With software becoming a competitive differentiator even in hardware designs, it is important to use behavioral analytics tools that protect proprietary software IP from theft.
Securing intellectual property (IP) and confidential product data is quickly becoming a challenge for many organizations, particularly those in the electronics manufacturing industry, where hardware design increasingly involves open source software.
All indications are that IP theft is on the rise. Just one example is the long-running lawsuit between a U.K. defense contractor, Meggitt, and its former employee who allegedly stole sensor specifications. It’s hard to obtain precise numbers because few companies want to publicize their weaknesses and losses, but according to research by security firm Kaspersky Lab, one in five manufacturing firms reported a loss of IP in 2014. And a recent Vormetric Insider Threat Report found that 89 percent of global senior business managers and IT professionals surveyed felt that their organizations were now more at risk from an insider attack than ever before.
[Missed ESC Silicon Valley? Network with your colleagues at ESC Minneapolis.]
Most electronics products have always been a combination of hardware and software, but increasingly software is the competitive differentiator among manufacturers. Just as systems manufacturers don’t create every single hardware component in their finished products, the software included in the products — such as operating systems, device drivers, and applications—usually also includes externally created code. This third-party code may be a commercial set of graphical controls, for example, but these code components are coming more frequently from open source software (OSS) repositories, such as those held on public repositories like SourceForge.
This software (both internally developed and OSS) and how it’s assembled are just as much valuable IP of the company as the hardware designs. It’s critical that adequate protections are applied to prevent IP leakage or theft.
Sadly, traditional cyber-protection tools don’t look at who accesses source code and how they use it. They tend to focus on perimeter defense, preventing network and firewall breaches and guarding customers’ personal information rather than monitoring who is accessing IP and what they’re doing with it.
Code repositories are often set apart in silos, and software developers tend to work in isolation with their own processes, which makes close scrutiny difficult. There is also a volume issue; designers and coders may be performing thousands or millions of transactions with their code repositories, making it even harder to spot dangerous behaviors.
Behavioral analytics for IP protection
While traditional data analytics used in business has a broader focus on insights across a business, for example stock levels or customer purchasing history, behavioral analytics narrows that scope. It does this by applying a level of “understanding” to the data by forming data points into patterns of behavior. This allows one to take seemingly unrelated data points and allow extrapolation and analysis of user or project behavior.
The dashboard in a typical behavioral analytics tool uses complex algorithms and data visualization to provide a view of risky behavior across all software projects and their participants over time.
As applied to software IP protection, behavioral analytics applies advanced mathematical techniques to large sets of data collected by the tools managing IP repositories and using knowledge of that context to better identify risk. By learning what “normal” behavior of users and projects looks like and combining multiple potentially risky behaviors it can flag risky operations with few false alarms. In this way, organizations avoid being alerted to minor incidents that are unlikely to be a risk while they gain confidence that real issues are being identified.
For instance, companies can monitor an engineer who is acting outside of his or her normal behavior patterns, such as downloading files from projects the engineer doesn’t normally access. Another example of suspicious behavior might be someone who checks out a larger amount of code than other members of their team or copies files to removable storage devices. By themselves, each of these activities may not appear to be very significant but the combination of taking files from unusual projects, taking more files than others on the same project and then putting those files on to a memory stick would flag a very high risk.
Today’s electronics firms face many battles, including how to remain competitive in progressively challenging markets. Their products are complex and including OSS components makes them even more so. Protecting IP has become increasingly important across the entire organization, but especially within product development processes, which are key assets in electronics companies. Securing those assets using new tools such as behavioral analytics will go a long way toward supporting survival and success in the future.
—Mark Warren studied computer science at Sheffield Polytechnic. With more than 25 years’ experience, he has worked as a development manager at software development and configuration management tools vendors and lead development teams using those tools to modernize development processes. He is currently product marketing director at Perforce Software.
Join over 2,000 technical professionals and embedded systems hardware, software, and firmware developers at ESC Minneapolis Nov 4-5, 2015 and learn about the latest techniques and tips for reducing time, cost, and complexity in the embedded development process. The Embedded Systems Conference and EE Times are owned by UBM Canon.