Secure Thingz Announces Enhancements to Protect Critical IoT Assets and Aid Companies in Achieving Legislative Compliance
March 01, 2021
In collaboration with Renesas, and in support of the 10th Anniversary of the Renesas RX family, Secure Thingz announced support of Renesas Trusted Secure IP (TSIP) technology in Embedded Trust and Secure Deploy.
Secure Thingz, an IAR Systems Group company, announced enhancements to the secure development tool Embedded Trust and the secure prototyping and production platform Secure Deploy, delivering protection of critical security assets during development, provisioning, and in-service as the foundation of a secure electronics supply chain.
Per the company, the need for protection of security assets is widely accepted by the consumer and industrial IoT markets as a fundamental part of a “whole-product” security strategy and form a baseline across the European EN 303645 standards, and the recent US Cybersecurity Improvement Act. The assets are used in the creation and implementation of identities and ensure the integrity of the product both at the point of manufacture and later whilst in service in the end user’s systems. Critically many organizations also seek to protect their investment in intellectual property (IP) through tight control of provisioning credentials, both to control production quantities and preventing cloning. The updated solutions announced further secure these credentials within secure enclaves, or vaults, inside of the microcontrollers, ensuring the high level of security the devices can achieve, without escalating cost or complexity.
Renesas has a track record of providing advanced security solutions in the RX Family of 32-bit MCUs. A cornerstone of the Renesas security offering is the Trusted Secure IP (TSIP & TSIP-Lite) block included in many RX Family devices. The TSIP offers multiple security features including robust key management, highly secured on-device storage, encryption/decryption, and a wide array of integrated countermeasures. Importantly, the TSIP contents cannot be accessed from elsewhere within the device, so key data and the cryptographic engine are protected.
Secure Thingz delivers a comprehensive secure supply chain solution through the Embedded Trust and C-Trust security development tools, and the Secure Deploy secure prototyping and production platform. A critical component of a security development workflow is the generation and installation of a vendor-specific Secure Boot Manager (SBM), which is installed in the product as part of a robust Root of Trust. Announced with the releases of Embedded Trust v1.52 and Secure Deploy v3.22, the Root of Trust and assets managed by the SBM are encrypted during provisioning and stored securely with Renesas TSIP enclave. This process prevents application code or malware from accessing, modifying or impinging the Root of Trust or assets. Furthermore, the process is tied to the device ensuring that it is not possible to intercept the production to clone or counterfeit devices.
For more information, visit: www.iar.com/security