Secure Thingz, an IAR Systems® Group company, announced enhancements to the secure development tool Embedded Trust and the secure prototyping and production platform Secure Deploy, delivering enhanced protection of critical security assets during development, provisioning, and in-service as the foundation of a secure electronics supply chain.
The need for protection of security assets is widely accepted by the consumer and industrial IoT markets as a fundamental part of a “whole-product” security strategy and form a baseline across the European EN 303645 standards, and the recent US Cybersecurity Improvement Act.
The assets are used in the creation and implementation of unique identities and ensure the integrity of the product both at the point of manufacture and later whilst in service in the end user’s systems.
Critically many organizations also seek to protect their investment in intellectual property (IP) through tight control of provisioning credentials, both to control production quantities and preventing cloning. The updated solutions announced today further secure these credentials within secure enclaves, or vaults, inside of the microcontrollers, ensuring the highest level of security the devices can achieve, without escalating cost or complexity.
Renesas, a leading supplier of advanced semiconductor solutions, has a strong track record of providing advanced security solutions in the RX Family of 32-bit MCUs. A cornerstone of the Renesas security offering is the Trusted Secure IP (TSIP & TSIP-Lite) block included in many RX Family devices.
The TSIP offers multiple security features including robust key management, highly secured on-device storage, encryption/decryption, and a wide array of integrated countermeasures. Importantly, the TSIP contents cannot be accessed from elsewhere within the device, so key data and the cryptographic engine are strongly protected.
“With the number of connected devices continuing to rise, Renesas recognizes the growing need of embedded security throughout the development and production cycle; most of our customers are faced with challenges to realize robust security in their systems,” said Daryl Khoo, Vice President, Marketing, IoT Platform Business Division at Renesas.
“We have been collaborating with IAR Systems and Secure Thingz to strengthen security features in IoT devices by ensuring secure development flows and enabling global secure provisioning services. With the Embedded Trust and Secure Deploy now supporting RX MCU’s TSIP, we are poised to deliver enhanced protection of critical assets for any IoT product development and production, which eases and expedites the security design process for our customers.”
Secure Thingz delivers a comprehensive secure supply chain solution through the Embedded Trust and C-Trust security development tools, and the Secure Deploy secure prototyping and production platform. A critical component of a security development workflow is the generation and installation of a vendor-specific Secure Boot Manager (SBM), which is installed in the product as part of a robust Root of Trust.
Announced today with the releases of Embedded Trust v1.52 and Secure Deploy v3.22, the Root of Trust and assets managed by the SBM are encrypted during provisioning and stored securely with Renesas TSIP enclave. This process prevents application code or malware from accessing, modifying or impinging the Root of Trust or assets. Furthermore, the process is uniquely tied to the device ensuring that it is not possible to intercept the production to clone or counterfeit devices.
“The recent US Cybersecurity Improvement Act, alongside the European EN 303645 standards, highlight the need for both unique device management, updates, and secure supply chains”, said Haydn Povey, CEO of Secure Thingz.
“Through our cooperation with Renesas we are now bringing the strongest device security within the reach of every embedded developer and every application, substantially reducing the device attack surface and ensuring OEMs and end users are protected with best-in-class security.”
For more such updates follow us on Google News ITsecuritywire News.