Periodic Reporting for period 1 - X5 bitworker (X5 bitworker - The Copying System for the Internet of Things and Industry 4.0)
Reporting period: 2016-12-01 to 2017-05-31
Importance for society: It was proven that Internet-connected cars can be compromised, as well. That hackers can carry out any number of malicious activities, including taking control of the entertainment system, unlocking the doors or even shutting down the car in motion. Machinery only provides faulty operation, but the source of error cannot be identified and the machine owner finally has to give up, maybe even sell the whole company to a competitor. Manipulation, reproduction, misuse of remote support or unintentional access of the customer not only cause fault but may turn into threats to existence for the producing company. Security strategies that consider the production lines as well as the whole life cycle of products over long term periods are needed.
Overall objective: X-Net Technology GmbH has developed X5 bitworker (X5) as a solution for secure, simple and error-free recording of customised mass data in form of 1:1 copies to assemble data carrier containing individual data into the products and to enable unique encryption during just-in-time production and over the whole product life cycle. X5 is therefore dedicated to protect software of products and know how of companies producing this software and to secure the production of data carrier containing these software components. Further on, X5 is designed to handle the complex requirements of producing companies and considers secured communication, authentication and encryption. Combination of software and hardware components allow individualisation of security strategies and enable the production of 1:1 copies in-line or outsourced to third party manufacturers and the integration of secure life cycle management strategies.
Economic viability was assessed through several activities: In a workshop, the strategic business fields were defined. Further on, the most relevant countries were segmented by means of 5 forces Porter analysis. According to the relevant company size, a desktop research was executed to rate and prove the identified branches and countries. Using Canvas Business Model, value proposition, customer segments and channels were identified as basis for further sales planing and to identify communication models and key partners. SWOT and competitor analysis were executed. As a result, the initial market entry, the distribution channels, the communications strategy including market awareness and the schedule for a roll-out according to the waterfall strategy were defined. A detailed sales and operations plan points out expectable revenues as well as needed skills and resources for fast market uptake.
In the marketing and sales strategy, measures to reach full commercialisation were identified. Speeches held at federation of industries, cluster initiatives and networks helped to identify requirements and to support dissemination and exploitation of X5. X5 solutions will be presented at platforms, conferences and trade fairs dealing with IT security, Industry 4.0 and IoT and automation of production. The communication strategy will focus on security for producing companies.
Within the sales planning the technological feasibility of concept was proven. The waterfall strategy for market entry was favoured over sprinkler strategy, as this enables an optimally adapted communication strategy and a standardised approach towards potential customers. Further on, growth can be handled easier as staff is continuously built up. Production and inventory strategies were achieved.
The result of the performed work is a feasibility report including a business plan, which is available on the project website of X5 bitworker.
X5 not only enables unique encryption for each software part of a product through the automated execution of 1:1 copies integrated in production lines. It also provides added value through protected communication and data transfer from data sources to X5 and further on to flash media. The integration of authentication scenarios for safe and unambiguous assignment affects the communication of user with a device as well as machine-to-machine communication. Open source tools for encryption and standard cryptographic algorithms are used and give necessary transparency in the functionality. Combinations of software encryption with hardware characteristics avoid copying of contents. Commandeering a large number of internet-connected devices to serve as helpers for attacks are excluded as each device would have to be hacked separately. Individual components and the necessary key to decrypt during life span of the product are developed by product owner themselves. API security is essential for protecting the integrity of data transition between devices and back-end systems to ensure that only authorised devices, developers and applications are communicating with these APIs.