Security of Things Kelly Jagers op Akkerhuis kelly.jagers@wibu-systems.nl Wibu-Systems sssss
Headquarters in Germany (Karlsruhe) Wibu-Systems Founded in 1989 Headquarters in Germany (Karlsruhe) Focus on Protection, Licensing and Security Top 2 in hardware based protection Top 3 in software licensing sssss
Internet of Things CODE_n15_internet_of_things_infographic
Scalable and flexible Advantages of the IoT Reducing costs Efficient, flexible, safe Improve patient safety Share resources and knowledge Effective and proactive maintenance
Sharing knowledge Reverse engineering unauthorized use Manipulation Risks 4.0 Sharing knowledge Reverse engineering unauthorized use Manipulation
Internet of Medical Things Patient Safety Privacy Interoperability Security
More and more medical systems are cross-linked Current situation More and more medical systems are cross-linked 50 billion “Things” connnected by 2020 New attack vectors for Cyber Physical Systems (CPS) IoT = Mobile Phone, PLC, IP-CAM, etc…, every system with small processor linked to Internet (Wifi / Ethernet) CPS = networked embedded systems sssss
Challenges Piracy Reduction Know how Protection Production Data Features on Demand Access Control Integrity Protection
Safely stored in a License Security of Things 4.0 Encryption of IP Secure bootloader Safely stored in a License www.globalprivacyblog.com
Encryption I Feature Code Release Date Firm Code Product Code Feature Map Maintenance Period SHA 256 AES Black Key 128 bit Firm Key Encryption Code Enc. Code Options
Symmetric Encryption –> standard Encryption II Symmetric Encryption –> standard 128-Bit AES (Advanced Encryption Standard) Used for encryption of executable code and data Asymmetric Encryption –> more advanced and sophisticated 224-Bit ECC (Elliptic Curve Cryptography) 2048-Bit RSA (Rivest Shamir Adleman) Used for Signatures and Authentication (Certificates) Required today for security in Cloud, SaaS, Server, Desktop, PLC, Embedded & IoT
Integrity Protection starts at boot Integration into boot loader Secure Boot Integrity Protection starts at boot Integration into boot loader Signature and encryption of complete operating system Forward check and backward check (state engine) of integrity Anchor of Trust sssss
Secure Boot Loader Application / Runtime / PLC Check Check Load Start Operating System (Windows, Linux, …) Check Check Load Start Boot Loader (UEFI, U-Boot, …) Check Check Load Start Hardware / Pre-Boot Loader
Safely stored in a License Different solutions for different cases sssss
Sirona: CAD/CAM dental solutions CodeMeter Dongles for licensing Activate machine features Distribute production rights (only original composites can be used) AxProtector for: Protection of Intellectual Property Prevention of Reverse Engineering Integrity Protection to avoid manipulation
Agfa-Healthcare: NX for Digital Radiography Tool for technologist Image Identification Radiography workflow & Quality Control Different protection schemes WibuBox for licensing of features AxProtector for: IP Protection Integrity check Data Protection 16
More than 7000 Customers
Kelly Jagers op Akkerhuis kelly.jagers@wibu-systems.nl www.wibu.com Thank you Kelly Jagers op Akkerhuis kelly.jagers@wibu-systems.nl www.wibu.com sssss