KEYnote 27 English - Spring 2014 - Page 9

Wibu-Systems’ Protection Suite for PCs and Embedded Systems The increasingly loud call for better protection for industrial applications and data has encouraged Wibu-Systems in its commitment to improving protection in the sector with its Protection Suite. In traditional PCs, memory or processing power are not an issue anymore, whereas embedded systems often use smallscale, resource-efficient architectures. Open systems like VxWorks, Android, or Linux also play a more prominent role here than they do in the desktop world, as they allow individual adjustments to the given needs. AxProtector, for PCs, and ExProtector, for embedded devices, are able to encrypt complete applications or single libraries securely without any change to the applications source code. The CodeMeter software takes care of decrypting these files for the run-time environment and scans for any potential attacks. AxProtector creates an encrypted archive of the original application code and adds selfextraction functionality as well as the necessary license parameters to authorize the decryption by the CodeMeter runtime. This adds only a few kilobytes to the encrypted file. After the archive has been authorized and extracted, it checks its integrity automatically. Embedded systems often have higher requirements in terms of real-time capabilities, while having less memory and processing Original Software Operating System ExProtector Encrypted software Modified loader Credentials ExEngine (ExProtector Runtime) Encrypted Encryption Key Hash signature of the original software CodeMeter Embedded Driver Public Key and Public Certificate Process of integrity check power than their desktop counterparts. That’s why we optimized AxProtector concept for embedded systems’ specific restrictions. ExProtector ExProtector encrypts applications, libraries, or data files for embedded systems. The encrypted file includes only a handful of additional bytes with the license parameters required for decryption and the signed hash (checksum) in the header. All cryptographic functionality is already built into the operating system itself, including the drivers for accessing licenses on dongles or software-based CmActLicenses as native code. Wind River offers VxWorks with the CodeMeter Loader completely integrated from the start. A similar integration in Linux and Android is easy because of the flexible modifications allowed by these operating systems. This deep integration in the operating system makes for greater efficiency and greater security. The Loader uses the hashes and signatures to check the integrity of the applications or files encrypted by ExProtector after their authorization and extraction. Combined with secure boot procedures, which CodeMeter’s technology also covers, one can produce a completely copy- and tamper-proof system without the need for additional software. Wibu-Systems Protection Suite VxWorks Software authorization Ex Ax CodeMeter Runtime Ex Ax Ex Integrity protection Ex Automatic protection (IP protection) Embedded Driver Custom API access Wibu-Systems Protection Suite with the current Protectors (solid border) and planned Protectors (striped border) 9