Blog Entry

Aug 10
2011 

Best Practices for Securing Embedded Software with Hardware Keys

Part 3 of 3 from the series “Take on Licensing: What High-Tech Manufacturers Need to Know”

Recently, I shared the five phases that high-tech manufacturers move through in the transition from hardware-based to software-based solutions.  Now that we’ve reviewed the phases and the challenges, let’s discuss best practices.

To overcome the challenges while moving to phase three, manufacturing companies have traditionally integrated copy protection into their products using hardware keys (dongles).

Typical hardware-key solutions provide off-the-shelf IP and copy protection, and enable equipment manufacturers to build a secure licensing mechanism. The licensing mechanism enables vendors to sell a range of products, based on a single codebase, and enables them to monetize the value-added features. The IP and copy protection mechanisms enable vendors to avoid cloning of their products, and thus maximize the life span of their competitive advantages.

Hardware keys are the classic and most efficient licensing solution for companies in phase three because they are simple to use, highly secure, and typically, very reliable. As long as the deliverables of companies in phase three are still completely physical, hardware keys are the best match for their distribution model – they simply attach the key as a component within the equipment.

A typical hardware key implementation keeps the equipment’s software license information in the key’s memory. In the event of an equipment failure, the use of a hardware key enables field technicians to replace the embedded computer while maintaining the same key with the customer’s license information. This avoids a potentially problematic situation that would exist if communication to the vendor’s back office, for the purpose of software license transfer, is not possible.

If your company is in phase three, it is likely that you already have a hardware key integrated into your products

Software-Based Licensing for Manufacturing

What do you do when you need to ensure that your investment in software development pays off, and that you are reimbursed for every copy of your software? You also probably see the need to protect the intellectual property and algorithms that your engineers have embedded in your software, and to maximize the duration for which your software is considered cutting edge and revolutionary.

These days, most software products are distributed over the internet. Protecting and licensing your new software product with a hardware key may appear to be the easiest and most straight forward step to take, given that you already have a hardware key in your other products. However, this method may cause some distribution difficulties in a world where users expect to be able to download the software and start using it right away.

For that reason, equipment manufacturers reaching the point of adding pure-software products to their offering typically choose to employ a software-based licensing system for their pure-software products, by either buying an off-the-shelf system, or by implementing their own.

Over time, companies that implement their own licensing system frequently discover that they are investing a disproportionate amount of their software development and support personnel’s time in maintaining, enhancing, and supporting their home-grown licensing system instead of focusing on their core competence. Such companies typically end up buying an off-the-shelf solution.

The disadvantage in the approach of employing a software-based licensing system is that those companies end up with two licensing systems; a hardware-based solution for the software embedded in their hardware products, and a software-based solution for their software-only solutions. This adds complexity to their back-office systems and complexity to the licensing and security code that is embedded in shared software components; resulting in increased maintenance and operational costs and lack of flexibility for changes to their business model.

Next Generation Licensing Solutions

Today’s licensing platforms, such as SafeNet’s Sentinel HASP, overcome these weaknesses by enabling similar licensing schemes in both hardware keys and software licenses. It is designed to enable vendors to change from a hardware key to a software license, without changing their product code. Sentinel HASP contains numerous business models out of the box, so that typically-complex licensing implementation can be spared.

By using Sentinel HASP, you provide your company with the freedom to progress through the transitional phases without encountering the challenges discussed in this paper.

Regardless of the current phase in your company’s evolution (producing computer-based equipment, selling software add-ons to the equipment, selling stand-alone software in addition to the machine, or moved entirely to software), integrating a flexible licensing platform enables you to advance your business from one phase to the next when your business needs it, rather than when your security system is ready for it.