Forums

Embedded software copy protection

Started by Dennis January 6, 2007
Hi,

I'm creating software for a new machine that runs on a Windows XP-embedded 
PC with a I/O card and motor controller card. I need to protect the software 
from reverse engineering and copiing. The protection needs to be very solid. 
What would be a good method to do so? The costprice of the protection is not 
realy an issue, so protection via software and hardware is an option. A good 
protection is perhaps when the PC is opened the harddisk will destroy 
itself? On the other hand is the time to implement it a big constraint. 
There is much to do with only few people so if we could buy protection 
software and/or hardware than I would prefer that.  Any good advise on this?
Some context:
The number of products is about 100 per year.
Costprice per product > 100,000.- Euro.

Thanks in advance,
Dennis. 


On Sat, 6 Jan 2007 15:40:36 +0100, in comp.arch.embedded "Dennis"
<niet_spammen@aub.nl> wrote:

>Hi, > >I'm creating software for a new machine that runs on a Windows XP-embedded >PC with a I/O card and motor controller card. I need to protect the software >from reverse engineering and copiing. The protection needs to be very solid. >What would be a good method to do so? The costprice of the protection is not >realy an issue, so protection via software and hardware is an option. A good >protection is perhaps when the PC is opened the harddisk will destroy >itself? On the other hand is the time to implement it a big constraint. >There is much to do with only few people so if we could buy protection >software and/or hardware than I would prefer that. Any good advise on this? >Some context: >The number of products is about 100 per year. >Costprice per product > 100,000.- Euro. > >Thanks in advance, >Dennis. >
This may be of background interest http://video.google.com/videoplay?docid=-4356347903120410001&sourceid=docidfeed&hl=en martin
Put in the license that it is not permitted to copy or reverse-engineer
the software.

Anyone paying $100k for a box will pay attention to the fine print.

Otherwise, anyone paying $100k for a box can pay a few bucks
to rent the tools to copy your software as it transits the system bus.

You could build the PC into a security case, like a modified safe, with
a
combination lock and everything.

If you really do have the ability to wire up the triggers to the case,
you
could try this:

http://www.engadget.com/2005/06/24/chemically-misting-hard-drives-and-other-remote-data-security/

Sounds awfully silly, though.  And impossible to test.

Threatening to sue someone who breaks their contract to keep
the code secure is a much more powerful antidote.

Because if you don't tell them it's expensive to reverse-engineer
your machine, they will just guess at its behavior and pay a
crafty teenager $50 to write code to those requirements.

--Blair

On Sat, 6 Jan 2007 15:40:36 +0100, "Dennis" <niet_spammen@aub.nl>
wrote:

>Hi, > >I'm creating software for a new machine that runs on a Windows XP-embedded >PC with a I/O card and motor controller card. I need to protect the software >from reverse engineering and copiing. The protection needs to be very solid. >What would be a good method to do so? The costprice of the protection is not >realy an issue, so protection via software and hardware is an option. A good >protection is perhaps when the PC is opened the harddisk will destroy >itself? On the other hand is the time to implement it a big constraint. >There is much to do with only few people so if we could buy protection >software and/or hardware than I would prefer that. Any good advise on this? >Some context: >The number of products is about 100 per year. >Costprice per product > 100,000.- Euro.
Why do you use standard PC and standard OS ? With dedicated hardware and OS, the likelihood that someone could find a platform to copy your product to. Paul
On 2007-01-06, Dennis <niet_spammen@aub.nl> wrote:

> I'm creating software for a new machine that runs on a Windows XP-embedded > PC with a I/O card and motor controller card. I need to protect the software > from reverse engineering and copiing. The protection needs to be very solid. > What would be a good method to do so? The costprice of the protection is not > realy an issue, so protection via software and hardware is an option. A good > protection is perhaps when the PC is opened the harddisk will destroy > itself?
What you need is a small thermite grenade attached to the top of the hard-drive that's triggered when the case is opened. http://video.google.com/videoplay?docid=2289367460324643450 http://en.wikipedia.org/wiki/Thermite Might be a small liability problem...
> On the other hand is the time to implement it a big constraint. > There is much to do with only few people so if we could buy protection > software and/or hardware than I would prefer that. Any good advise on this?
Not really, but the video above is cool. ;) -- Grant Edwards grante Yow! I'm also against at BODY-SURFING!! visi.com
"Blair P. Houghton" wrote:
> > Put in the license that it is not permitted to copy or > reverse-engineer the software. > > Anyone paying $100k for a box will pay attention to the fine print.
... snip ... This is the best answer to the problem, But it will be incomprehensible to many, due to the lack of quoting. See below: -- If you want to post a followup via groups.google.com, ensure you quote enough for the article to make sense. Google is only a poor interface to usenet. There is no reason to assume your readers can, or ever will, see any previous articles. More details at: <http://cfaj.freeshell.org/google/> Also see <http://www.safalra.com/special/googlegroupsreply/>

Dennis wrote:

> Hi, > > I'm creating software for a new machine that runs on a Windows XP-embedded > PC with a I/O card and motor controller card. I need to protect the software > from reverse engineering and copiing. The protection needs to be very solid. > What would be a good method to do so? The costprice of the protection is not > realy an issue, so protection via software and hardware is an option. A good > protection is perhaps when the PC is opened the harddisk will destroy > itself? On the other hand is the time to implement it a big constraint. > There is much to do with only few people so if we could buy protection > software and/or hardware than I would prefer that. Any good advise on this? > Some context: > The number of products is about 100 per year. > Costprice per product > 100,000.- Euro.
There is no way to solve the non-technical problem by the technical means. If your software/hardware is really worth protection, you should protect it legally. Vladimir Vassilevsky DSP and Mixed Signal Design Consultant http://www.abvolt.com
On Sat, 6 Jan 2007 15:40:36 +0100, "Dennis" <niet_spammen@aub.nl>
wrote:

>Hi, > >I'm creating software for a new machine that runs on a Windows XP-embedded >PC with a I/O card and motor controller card. I need to protect the software >from reverse engineering and copiing. The protection needs to be very solid. >What would be a good method to do so? The costprice of the protection is not >realy an issue, so protection via software and hardware is an option. A good >protection is perhaps when the PC is opened the harddisk will destroy >itself? On the other hand is the time to implement it a big constraint. >There is much to do with only few people so if we could buy protection >software and/or hardware than I would prefer that. Any good advise on this? >Some context: >The number of products is about 100 per year. >Costprice per product > 100,000.- Euro. > >Thanks in advance, >Dennis. >
Dongle? John
Dennis wrote:

> Hi, > > I'm creating software for a new machine that runs on a Windows XP-embedded > PC with a I/O card and motor controller card. I need to protect the > software from reverse engineering and copiing. The protection needs to be > very solid. What would be a good method to do so? The costprice of the > protection is not realy an issue, so protection via software and hardware > is an option. A good protection is perhaps when the PC is opened the > harddisk will destroy itself? On the other hand is the time to implement > it a big constraint. There is much to do with only few people so if we > could buy protection > software and/or hardware than I would prefer that. Any good advise on > this? Some context: > The number of products is about 100 per year. > Costprice per product > 100,000.- Euro. > > Thanks in advance, > Dennis.
Stop and think a bit about what you are doing here. Are you sure you want to use an PC with XP on this type of project. You are controlling a mechanical device (the motor) which may have the potential to do a great deal of harm if your system got to a state where it couldn't be shut off quickly. If this is for a small motor with very little torque available then it might be OK. Perhaps you might consider constructing a proper embedded system (from SBC based modules), with the hardware fully tailored to perform the tasks required. Ditch any idea of running XP or maybe you do not really need an operating system at all. Then you will have a mix of hardware and software to be able to fulfill the customers requirements and they will come back when they need more such systems. -- ******************************************************************** Paul E. Bennett ....................<email://peb@amleth.demon.co.uk> Forth based HIDECS Consultancy .....<http://www.amleth.demon.co.uk/> Mob: +44 (0)7811-639972 Tel: +44 (0)1235-811095 Going Forth Safely ..... EBA. www.electric-boat-association.org.uk.. ********************************************************************
On Sun, 07 Jan 2007 11:04:55 +0000, "Paul E. Bennett"
<peb@amleth.demon.co.uk> wrote:

>Dennis wrote: > >> Hi, >> >> I'm creating software for a new machine that runs on a Windows XP-embedded >> PC with a I/O card and motor controller card. I need to protect the >> software from reverse engineering and copiing. The protection needs to be >> very solid. What would be a good method to do so? The costprice of the >> protection is not realy an issue, so protection via software and hardware >> is an option. A good protection is perhaps when the PC is opened the >> harddisk will destroy itself? On the other hand is the time to implement >> it a big constraint. There is much to do with only few people so if we >> could buy protection >> software and/or hardware than I would prefer that. Any good advise on >> this? Some context: >> The number of products is about 100 per year. >> Costprice per product > 100,000.- Euro. >> >> Thanks in advance, >> Dennis. > >Stop and think a bit about what you are doing here. > >Are you sure you want to use an PC with XP on this type of project. You are >controlling a mechanical device (the motor) which may have the potential to >do a great deal of harm if your system got to a state where it couldn't be >shut off quickly.
Any system that needs to be shut off quickly should have a large number of those big red emergency STOP switches distributed all over the place, that will simply cut the power to the control electronics in case of an emergency, possibly activating some spring loaded breaks.
>Perhaps you might consider constructing a proper embedded system (from SBC >based modules), with the hardware fully tailored to perform the tasks >required. Ditch any idea of running XP or maybe you do not really need an >operating system at all. Then you will have a mix of hardware and software >to be able to fulfill the customers requirements and they will come back >when they need more such systems.
XP Embedded is a usable platform for running the user interface for a control system, but is it an appropriate platform for the actual motor control is an other question. The question of data security, copy protection etc. should not be addressed as some kind of a late add-on feature, but these things should be part of the initial product design. With the OP's requirements, I would design a system, with the actual control logic using some dedicated card, running some possibly in-house OS, while the user interface would be running perhaps XP Embedded. It would not be a pity, if someone copied the user interface, since the system would not work without the specific hardware. In fact it might be a good idea to distribute the user interface as a demo product for potential customers. No matter how wildly the user interface is cloned, the actual product bringing the revenues would be hard to clone, especially, when the number of potential users are that low, since with such low number of potential customers no-one would do it. Apparently nobody noticed the sarcasm in my previous post :-). Paul