CodeMeter

The Programmable Logic Controllers (PLC) are the specialized devices used for automation of technology processes in the industry — allow to organize the managed communication between the software and industrial equipment, replacing with themselves unchangeable relays with static program filling.

More and more programmable controllers become worldwide program and intellectual property which can undergo illegal piracy actions. The German companies WIBU-SYSTEMS and 3S-Smart Software Solutions integrated software developments to creation of high-level protection against piracy and reengineering for the systems of programmable controllers. The purpose of the agreement of developers consists in offering the standardized tool for protection and licensing of applications for programmable controllers (PLCs), is transparent integrated and intuitive for a ready cycle of automation. A product of WIBU-SYSTEMS company — the system of software protection CodeMeter, will be available to buyers of a versatile tool of development of application programs for programmable logic controllers in languages of the IES 61131-3 standard (CoDeSys).

The company of 3S-smart Software Solutions with the product CoDeSys is one of leaders among suppliers of the tools for application development used on the programmable logic controllers (PLC) in languages of the IEC 61131-3 standard. Today the applications developed using the CoDeSys tool widely are applied in many areas: mobile applications, mechanics, power, engineering systems, management, etc. Having support of the leading industry developers, WIBU-SYSTEMS companies and 3S-Smart Software Solutions will prepare universal schemes of a product, ready for the market, on protection of the applications written using CoDeSys in the nearest future.

The system of software protection CodeMeter from WIBU-SYSTEMS company supports as all main lines of operating systems: Windows Mobile, CE, Embedded, XP and 7, and some assemblies of Linux, Sun Solaris of OS and Mac OS X. In each chip of a smart card of the separate hardware key executed in form factors: USB, CF, SD, more than 6,000 licenses from different developers can be prescribed mSD or ASIC. An analog of the hardware solution is the complete program implementation of protection of CodeMeter using applications for control the ciphered and signed file of the license CodeMeterAct.

Implementation of CodeMeter technology gives to developer companies unique opportunities of storage on a flash memory of the device, executed according to industry standards, not only the protected software product, but also the most operating system (Windows XP Embedded, Windows CE, Linux, Windows XP, Windows 7, VxWorks and td.). Hardware solutions in the form of the CmStick USB keys, mobile maps of Compact Flash, Secure Digital or micro-Secure Digital allow to control integrity of a deliverable software package, its use based on unique models of licensing and to provide reliable protection of "know-how" and critical program code against the attacks of cybercriminals. The CodeMeter system is the reliable tool for counteraction to viruses of new generation, such as Stuxnet, - this program weapon in virtual environment, capable to go out of the digital world and to damage or destroy the physical systems.

Besides, the versatile tool of development of application programs for CoDeSys programmable logic controllers supported by CodeMeter technology will deeply allow to integrate protection at a stage of development of applications that will minimize risk of a possible bypass of a security system.

Thus, the CodeMeter hardware devices developed according to the highest industry standards with internal a flash memory completely meet extremely difficult and specialized requirements of the industrial sector of the software and allow to prevent any possible attacks connected with modifying of software products or the operating system.

WIBU-Systems added in the summer of 2011 to the solution CodeMeter the new unique feature allowing the companies selling technical service contracts to lower considerably the finance costs. Many companies focused on big customers sell to the clients technical service contracts. Under such contract (usually its cost is about 20% of the cost of the license) the company provides to the customer technical support and all updates during the term of the agreement (usually it makes 1 year).

Acquisition of the contract guarantees to customer company permanent presence of most current release of software at all her employees. The CodeMeter technology allows to implement successfully function of maintenance and provides the maximum counteraction of illegal operation of intellectual property. How it works. The period of technical support is a time span during which all updates protected using the solution CodeMeter will have current licenses. The date of the license registered in the CodeMeter security key is compared to issue date of updating which is determined using the AxProtector program at the time of protection of the application. The new version will be started on the user's computer only then if issue date gets to a framework of validity period of the service agreement. Otherwise the client should purchase the new license.

Let's review an example. There are 2 companies which purchased technical support contracts: the duration of the agreement of company A expires on October 31, 2011, and companies B - on March 31, 2012. Let's assume that the developer released update and determined in AxProtector issue date on September 20, 2011. This updating will be available to both companies. After several months the developer company releases one more update on November 30, 2011 and sends to clients the protected file of application launch. At company B the application will be started without problems, and at company A the duration of the contract at that time will already expire, and without new license the application will not work.

Thus, use of function of the technical support implemented using CodeMeter is profitable both to clients, and to developers. The producer reduces the costs because at release of updates during validity period of technical support he does not need to publish new licenses for clients, and customers, in turn, should not update all keys and to purchase new licenses. Using CodeMeter not only reliable protection of intellectual property, but also significant economy of financial resources both for clients, and for developers is provided.

Any of participants of Hacker championship 2010 could not crack the CodeMeter hardware key

Any of participants of the Hacker championship 2010 held in China could not win a prize in half a million rubles from Wibu-Systems company, having cracked the CodeMeter hardware key. 128 official applications were submitted for participation in the championship. Among the registered participants there were large software developers, students of technical institutes, professors, the leading professionals hi-tech of the industry and the famous hacker groups of China.

Cracking of the application protected by the CodeMeter system so that it could be started without the corresponding CmStick hardware key was the main objective of the Hacker championship. Registered free of charge the application and the CodeMeter CmStick hardware key were provided to all. On the solution of an assigned task four weeks were allotted.

For a month of holding the championship nobody could propose the ready-made solution on cracking of the CodeMeter system. Most of participants got to a trap in attempt of a step-by-step bypass of CodeMeter of functionality of detection and blocking of illegal invasion into work (debuggers, decompilers, etc.) which is built in protection. After unsuccessful "concealment" of the implementable attack the CmStick keys were blocked at the physical layer. The subsequent attempts of cracking were accented on "brute force" the attacks of an algorithm of AES which finally did not lead to anything.

A number of the participants who did not manage to overcome protection concentrated on the analysis and detection of vulnerabilities, afterwards having provided a unique set of potentially implementable methods of use of similar shortcomings of a system. The result of work of hackers and hackers in this direction was offered technical specialists of Wibu-Systems in the form of interesting solutions on detection of the vulnerabilities which are earlier not noticed by developers. Detection of such poorly protected places allows Wibu-Systems company to react in the shortest possible time and to completely exclude a possibility of their application and development in the future.

Participants of the Hacker championship noted high degree of protection of CodeMeter which cornerstone use of the cryptochip with hardware implementation of powerful algorithms 128-bit AES, 224-bit ECC and 1024-bit RSA is. The high level of security is reached due to use of difficult methods of protection, one of which is jellied decoding of parts of the protected application only during their work. For participants of the championship it would become the following obstacle if they managed to bypass protection against illegal invasions into work. This method completely excludes stay in memory entirely of the decrypted application and a possibility of its complete "dump".

Bezdrayverny work of keys allows to use without additional settings protection in any operating systems using the built-in mass storage device driver. In the standard driver the encoded communication tunnel on which there is a safe data exchange between the CodeMeter hardware key and the protected application is created. One of development teams was engaged at the Hacker championship with method of cracking of communication link, but successful implementation of the signature and data encryption in the CodeMeter system completely excluded a possibility of use of the attacks like "people in the middle" in this direction.

Codemeter License Central

In addition to the existing support of the main MySQL DBMS, the version of Codemeter License Central of version 1.5 of the tool on effective management of licenses supports also other popular systems: Microsoft (MSSQL) and Oracle. This step became reflection of that fact that many companies already use solutions based on these products. These solutions are already integrated on IT Wednesday according to standards for backup. Thus, Codemeter License Central allows to use effectively existing resources and by that to reduce costs.