R E S E A R C H
Progress on the IUNO Research Project
The German national reference project for IT security in Industry 4.0 – or IUNO for short – wanted to understand the threats and risks
facing the intelligent factories of tomorrow, develop suitable countermeasures, and put them to the test in powerful use cases. Wibu-
Systems and its universal security solution CodeMeter figure prominently in several of the project’s work packages and demonstrations.
Over the last three years, the members of the projects have worked hard to develop new practical scenarios for Industry 4.0, pinpoint
new security needs, and come up with protective solutions in response. This means reconciling different perspectives: Practitioners in
the field have very different priorities on the shop floor vs. companies coming from an IT background. The former care most about
reliability, while the latter are concerned with the many possible lines of attack the infrastructure is exposed to. IUNO has managed to
bring both worlds closer together and empowered people on both sides to see the common ground they share.
Use Case: Secure Technology Data
Marketplace
A technology data marketplace is used to
enable trades of data needed in manu-
facturing processes. Following the lead of
smartphone app stores, the marketplace has
the potential to make it easier for industry to
license and use required designs, parameters,
or recipes. The challenge is that the system has
to be as seamless and smooth as possible for
the intended user, while enabling the licensor
to enforce blanket or pay-per-use payment
models for their data. At no point should
the data be accessible in plain text or usable
without the right license. After all, the data is
the property and valuable asset of the licensor.
The IUNO demonstrator takes the form of
an automated cocktail mixer in which case
the intellectual property is represented by
cocktail recipes. An online marketplace allows
consumers to choose the recipe of interest and
buy the license for it, pay for it with Bitcoin,
transfer the recipe (with the required license
and keys) to the mixer, and watch the drink
being prepared. Applied to a more industrial
setting, a similar system could be used for
14
selling machine settings or blueprints for
3D printers. The system is data-agnostic
as it does not matter what type of data is
being traded. It can be used across different
vendors and systems, covering a wide range
of potential customers and environments with
a single system.
Use Case: Secure OPC UA and
RFID Communication
The use case of a secure RFID reader presents
a CodeMeter ASIC integrated into the proces-
sing unit of an intelligent RFID system made
by Balluff. The ASIC provides a space for the
secure storage of certificates for OPC UA com-
munication between the RFID reader and its
environment. The CodeMeter API is also used
to verify the integrity of the data on the RFID
tag by checking its signature. Balluff also plans
to protect and license individual functions of
the RFID reader with the already integrated
CodeMeter solution. An ASIC with the Code-
Meter Embedded stack can thus fulfill three
different functions within the evaluation unit.
Use Case: TPM 2.0
Working in partnership with Infineon, another
work package has integrated the Infineon
OPTIGA TM TPM 2.0 with a Linux system to
illustrate how software-based CmActLicenses
can be tied to an external secure element. The
result is a binding scheme that offers a level of
protection between a pure software solution
and a full-hardware CodeMeter Dongle or
ASIC. In environments that already have a
secure element in place or where a TPM is
mandatory, this allows a more robust binding
to hardware traits.