as a validated partner; this task force was created by the German Federal Office for the Security of Information Technology (BSI), and founded in cooperation with BITKOM, the voice of the Information Technology, telecommunications and new media industry in Germany.
The integrity protection system which Wibu-Systems has developed is based on a chain reaction where each step of the process is verified: boot loader, operating system, real-time application, configuration data are screened through one after the other. The encryption and signature of the original software by means of symmetric, asymmetric algorithms and hash functions is the core principle upon which the whole mechanism is based upon. Forward and backward checks through trustworthy elements increase the security layer. The CodeMeter technology for embedded systems is available for Windows Embedded, Real Time Linux, VxWorks, CODESYS and more to come.
“To support the German Cyber Security strategy the Alliance for Cyber Security has been founded by BSI and BITKOM. This important instrument can work well only with the support of companies like Wibu-Systems, representative for the powerful German IT security branch", explains Michael Barth, head of the department Defense and Internal Security at BITKOM.
“With a company entirely dedicated to innovate the security market over the last decades, we believe that the unique resources we can contribute with for the knowledge base the Allianz is building up will prove of extreme technological and software monetization value to the community of enterprises, government bodies, municipalities and private users that is rounding up this new initiative”, states Oliver Winzenried, CEO and founder of Wibu-Systems.
- Press Release 66 KB