How do you keep IP security for your clients?

Especially when you are flashing and testing firmware for their products?

We had this headache when we went to China. Everything that we showed there always caused a bit of tension, “what can we show to these guys in China? What about these guys in India?”. There were a lot of worries in our group regarding information sharing.

So we were very cautious, especially with our two flagship products. For things like a temperature or humidity sensor, you can probably find many alternatives. But with our main products like the Smart Weight and Pig Vision we were very cautious. We always decided to separate the hardware from the firmware. We always kept them apart. So even if someone got information that they not should not have, they still would not be able to make the product out there. For example, the Pig Vision has a lot of intelligence that sits in the firmware. You can identify immediately that it is a camera, but if you don’t know how old technology behind it works, you can’t replicate the product.

Many of our clients now have us flash the firmware, but we ask them to put some key in it. So even with the firmware that we flash into the products, it’s still not working entirely until they do the last step in the firmware.

Firstly, there is no such thing as 100% security.

Secondly, ask your clients what would be the damage of breaking in to the product, in cases of physical access, communication breach or reading and reverse engineering the firmware.

Thirdly, the IP security has many layers which starts from the system architecture and the real value of the product and the company producing the product is in its customer support and improvement over time.

Technically, securing IP hardware and firmware depends on the selected hardware capabilities and its options to lock in physical access to tools such as debuggers and diagnostic ports, for example, there are encrypted bootloaders that help to secure access to the device and its peripherals, firmware encryption is also an option in some cases.

Lastly, securing IP is an expensive and not an easy task with no universal solution and often must be tailored to the specific product.

1 Like