White Paper
Protecting against Reverse Engineering
Building a counterfeit copy of a machine is only possible if one has access to its operating software.
Counterfeiters would try to extract the application code from the control system for reverse engineering:
these attempts are blocked or made almost impossible with the AxProtector technology.
License Protection and Illegal Copies
Buy one, use many. This is the common fate of software.
Unethical people are known to supply their friends and acquaintances with software or engage in a
thriving trade of other people’s property. Copy a CD and write down the license number: Nothing is
simpler to make than an illegal copy. It does not take long for many software packages to be installed from
a single license. Simple license serial numbers and passwords are not effective protection. An integrated
license protection system like CodeMeter creates much higher walls for criminals to climb. No hacker has
yet broken the CodeMeter guard. The software developer’s ROI is protected, because his product can only
function if a valid license is present. He stays in control of his licenses by implementing and integrating
CodeMeter. An implementation is only the first step as now the license process needs to be managed:
license creation, license distribution, license updates, backup and restoration of licenses, and data mining
with rich reporting. For all these tasks CodeMeter License Central is available as the single solution for
creating and distributing licenses. It is integrated with the sales and distribution processes and streamlines
the license publisher’s business processes. Such license management and protection used to be limited
to PC software, but software has long become an essential element of industrial machines and entire
plants, where it is responsible for many functions. The risk of illegal copying must not be ignored in plant
automation.
Export Controls
Control systems are universally applicable and have versatile designs. They are often subject to stringent
export restrictions. The producers of such control systems are required to ensure that their products
are not being sold to users in embargoed markets. To meet this requirement selective and restrictive
sales to trusted engineering firms in combination with CodeMeter license protections is the answer.
The license rights can be defined down to a level of individual functions. Selected critical features are
license-protected and only operable with the right activation code. This level of protection means that
the control-system developer fulfills his legal requirements in terms of export controls. The tamperproof
recorded details of the licenses in CodeMeter License Central is evidence of the producer’s due diligence.
The same applies to the license holders. All licenses are stored in a dedicated container, either in a soft
license file format or as industry-ready dongles.
Terrorism, Sabotage
Terrorism and sabotage are real threats in today’s world. Cybercrime is on the rise. The terrorist and
suicide bombers of old are joined by smart criminals who pursue their ends by manipulating technical
systems. Their mission is to create substantial and high-profile damage, whether by traditional bomb
or a blast caused by a control system that has been tampered with. Greed, revenge, and ideology have
made people, machines, and products the target of increasing criminal attention. Control systems are
ubiquitous: Driverless subway trains in cities, chemical plants, or wind farms in the countryside. Offsite
maintenance and parameterization are open windows for cybercriminals wishing to access these controls.
Most controls are located in closed networks, protected by VPN and firewalls. But do these means protect
the controls themselves from illegal access? Access data for VPN can be stolen or gained by blackmail.
Even good firewalls are not impenetrable for determined hackers. When a hacker has gained access to the
network, most doors will be open to him. Behind the firewall, the control systems are laid bare. CodeMeter
can protect against such illicit access to control systems. Every control system is a separate protected
entity. CodeMeter-protected controls raise formidable barriers to hacking: the hacker is prevented from
loading malware into the system or manipulate it for his criminal purposes.
Demo Devices
A clever terrorist would try to get access to the developer tools and prototype designs, but CodeMeter
would be there to stop him. He could not manipulate the live system by reverse engineering the demo
device, as separate key chains would prevent this. Fully functioning prototypes are thus incompatible with
the final market system.
7