Secure Thingz, an IAR Systems Group company, has introduced new versions of its security development tools to support next-generation secure install technologies intended to prevent malware throughout device lifecycles.
The updated Embedded Trust and C-Trust tools, which provide a complete security development environment for embedded applications, enhance the protection of intellectual property (IP) and inhibit the cloning and counterfeiting of embedded applications. These new capabilities will also assist companies in meeting the requirements of recently announced consumer IoT security standards, including EN 303 645. The tools enable implementation of foundation security measures such as encrypting the codebase and setting manufacturing limits.
A critical step in the development and production of internet of things (IoT) products is the secure installation, or provisioning, of identity and application software into each microcontroller during the manufacturing process. The transfer of code into the device is a significant attack surface where valuable intellectual property may be stolen or malware may be inserted. Preventing attacks is mission-critical for companies to protect their brand and retain consumer confidence in their products. To support this, semiconductor companies are looking into advanced secure install technologies that offer a secured communication path directly into the microcontroller at the point of provisioning, significantly reducing the risk of attack during this critical step.
With Embedded Trust, companies can define custom security contexts, which are descriptions of the security environments that are required to protect applications and used to uniquely service companies’ specific needs. The security contexts can be imported to the company’s security development tool C-Trust, enabling application developers to easily protect their application in the development toolchain of IAR’s Embedded Workbench, without having to master the deeper complexities of security. For simplified development, C-Trust also includes preconfigured security contexts.
“There is a need to act urgently and comprehensively on IoT product security, particularly considering how to protect valuable IP during manufacture to deliver products that consumers can be confident using,” said Haydn Povey, founder and CEO, Secure Thingz, and general manager of embedded security solutions for IAR Systems. “Government standards such as the European EN 303 645, Baseline Requirements for Consumer IoT Cyber Security, are becoming increasingly mandated to improve the security of everyday IoT devices. The combination of advanced MCU devices and the latest versions of Embedded Trust and C-Trust support all developers in rapidly achieving these emergent demands.”
To assist companies with achieving the right level of security for their needs, IAR Systems and Secure Thingz have developed what they call the ‘Security from Inception Suite’, which is a set of tools and services for implementing and customizing security in embedded applications.
- Protecting the Endpoint in IIoT: A Snapshot of Chip-Level Security
- Cryptographic companion chip upgrades automotive security
- A little early effort in security can return a huge payoff
- Evaluating an IoT security model against industry baselines
For more embedded, subscribe to embedded’s weekly email newsletter.