Wibu-Systems Blog https://www.wibu.com/blog.html?tx_t3extblog_rss%5Bcontroller%5D=Post&cHash=397ad6fc29c79e4eec052ccae79e50f3 WIBU Blog Posts en-gb Wibu-Systems Tue, 19 Mar 2024 11:03:27 +0100 Tue, 19 Mar 2024 11:03:27 +0100 t3extblog extension for TYPO3 Build or Buy? CodeMeter ROI model is here Wed, 28 Feb 2024 08:00:00 +0100 https://www.wibu.com/blog/article/build-or-buy-codemeter-roi-model-is-here.html post-254 https://www.wibu.com/blog/article/build-or-buy-codemeter-roi-model-is-here.html An ROI model guiding future customers on choosing between homegrown licensing systems or CodeMeter. Build or Buy? CodeMeter ROI model is here by Thomas Oberle 28-02-24

Build or buy – the age-old question that seemingly has no clear answer, whether you are a diligent consumer or an enterprise decision maker.

Consider these scenarios. A homeowner imagines that a backyard shed would satisfy their need for additional storage and working space for personal projects. But, would the homeowner ultimately save money by building it themselves exactly to their own specifications? Or would the modular, prefabricated storage unit offered by the local home goods retailer suffice and be a more economical buy in the long term?

In the case of the conscientious do-it-yourselfer, he would need to consider the cost to purchase a set of building plans, factor in time spent with the local zoning board to get the plans approved and obtain the building permit, purchase the building materials and have them delivered to the home, and actually perform the construction. Other considerations would be whether they have the tools and skills to safely perform the construction and whether the building time would take them away from other important projects or family events. Alternatively, the homeowner would weigh the cost of the pre-built shed and consider the associated landscaping preparation required, delivery, and installation costs involved. Either way, it would be nice for the homeowner to be able to use a simple ROI equation that would clarify the decision.

At another level, commercial organizations of all size regularly struggle with similar build versus buy decisions. Consider the Fortune 500 company that needs to decide whether to develop their own ERP system or purchase one off the shelf from one of the many reputable vendors in the market. The critical decision-making factors are not dissimilar to the DYI homeowner. In the long run, will it be less expensive to build with internal resources or buy the software? What is the expected short- and long-term ROI? Does the company have the skills and resources to build the application efficiently in house in the necessary timeframe? Is the solution scaleable to the needs of the future? Again, similar questions, more intangibles to consider, and few logical equations and algorithms to help guide the decision.

The same make vs. buy question is faced by our own customers who require solutions to the many challenges they need to address to protect and license their software. For example, software piracy and ineffective licensing have a direct financial impact for businesses: Unauthorized copies and unlicensed use mean significant losses in revenue, while poorly enforced licenses can mean lost revenues and lost control. Additionally, protecting intellectual property is paramount, not least to secure one’s financial integrity and ability to keep innovating. Without adequate protections, creative ideas and other intellectual assets are at risk of theft, emulation, and unauthorized use.

Today’s digital transformations across all sectors of industry have put software security in the spotlight, in particular, the means to prevent nefarious manipulation and cyberattacks. In practice, protecting software against manipulation and tampering calls for security technology on various levels, from encrypting and signing code to more advanced techniques for recognizing and averting attacks.

Furthermore, businesses are facing increasing pressure to respond to changes in consumer expectations, such as having the ability to choose licensing options including subscriptions, pay-per-use, or other modern alternatives. This requires new strategic thinking on the developer’s part and a flexible licensing system that enables them to address dynamic market changes.

So, while the need for a software protection and flexible licensing system is clear to many, the make or buy approach is still somewhat muddy, as we experienced with our current customers who opted for the buy approach to our CodeMeter licensing and protection system.

To help our future customers make their decision, we engaged in a comprehensive analysis to determine the cost of purchasing, implementing, and maintaining our CodeMeter system in action and the subsequent short- and long-term Return on Investment. To make the calculations, we engaged in extensive interviews with leading executives of four companies using CodeMeter. We organized the available data into distinct scenarios so the calculations would offer meaningful insights into a range of use cases and sectors of industry and size company.

The ROI was then determined by taking the initial investment, the licensing costs during active operations, the potential revenue growth, and the expected savings into consideration to get a clear impression of how the solution would impact the user’s profitability. The calculation was made over a three-year timeframe to offer a meaningful impression of the long-term effect of opting for the CodeMeter licensing solution.

While not surprised, we were pleased to be able to show definitively that each customer benefited from adopting an efficient and flexible licensing system. In each case, CodeMeter not only improved their profitability, but also sharpened their competitive edge, protected their IP, and provided a predictable model for long term growth.

But the story doesn’t end here. We now have an objective and demonstrable ROI model that we can share with our future customers to help them with their important decision to either build a homegrown software licensing system or purchase a proven, automated licensing and protection system like CodeMeter. If you are interested in learning more about our CodeMeter ROI methodology and calculations, I invite you to download the Whitepaper, The Commercial Case for CodeMeter: Insights from Customer Case Studies.

Contributor

Thomas Oberle

Member of the Management Board

Thomas Oberle holds a degree in electrical engineering from the University of Karlsruhe. He began his professional career as a hardware and embedded software developer for industrial fieldbus systems, machine controls, and operating devices.

After completing his postgraduate studies in industrial engineering at the Kaderschule St. Gallen (CH), he moved into management consulting. Working initially as a process consultant for innovation management, product development, and project management initiatives, he then became a senior consultant for production, purchasing, and supply chain management endeavors. As project manager for the implementation of SAP ERP systems, he gained profound knowledge of common best-practice business processes in manufacturing.

At WIBU-SYSTEMS AG, he is a member of the management team, responsible for organizational development, process optimization, and the use of methods and tools, as well as for program and product portfolio management.

]]>
Railway Safety: Security Solutions Thu, 15 Feb 2024 08:00:00 +0100 https://www.wibu.com/blog/article/security-for-safety-in-the-rail-transportation-world.html post-252 https://www.wibu.com/blog/article/security-for-safety-in-the-rail-transportation-world.html Preventing train collisions is crucial, yet without proper security measures in place, safety isn't assured. Railway Safety: Security Solutions by Stefan Bamberg 15-02-24

In the global railway ecosystem, rolling stock collisions are the most dramatic and newsworthy accidents and disasters imaginable. While rare, they are also the most lethal to human life, as experienced in recent incidents.

The deadliest rail disaster in Greek history occurred in 2023 when two trains involving a passenger train and a freight train collided head-on. The devastating accident left at least 57 people dead. It was later discovered that the passenger train had been inadvertently allowed to proceed on the wrong track despite the presence of the freight train on the same track.

In May of 2021 in Malaysia, a head-on collision occurred between a manually-driven empty train and an automated passenger train causing 213 injuries. The incident was thought to have occurred due to a miscommunication at the operations center.

Additionally, the year 2016 saw two deadly rail accidents in Western Europe. In Germany, two passenger trains had a head-on collision where 12 people died and 85 others were injured. Later that year, two Italian regional passenger trains collided head-on killing 23 people and injuring 85 others. The German accident was said to have been caused by a train dispatcher who gave incorrect orders to the two trains while distracted by a game he was playing on his mobile phone.

In the hybrid world of rail transport, combining almost two centuries of legacy infrastructure with cutting-edge technology, system engineers must contend with a mix of modern, interconnected rail operating systems, aging tracks and infrastructure, and a vast variety of rolling stock on their lines at the same time. Train-on-train collisions can be caused by a vast variety of factors from an inadvertent human error to hardware or software malfunction. And today, rail operators need to be concerned with protecting their sophisticated, modern communication and operational systems from sabotage and cyber-attacks.

Intelligence on Wheels (IoW), an offshoot of Germany’s aerospace pioneers DLR, has developed a collision warning system comprising train-to-train communication, track-selective self-localization, and onboard situation analysis and decision support – all designed to empower railways to keep their trains running routinely and safely or to make quick, but well-informed decisions to avoid impending hazards. The system is designed to work alongside established rail safety infrastructures and is particularly suited as an additional cost-effective safety system for sparsely utilized regional lines as well as smaller-scale operators that must engineer services around complex, often single-track lines.

The sophisticated technologies built into their TrainCAS system and the potential for criminal misuse make security and IP protection a paramount concern for the company. The system combining hardware, software, and data, not only has to be protected against threats from hackers or other malicious actors for safe and secure rail travel purposes, but also against undue attention and exploitation by competitors, less ethical users, or simply overly curious third parties. In the railroad industry, a model of robust engineering and regulatory oversight, solutions for safeguarding intellectual property and software license management must navigate the technical landscape and stringent mandates, especially considering the sector’s key role in today’s mass mobility infrastructure.

This is where Intelligence on Wheels turned to Wibu-Systems to integrate its CodeMeter technology into their TrainCAS system to encrypt and protect its software and build in the hardware-based cryptographic security components for the TrainCAS onboard technology in the field. CodeMeter hardware was adapted to a rugged and tamper proof hardware solution to secure license repositories and provide safe havens for executing the crypto code during runtime for added protection against hackers. The TrainCAS software and the constituent trackmaps that enable the highly reliable situation detection are secured by a combination of CodeMeter AxProtector and Core API tools chosen specifically to match the mixed embedded systems used by Intelligence on Wheels. This prevents both unauthorized use by unlicensed users and tampering, intentional or unintentional, by people trying to manipulate the system.

Dr. Thomas Strang, CEO, Intelligence on Wheels GmbH, noted: “For us, security-for-safety has two meanings: protecting the IP that makes our business possible and protecting trains out on the tracks against cyber-attacks. Working with our likeminded partners at Wibu-Systems was a pleasure, and holding the CodeMeter hardware in my hands gives me the same feeling of reassurance I get when I see our TrainCAS systems in action.”

In support of IoW’s guiding principle of “Security-for-Safety,” the innovative solution safeguards critical infrastructure against cybersecurity threats, secures IP against theft, and enables new business licensing models for rail safety services. You can read the entire case study for more details.

Contributor

Stefan Bamberg

Director Sales and Key Account Management

After studying computer science at the Karlsruhe Institute of Technology, he worked in traffic simulation R&D before switching over to IT project management and key account management for large ICT companies. Since 2012, he is active in the Key Account Division of our Wibu-Systems sales force.

]]>
Enabling SCADA Apps with Flexible Licensing Tue, 06 Feb 2024 08:00:00 +0100 https://www.wibu.com/blog/article/enabling-scada-applications-with-flexible-licensing.html post-245 https://www.wibu.com/blog/article/enabling-scada-applications-with-flexible-licensing.html SCADA software in critical infrastructures continually evolves, demanding novel security and licensing approaches. Enabling SCADA Apps with Flexible Licensing by Stefan Bamberg 06-02-24

Supervisory control and data acquisition systems (SCADA) came into play in the 1970’s with the emergence of microprocessors and PLCs as mechanisms to control and monitor automated processes. In the early 2000’s, industrial networks were enabled by the Internet, increasing interconnectivity of geographically dispersed systems, leading to increased efficiency, productivity, and process reliability. Today, SCADA has become a ubiquitous tool for industries to gather and analyze data directly from the factory floor from any part of the world in real time. SCADA software is found in the sophisticated control systems in a variety of critical industries, from energy and wastewater management to transportation and general manufacturing.

The evolution of SCADA continues with the emergence and integration of advanced digital technologies such as IoT, cloud computing, machine learning, AI, and big data analytics. However, with these advancements come new challenges, such as cybersecurity concerns and the need for dependable software license management systems capable of adapting to the end-user demands of these modern industrial processes.

To address some of these demands, ETM professional control, a subsidiary of Siemens AG, has developed the SIMATIC WinCC Open Architecture, a platform that enables developers to build vendor- and platform-independent SCADA systems with software designed for applications of large scale and high complexity as well as projects with customized functionality. It supports a variety of connectivity options with seamless integration with a wide range of controllers and centralized monitoring systems. The platform-independent SCADA software provides access via native applications as well as mobile and web user interfaces. The open architecture design enables easy adaptation of new technologies such as cloud-based IT, increasing the longevity and the ROI of WinCC OA and enabling continuous innovation by their customers. The WinCC OA solutions are scalable and provide unlimited global access over the Web.

Some of the challenges that come along with such a sophisticated development platform are the licensing and protection of the software, particularly as the technological landscape evolves so rapidly, with modular operating systems, virtualization and Docker container solutions, and cloud systems. This calls for open and robust software with a licensing system that is granular and flexible enough to address every user’s unique installation and able to protect against unintended operation and tampering across a wide range of platforms.

That’s where Wibu-Systems’ CodeMeter licensing and protection solution comes into the picture. ETM professional control chose CodeMeter as a powerful replacement of their home-grown licensing solution to meet their variable requirements, providing uniform and fully aligned protection and licensing capabilities across all relevant systems and platforms, ranging from ARM to x86, running on Windows and Linux, and from the smallest IoT device to the cloud. CodeMeter’s ability to ensure secure licensing even in distributed and decentralized setups, its range of license containers, and its effective integration with ERP systems give users in the field flexible options to manage their licenses and tailor their systems to the project requirements.

Customers benefit from licensing tools for both on-site and off-site usage, to fully automate the deployment of their WinCC OA project. To accommodate traditional and modern workflows, customers need to be able to manage their licenses independently from a digital platform. With CodeMeter, they can easily handle license upgrades, add or remove features, and scale their WinCC OA projects up or down without having to interact with an ETM representative.

CodeMeter’s backbone infrastructure integrates with ERP and e-shop systems to provide a streamlined user experience from selecting an item in the e-store to shipping the license. CodeMeter also allows flexible machine binding options, with or without dongles. The fine-grained structure of license item properties is aligned with the highly modular nature of the WinCC OA system and meets the business model specifications for permanent and recurring revenue. It allows dependencies as well as the addition and removal of features when composing a license from individual parts.

As business models with recurring revenue gain more and more significance aside from the traditional one-time investments, software procurement processes should seamlessly adapt to this model to ensure uninterrupted plant operation. Customers expect a seamless experience, from ordering to software license delivery to integration into the software project.

The partnership between ETM and Wibu-Systems ensures that the software solution grows and evolves with the changing needs of its customers, giving ETM a remarkable level of robustness and adaptability and making it impervious to technological change and disruption. The software’s ability to seamlessly handle both standard processes and individual customer requests has contributed to its continued success and customer satisfaction.

You can read more details about this integration of technologies for SCADA software in the case study.

Contributor

Stefan Bamberg

Director Sales and Key Account Management

After studying computer science at the Karlsruhe Institute of Technology, he worked in traffic simulation R&D before switching over to IT project management and key account management for large ICT companies. Since 2012, he is active in the Key Account Division of our Wibu-Systems sales force.

]]>
License Scalability and Flexibility Tue, 23 Jan 2024 08:00:00 +0100 https://www.wibu.com/blog/article/license-scalability-and-flexibility.html post-246 https://www.wibu.com/blog/article/license-scalability-and-flexibility.html Is your licensing model sufficiently scalable and customer-centric to promptly adapt to emerging market trends? License Scalability and Flexibility by Terry Gaul 23-01-24

Software scalability is a key aspect for a sustainable business model that aligns with current needs as well as future potential. With an agile software licensing scheme, organizations can readily enable their workforce to access systems without having to worry about the availability of software licenses or having to pay for extra seats as the workforce grows. Dan Roberge, in his article Software Scalability Made Simple with Unlimited Users, makes the case for unlimited user licenses. A flat fee model with unlimited user licenses, he says, allows businesses to easily expand their team without worrying about limits or restrictions on headcount while saving money on unforeseen costs.

He points out many other benefits of unlimited user licensing:

  • Startups as well as SMEs, often constrained by tight budgets, can adopt sophisticated software that puts them at the same level as larger enterprise players in the market.
  • Unlimited scalability enables stakeholders to seamlessly join a collaborative platform without the need for complex licensing negotiations while fostering faster product development cycles.
  • Scalable software accommodates fluctuating growth stages as team members fluctuate. Tools are always available to keep everyone on the same track.
  • The adaptability inherent in flexible software licensing positions businesses to rapidly respond to customer demands and anticipate and readily respond to market changes.

The author further notes flexible software licensing and scalability will enable businesses to address the complex decision of pivoting their entire business model when necessary to adapt to volatile market changes.

Software license scalability and flexibility go hand-in-hand in allowing ISVs to provide the tools to facilitate their customers’ success. Whether a flat unlimited user license model works best, or usage based, or subscription licensing schemes are more favorable, flexibility is key.

In addition to scalability and a choice of license models, let’s look at some of the other benefits of a flexible licensing system:

  • Sharing Licenses: Sharing network licenses is a great option for licensing software that many corporate users need on a regular basis, but not all at the same time. For example, a Customer Relationship Management system (CRM) is accessed constantly and regularly revised and updated, but each specific user, be it from sales, customer support, finance, or wherever else in the organization, would only access the CRM for a few minutes at a time. In this case, a flexible licensing system would enable users to share the software, giving lots of seats access without forcing the software to be tied to any one seat or any one user.
  • Borrowing Licenses: While licenses are usually not transferrable, there are times when users require the flexibility to borrow a license. For example, a licensed user may have need to work outside the network for an extended period but still require access to the software. A flexible license management system enables the user to “check out” the network license from the license server for a predetermined period of time and then “check in” the license to the server pool when they are done with it. The borrowed license is locked to the user’s computer and does not require any communication with the license server during the borrowing period.
  • Licensing in the Cloud: Cloud computing affords a high level of scalability, flexibility, and elasticity that has made a dramatic impact to the way ISVs can license software, enabling new models like on-demand, pay-per-use, and other consumption-based approaches. In addition to enabling more economical usage and payment models, the cloud offers end users many additional benefits: users can access their licenses wherever, whenever, and however they need them, from mobile devices or at different locations without having to manually transfer a license file or carry around a dongle; data is better protected in the cloud versus storage on laptops and mobile devices that can be lost or stolen; and software upgrades and maintenance costs are greatly reduced.
  • A Hybrid Approach to Licensing: For ultimate flexibility, a hybrid approach to cloud licensing and on-premise licensing may be an optimal solution. In a hybrid model, developers provide the ability to their end users to access the license to run the software anytime and anywhere: on-premise, in a private cloud, or in popular environments like Amazon Web Service or Microsoft Azure. For offline scenarios, all they need is either the ability to temporarily connect to the Internet, or to exchange a license file via file transfer. The end users can activate the license on their device and use it offline. In online scenarios, the license is stored in a secure user-bound container in the cloud and used directly online in the cloud.

These are just a few examples where the flexibility and scalability of a licensing system can bring added benefits to both the software publisher and the end user. Are you interested in learning more? I invite you to attend our upcoming webinar, Unleash the Power of CodeMeter, and see first-hand our awarding-winning solution that has delivered scalable and flexible licensing solutions for 20 years.

Contributor

Terry Gaul

Vice President Sales USA

Terry Gaul is a sales and business development professional with extensive experience in the software and technology sectors. He has been involved with software protection and licensing technologies for more than 20 years and currently serves as Vice President of Sales at Wibu-Systems USA. When he is not helping customers with software licensing, Terry typically can be found coaching his daughters' soccer teams or camping with his family on the Maine coast.

]]>
Software Licensing Trends in 2024 Tue, 19 Dec 2023 08:00:00 +0100 https://www.wibu.com/blog/article/software-licensing-trends-in-2024.html post-244 https://www.wibu.com/blog/article/software-licensing-trends-in-2024.html Customization has become increasingly pivotal in the digital realm, encompassing diverse licensing options. Software Licensing Trends in 2024 by Stefan Bamberg 19-12-23

As we close out another year full of industry challenges and successes, I am proud to reflect upon our achievements in 2023: Recipient of another prestigious industry award, the launch of a myriad of new product innovations and updates, and a number of successful collaborations with our customers and partners – all geared toward protecting IP with creative licensing strategies and code protection mechanisms. However, in this rapidly evolving world of connected devices, smart industries, AI, and other next generation technologies, no one can afford to rest as new unscrupulous modes of IP theft, critical data breaches, cybercrimes, and threats to human safety proliferate. As such, we continue to look ahead, identify the trends and events that will shape the industry in 2024 and beyond, and guide our licensing and protection technology and product strategies to stay at the forefront.

Here are some of the industry and technology trends we are following closely in the coming year:

  • Subscription licensing: The advantages of subscription licensing are becoming more and more attractive for both end users and ISVs alike. Lower up-front costs and ongoing product updates for the end user and the benefit of recurring revenue streams are driving the burgeoning market for subscription models. ISVs and smart system manufacturers will require a flexible licensing system to leverage the benefits of subscription services.
  • Cloud-based licensing: The cloud is shaping the world we live in. For software developers, license models tailored to cloud deployment are gaining traction as SaaS technology opens new avenues for revenue, such as pay-as-you-go, subscriptions, or usage-based pricing. The ability to securely store and manage licenses in the cloud will be critical for software publishers seeking to transition their applications to the cloud.
  • Hybrid work environments: The combination of working at home vs. at the office is expected to continue, making licensing flexibility critical to accommodate remote and mobile teams and to facilitate license availability, security, and compliance. For an ISV, this new reality brings the nuances of software licensing into focus. It is now essential to have a flexible licensing system that enables a mobile workforce to access their software licenses wherever they are, at home or in the office, and whenever they need them, and do so securely.
  • Customizable licensing: Some unique applications may need a particular type of software license specifically tailored to meet the exact specifications of a single customer’s environment that more than likely would be outside the norm of a standard off-the-shelf software license. This trend again emphasizes the flexibility requirements of a modern software licensing engine.
  • AI and Machine Learning: With the emergence of AI/ML across a number of industries, there is a growing concern for data security and privacy as massive amounts of data are being generated and potentially exposed across a broadening attack surface. Security-by-design features, including advanced encryption and authentication protocols, will become prevalent.
  • Industrial Digital Transformation: The industrial automation industry is undergoing a significant transformation driven by cloud-based advances in connected machines, robotics, and smart factories. Software is indispensable for controlling critical functions, collecting, and analyzing data. Software is also one of the most vulnerable vectors for malicious attacks, including reverse engineering, code cloning, code tampering, and counterfeiting (product piracy). The next generation of software must be developed with the underlying principles of security, resilience, and trustworthiness.
  • Edge Device Security: Edge computing is used in a diverse range of applications. Because all systems involved are not necessarily kept online at all times, there needs to be a way to make sure that they can run without jeopardizing the license terms even if the system is disconnected from the Internet. Developers for applications running on edge devices need to consider mechanisms to protect their intellectual property and their license terms in actual practice.
  • Additive Manufacturing Data Protection: Manufacturers are beginning to integrate various AI and machine learning-based algorithms into their 3D printing process in order to exploit the full potential of the technology. The trained printing model that grows from the machine learning process becomes the intellectual property of the manufacturer and must be protected from inadvertent modifications or even intentional attacks. There could be counterfeiters trying to build similar systems by illegally copying the property of the original maker or there might even be outright saboteurs who want to manipulate what the system can do in practice. Intellectual property needs to be protected against theft and piracy, but still be available for legitimate stakeholders to use, process, and reprocess.
  • Licensing in Virtual Environments: Containerization is becoming a popular tool for running multiple applications in virtual environments. Both Docker and Podman are currently the most widely used platforms for creating, deploying, and managing applications via containers while open-source frameworks, like Kubernetes, for organizing container groups, are gaining popularity in the embedded field. But containerization is not without its challenges, particularly for software licensing. While virtualization makes it easier to handle different platforms in a unique way outside a connected network, it is often difficult to attach a secure hardware element like a CmDongle for licensing purposes. Clever licensing solutions, most likely based on the versatile CodeMeter license server, will be required to protect and monetize IP in such virtual, containerized environments.

These are just a few of the challenges that lie ahead in 2024 and beyond and you can be sure that Wibu-Systems will stay ahead of the curve to bring you the creative solutions necessary to protect your IP at all costs.

We wish you a very happy holiday season and great success in the new year.

Contributor

Stefan Bamberg

Director Sales and Key Account Management

After studying computer science at the Karlsruhe Institute of Technology, he worked in traffic simulation R&D before switching over to IT project management and key account management for large ICT companies. Since 2012, he is active in the Key Account Division of our Wibu-Systems sales force.

]]>
A Christmas Dongle Story Wed, 13 Dec 2023 08:00:00 +0100 https://www.wibu.com/blog/article/a-christmas-dongle-story.html post-241 https://www.wibu.com/blog/article/a-christmas-dongle-story.html Discover how CodeMeter evolved from its humble beginnings into a global B2B security suite: Your Christmas story of the year. A Christmas Dongle Story by Oliver Winzenried 13-12-23

In 1989, Wibu-Systems was founded on the premise to deliver innovative technology for the protection and security of digital assets. That premise was realized with WibuKey and embodied in the company’s first dongle, WibuBox/P, which became a successful security hardware solution.

Fiftteen years later, CodeMeter 1.0, a secure hardware device packaged with a password manager, SecuriKey, and a secure data encryption solution, Steganos Safe, was released to the public and would evolve into Wibu-Systems flagship IT security suite. The grand unveiling of CodeMeter happened at the vibrant Karlsruhe (Germany) Christmas Market in 2003, a place where families gathered for the annual month-long Christmas celebration. There we were, nestled amongst a myriad of stalls and purveyors of handicrafts, holiday food delicacies, and the like.

Our ambitious idea was to sell a USB device to consumers that could act as a password vault, perform as a two-factor authentication key for personal PCs or Macs, and allow software developers a secure place to store software license keys. The notion was that for people owning such a USB device, a lower price for software was possible, as manufacturers wouldn’t have to include a hardware device with their software. We named our USB device “CmStick”. CmSticks overcame many technical challenges and performed perfectly as password vaults and two-factor identification devices. However, software developers were slow to warm to the idea of less expensive software for CmStick owners. It didn’t take long to realize our misstep and quickly shift our efforts away from end users and launched the CodeMeter dongle (CmStick) to the business-to-business market. And that’s where the true success story of our CodeMeter dongle begins.

Just a few months later, Wibu-Systems introduced the CmStick/M to the B2B market, the first dongle with integrated flash mass storage, allowing companies to deliver the license as well as the application itself on the portable, secure hardware device. That year CodeMeter also won the first of its many industry design awards.

In the ensuing years, the global business community became highly security conscious and CodeMeter technology development flourished to meet the industry’s growing demands for secure licensing solutions. That’s when different form factors came into play. In 2009, the first dongles as CmCard/SD and CmCard/CF were released as was a new form factor, CmCard/microSD a year later. In 2011, CmStick/C was introduced, making it the world’s smallest dongle for software protection on the market. The miniature dongle fits into virtually any small-scale device and is thus a feasible option for adding security to intelligent Industry 4.0 sensors.

Later in this decade, the field of industrial automation emerged, and new security solutions were needed to support this growing market. New CodeMeter form factors CmCard/CFast and CmStick/IV were released with industrial automation in mind, offering a space saving design, extended operational temperature range, and highly reliable fast memory features.

Concerns for software piracy, code tampering, reverse engineering and counterfeiting remain key issues for ISVs and embedded system developers, particularly with the proliferation of connected devices, PLCs, and other smart industrial components and systems that define the modern world. The ramifications of these concerns go beyond financial loss; they now present significant threats to public health and safety as well.

Today, CodeMeter dongles (CmDongles) continue to provide the highest level of software protection and license security. A vast range of memory types and sizes means there is a CmDongle for virtually any requirements in the field. At the core of every CmDongle is a smart card chip, which includes a microcontroller with a secure storage area for cryptographic keys and the firmware. With CmDongles, software publishers can independently encrypt and decrypt data using symmetric or asymmetric algorithms like AES (Advanced Encryption Standard), RSA (Rivest-Shamir-Adleman), and ECC (Elliptic Curve Cryptography) and sign data or verify the signature.

With integrated flash memory, data is not lost in power outages, which is a primary design consideration for industrial applications. The CmDongle with flash memory can operate in temperatures from -40°C to +85°C; the SLC-flash technology offers longest life, lower power consumption, memory protection with AES encryption and high availability.

Over the years, CodeMeter licensing and protection technology has evolved beyond the dongle to software-based licensing (CmActLicense), as a signed and encrypted license file bound to a user’s target device, and cloud-based licensing (CmCloudContainer). Wibu-Systems latest CodeMeter innovation is CmReady, which adds CodeMeter capabilities to qualified mass storage devices and fills an attractive and in-demand spot between the top-end protection of the company’s CmDongles and the comfort of CmActLicense software containers. Even as CodeMeter technology evolves into different iterations for solving different problems, the dongle remains the cornerstone of Wibu-Systems success. You can read more about the many use cases for CmDongles with flash memory in this white paper, CmDongle with Flash Memory in Practice.

Contributor

Oliver Winzenried

Co-founder and CEO

Oliver Winzenried began his entrepreneurial career immediately after completing his electrical engineering degree and, in 1989, he founded Wibu-Systems together with Marcellus Buchheit. His passion for software protection has resulted in a wide range of patents covering areas from secure license management and anti-tampering solutions to dongle feature innovations. He is also a director of the VDMA regional association in the state of Baden-Wuerttemberg, Germany, and serves on the board of directors of the Medical Technology working group of VDMA, the board of directors of bitkom, and the managing board of FZI.

]]>
Time to Consider a New Licensing Model? Tue, 21 Nov 2023 08:00:00 +0100 https://www.wibu.com/blog/article/time-to-consider-a-new-licensing-model.html post-240 https://www.wibu.com/blog/article/time-to-consider-a-new-licensing-model.html Do you ever re-assess your licensing, pricing, and packaging strategy to to stay aligned with evolving market demands? Time to Consider a New Licensing Model? by Marcel Hartgerink 21-11-23

Your software business is booming but what happens when unexpectedly your customer’s business spirals out of control? Consider this hypothetical situation: An ISV has developed a software solution that is right on target for a specific market niche and the customer’s business is booming (as is the ISVs). Unfortunately, some unexpected and uncontrollable events have suddenly soured the market and the customers’ need for the software has been drastically reduced. Is it time for the ISV to panic?

That’s the gist of a hypothetical story that has played out numerous times in the software industry, so says a member of Forbes Technology Council and managing partner of Software Pricing Partners, Chris Mele, in his article Amid Turmoil, Software Leaders Must Rethink Their Pricing Assumptions. With the backdrop of the scenario above, the author suggests that software executives should not view turmoil “fatalistically,” but rather use the event to re-evaluate their licensing, pricing, and packaging strategy and look for innovative solutions that will enable them to survive the market turmoil until better times.

“Put another way, if a software company’s licensing, packaging, and pricing during turmoil are the same as they were pre-turmoil, they’re likely missing the boat,” he noted.

In that case, what pricing options can the ISV consider? Perhaps a product bundling strategy, or a move from a pure subscription offering to a feature-on-demand scenario, or an “only pay for what you use” consumption-based licensing option; either of which may ease the burden for the struggling customer. However, for an ISV to even envision such potential solutions, much less readily implement them without major disruption to their business processes, the ISV must first have a flexible licensing system that allows them to even consider all the possibilities.

Case in point, let’s look at a creative solution enabled by Wibu-Systems CodeMeter software licensing and protection system. Desoutter Industrial Tools designs and produces electric and pneumatic assembly tools for the aerospace and automotive industries. In a highly competitive market, they were undergoing a dramatic digital transformation driven by the new customer expectations envisioned with Industry 4.0.

Desoutter’s high-tech solutions comprise controllers, embedded systems, and software, all of which form part of the complete package. In the past, each tool needed a separate controller to operate. Now, one controller can run up to twenty tools via a wireless connection. Every piece of hardware also used to have its own software on board, with a traditional product license attached – too rigid and unwieldy for the Industry 4.0 world.

To adjust to the rapidly evolving market, Desoutter radically changed the way they delivered their products. Desoutter no longer sells software with fixed licenses. Instead, the company implemented an innovative concept that lets its customers dynamically assign a certain budget (in the form of Unit Values – UVs) to access only the features and functions they need. The idea is straightforward: Customers buy UVs, which they can then deploy to use a certain service. When they no longer need the service, they can recover the UVs and convert them into a different service or even redeploy them on another tool. This allows their customers to quickly rebalance their operations.

With the change in licensing strategy, Desoutter’s customers use an online configurator to cherry-pick the features they want on a specific tool and then order the UVs they need to run their service. Desoutter delivers the UVs via an e-wallet and activates the service by simply connecting a USB stick with the appropriate license to the controller. Ultimately, the solution provides greater versatility and economy to their customers while allowing Desoutter to monetize their software and generate new business opportunities with existing and new customers.

The solution itself is based on CodeMeter software protection and licensing system, with Wibu-Systems tailoring its technology to meet the specific needs of Desoutter. Not only does CodeMeter take care of the general protection of the design concept, but also of the infrastructure needed to create and deliver the UVs.

Desperate times are often mitigated with creative solutions vs. desperate measures. Read the full Desoutter case study and learn more about the CodeMeter flexible software licensing and protection system.

Contributor

Marcel Hartgerink

General Manager of WIBU-SYSTEMS NV, WIBU-Systems BV, WIBU-SYSTEMS LTD and WIBU-SYSTEMS SARL

Marcel Hartgerink studied electronic engineering and developed his first software protection system for Atari-ST computers in 1988. He was later involved in developing biometric authentication systems for large corporations. In addition to his technical background, Marcel is also an expert in marketing innovative solutions.

He is currently general manager of WIBU-SYSTEMS NV, WIBU-SYSTEMS BV, WIBU-SYSTEMS LTD and WIBU-SYSTEMS SARL, and is in charge of marketing, sales, consultancy and support in The Netherlands, Belgium, Luxembourg, France, Spain, Portugal, United Kingdom, Ireland, Scandinavia and the Baltics.

]]>
Hybrid Cloud/On premise Licensing System Thu, 26 Oct 2023 08:00:00 +0200 https://www.wibu.com/blog/article/hybrid-cloud-on-premise-licensing-system.html post-237 https://www.wibu.com/blog/article/hybrid-cloud-on-premise-licensing-system.html SaaS has revolutionized how we use software, but is it the silver bullet for every situation? We think not. Find out why. Hybrid Cloud/On premise Licensing System by Rüdiger Kügler 26-10-23

I recently came across a blog post written in 2014 that today seems quite prophetic. Entitled “Back to the Future: Is Electronic Software Delivery Making a Big Return?,” the article was posted by Jason Edge of Verifone, a global electronic payment service provider. In the post, the author pointed out the growing trend towards applications being delivered as Software-as-a-Service (SaaS) and their inherent benefits – lower upfront costs for end users, predictive recurring revenues for developers, and convenient access to business applications from most anywhere – all which hold true today. But the author also pointed out the downside to SaaS applications and that being the availability and quality of Internet access – whether it be slow in some instances or simply not available in others. In those cases, the author proposed that conventional electronic software delivery models with applications hosted on local machines vs. over the Internet was still a valid requirement. However, one would think that over the course of the past ten years those issues had been resolved – high availability, high quality Internet access is ubiquitous, is it not?

The answer is no, not in all cases, and that in my opinion is the prophetic part of the 10-year-old post. Certainly, SaaS has proliferated in the past decade and given birth to creative software monetization and delivery strategies, from subscriptions to consumption-based to features-on-demand. And, today, it would be hard to find many areas where the Internet is not available. Consumers have reaped the benefits as Internet access is available to some extent on trains, ships, and airplanes and is a standard amenity in hotels, particularly for business travelers. While the quality of access can often be somewhat poor in these instances, bandwidth is generally good enough to enjoy online communication and run the most popular lightweight business applications without problems.

However, I can think of two areas where Internet access, or quality of service is still an issue and not necessarily a good fit for SaaS-only application access.

  • Security: As part of Industry 4.0, more and more manufacturing data is sent across the Internet, e.g., for predictive maintenance. In most cases, the data is captured and passed on to the Internet via dedicated gateways. Still, manufacturing facilities on the proverbial shop floor are often not hooked up to the Internet, but instead run offline and fully autonomously. The reasons for this are obvious: Machines will not suddenly come to a standstill should the Internet connection break down. This could lead to massive costs down the line – just imagine a furnace falling cold in a steelworks. At the same time, keeping separate from the Internet protects from cyberattacks and sabotage. Attackers cannot tamper with devices they simply cannot reach.
  • Bandwidth: The second area for consideration is with mobile users who are running extremely complex applications requiring the highest Internet bandwidth to operate efficiently where SaaS simply is not an option. Many of our customers, in the industrial automation, transportation, engineering, geophysics, and other highly sophisticated vertical application areas, fit into that category.

So, as suggested by our prophetic author, perhaps a hybrid approach to SaaS and on-premise applications running on local machines is the best solution. At Wibu-Systems, we agree that a hybrid model is the best approach in some instances and one of the reasons we have developed our CodeMeter License Central solution that caters to both SaaS and on-premise implementations, or a combination thereof.

For Wibu-Systems, it all starts with the software license. In a hybrid model, developers provide the ability to enable its end user to access the license to run the software anytime and anywhere: on-premise, in a private cloud, or in popular environments like Amazon Web Service or Microsoft Azure. For offline scenarios, all they need is either the ability to temporarily connect to the Internet, or to exchange a license file via file transfer. The end user can activate the license at his device and use it offline. In online scenarios, the license is stored in a secure user bound container in the cloud and used directly online in the cloud.

As predicted 10 years ago, there is a real need for hybrid SaaS and on-premise software licensing solutions. If you would like to know more about cloud licensing, especially for offline scenarios, I invite you to attend our webinar, Cloud-Based Licensing in Offline Scenarios, November 8. If you are not available at the time, you can still register and we will send you a link to the recording afterwards. During the webinar, we will discuss different approaches to transfer licenses from the cloud to an offline device. This will be a great opportunity to see the best deployment strategy for your application and workflows.

Contributor

Ruediger Kuegler

VP Professional Services | Security Expert

After completing his physics degree course in 1995, he was head of project management for software protection, software distribution, internet banking, and multimedia projects. In 2003, he joined Wibu-Systems and, as part of his role, contributed substantially to the development of Blurry Box technology.

]]>
A Peek Inside CodeMeter Certificate Vault Wed, 20 Sep 2023 08:00:00 +0200 https://www.wibu.com/blog/article/a-peek-inside-codemeter-certificate-vault.html post-225 https://www.wibu.com/blog/article/a-peek-inside-codemeter-certificate-vault.html Are digital certificates inherently secure? How can you best store them to preserve their trustworthiness? We answer here. A Peek Inside CodeMeter Certificate Vault by Marco Blume 20-09-23

Certificates are used to prove the authenticity and identity of users or devices on the Internet, in emails, for machine-to-machine communication, and elsewhere. A commonly used certificate is an X.509 which is an International Telecommunications Unition standard defining the format of public key certificates. An X.509 certificate is based on asymmetric cryptography. Each certificate uses a pair of encryption keys. One key is public and confirmed by a neutral authority, the Certificate Authority, to belong to the person, device, or digital object, and the other is private and secure.

Typical uses of X.509 certificates include:

  • Establishing encrypted https connections and sharing data between web server and web browser
  • Encrypting and signing emails with the S/MIME standard
  • Digitally signing digital documents
  • Digitally signing software
  • Authenticating a participant in communication
  • Establishing a Virtual Private Network (VPN) and encrypted file sharing
  • Proving identity (digital ID cards)

In theory, with a certificate signed with the private key and the private key stored safely away from prying eyes, there should be no way to tamper with or steal the identity it confirms.

However, cyber attackers are always looking for vulnerabilities and ways to disrupt the digital eco-system. According to Venafi, a machine identity management company, digital certificates are attractive to attackers for a variety of reasons, but mainly because they are trusted; they require payment and proof of identity to tie the code, document, or application to the legitimate organization or person. In essence, they verify that the person or organization is real, and that the certificate belongs to them. As such, this usually makes end-users believe that the session protected by the digital certificate is a trusted environment where they can part with personal details, including financial information.

One of the most critical aspects of X.509 certificates is the ability to effectively administer them at scale, but as such, they are commonly thought to be complex to manage and implement. In particular, the set-up and configuration of digital certificates requires specific subject matter expertise as it is important to keep them up-to-date and ensure that they are properly configured to provide effective transactional security.

What it all boils down to is that the public and private keys must remain secure. In essence, certificates are just pieces of digital data, contained in a file in the file system or in the computer’s working memory. All certificates are issued for a specific key pair in an asymmetric cryptographic process, with the public key of that pair stored in the certificate. Its counterpart, the private key, is kept apart from it, usually in a separate file on the certificate holder’s device. And this is where the security of the system can break down: The private key must never be accessed by anyone but the certificate’s holder. Even if the place of storage is secure, the private key must regularly leave that safe environment for cryptographic operations in the CPU, making it again vulnerable to would-be attackers.

In our ongoing focus on perfecting the art of software licensing and software protection, Wibu-Systems has a solution designed to maintain the integrity and security of private keys, called CodeMeter Certificate Vault. With CodeMeter Certificate Vault, the certificates and keys are stored on secure hardware elements (CmDongles) via a specially protected route, going through CodeMeter License Central, Wibu-Systems automated license lifecycle management tool. There is no need for the end user to be concerned about the technical details in managing requests, updates, or signed certificates. All of this complex administration happens in the background for the user, including the CA (Certificate Authority) if need be. Once the keys are stored there, no sensitive information ever leaves the secure area.

CodeMeter Certificate Vault supports mainstream interfaces such as PKCS#11, openSSL, and KSP which makes it easy to integrate into existing software environments and significantly reduces implementation effort. Seamless customization and the many routes available for securely moving certificates and keys into CodeMeter Certificate Vault make it a universal and versatile tool for a range of circumstances and client requirements.

Let’s look at how it works in a few real-world use cases:

Use Case 1: Certifying a Person

In this case, a service engineer needs to be able to authenticate themselves and get access to the devices they are responsible for by showing the right certificate and proving their identity. That certificate and related key can be stored on a CmDongle or similar container. This solution is used e.g. by the technicians servicing ATMs, a highly secure task where every step needs to be recorded and only trained and approved technicians are qualified for the job.

Use Case 2: Identifying a Machine for Secure Communication

This use case needs a certificate that is bound to a specific device. Ideally this is done with a CodeMeter ASIC, with its security chip permanently fixed into the device’s inner workings. For this use case, a specific hardware entity should be uniquely identifiable in a network and be able to communicate securely. Examples of this include PLCs or smart sensors that are part of larger industrial networks via a standard protocol like OPC UA. That protocol uses the OpenSSL framework to handle X.509 certificates and protect communication in the network. In that setup, CodeMeter Certificate Vault provides secure certificate storage and a secure engine for cryptographic operations with the private key.

Use Case 3: Creating a Public Key Infrastructure (PKI)

In this case, CodeMeter Certificate Vault protects the signer’s private key when creating and signing certificates for use with VPN connections, mail signatures, or as proof of authenticity in process documentation.

For more specific information about CodeMeter Certificate Vault, I invite you to download our whitepaper, CodeMeter Certificate Value | Certificate Management with CodeMeter Comfort and Security.

Contributor

Marco Blume

Product R&D Manager Embedded at WIBU-SYSTEMS AG

Since 2013, Marco Blume has been with WIBU-SYSTEMS AG as Product Manager/R&D Manager Embedded. His work covers the range of protection concerns for embedded systems and includes the development of custom concepts for manufacturers and contributions to active research ventures. He has spent his entire career with different embedded systems, including 11 years as product manager for the security of ATMs and checkout systems and previous responsibilities as embedded specialist for video systems and industrial automation.

]]>
Protections for the Smart Automation Industry Wed, 13 Sep 2023 08:00:00 +0200 https://www.wibu.com/blog/article/protection-measures-for-the-industrial-automation-world.html post-210 https://www.wibu.com/blog/article/protection-measures-for-the-industrial-automation-world.html To industrial automation specialists: Do you have a cybersecurity plan for preparedness, response, and recovery? Protections for the Smart Automation Industry by John Poulson 13-09-23

The security and integrity of mission critical software, particularly software used by governments or for controlling critical infrastructure, is under intense scrutiny for its trustworthiness and the vendor’s ability to mitigate risks from vulnerabilities that can be compromised. The MIT Technology Review Insights “Cyber Defense Index (CDI) 2022/23", for example, has recently published its first annual comparative ranking of the world’s 20 largest and most digitally forward economies on their preparation against, and response and recovery from, cybersecurity threats. It measures how economies use technology and digital practices against cyberattacks, and how policy promotes secure digital transactions.

What impact do these cybersecurity concerns and future regulatory policies have on the connected industrial world as it undergoes the digital transformations heralded as Industry 4.0?

Wibu-Systems USA recently joined the Association for Advancing Automation (A3), which represents more than 1,200 organizations in North America involved in advanced robotics, artificial intelligence, machine vision & imaging, motion control & motors, and related automation technologies. One of our objectives in joining A3 is to engage in the important cybersecurity discussions that are affecting the automation industry vendors and play an integral part in creating the security-by-design best practices to protect the advancements driven by next generation of industrial software.

At the Automate 2023 Show, hosted by A3, I spoke with many of the manufacturers on the exhibition floor about their digital transformation and it was clear that software security was a major concern. And for those companies with systems involved with critical infrastructure, the questions were focused on when and how governments may step in with a set of software cybersecurity measures that apply specifically to the smart industry sector.

In advanced industrial automation scenarios, application software is an extremely valuable company asset. Software is indispensable for controlling critical functions, collecting and analyzing data, and monetizing applications through flexible licensing schemes. Unfortunately, software is also one of the most vulnerable vectors for malicious attacks, including reverse engineering, code cloning, code tampering and counterfeiting (product piracy).

As a representative for Wibu-Systems, I spent much of my time discussing our CodeMeter software security technology and how manufacturers around the globe use our CodeMeter system to protect their software and digital assets with strong encryption, authentication and access control technology while enabling new software monetization strategies with a flexible licensing entitlement management system.

For example, MVTec Software, a leader in machine vision application development software, uses CodeMeter to equip its product portfolio with sophisticated licensing and protection capabilities. ArtiMinds Robotics, a developer of software used to standardize workflows for industrial automation using advanced robotics, employs CodeMeter to protect their groundbreaking algorithmic technology and safeguard it from reverse engineering and piracy attacks.

These are just a few examples of licensing and protection solutions for advanced automation software. If you are interested in learning more about Industrial software security, we have several white papers you can download: Licensing and Security for the Internet of Things, CodeMeter in the Automation Industry, Integrity Protection for Embedded Systems, and more white papers, case studies, and use cases in our resource center.

Contributor

John Poulson

Sr. Account Manager

A senior manager and well respected security industry expert, John has worked in business development and sales for Wibu-Systems USA since 2001. When not consulting with customers on software licensing and protection solutions, John attends industry trade shows and conferences to stay abreast of the latest developments in the IT world. Prior to Wibu-Systems, John worked for Micro Security Systems, Eagle Data, and Griffin Technologies, all pioneers in software security.

Over the years, John has authored several blog articles on topics of general interest in cryptography as well as monetization of embedded systems in new and innovative ways.

]]>