Seamlessly Integrate Security into Your Embedded Development Workflow
July 21, 2020
In this series of five webcasts, we'll run through the five key security-related problems that will impact your design, and more importantly, how to solve them.
Security is a problem today. In fact, the percentage of embedded systems that are designed with all possible security features enabled is extremely low, less than 4 percent according to one recent study. The key reason for that is because security just isn’t part of the embedded design process. It’s more of a bolt-on.
In this series of five webcasts, we’ll run through the five key security-related problems that will impact your design, and more importantly, how to solve them. We’ll use IAR Systems’ newly introduced C-Trust tool as the gateway to that security plateau. Those five areas are: Legislation, Protect your IP, Secure Context Editor, Secure Boot Manager, Provisioning, and Device Support.
By the end of the five-part series, you’ll understand why and how security can and should be integrated into every segment of your development process.
Depending on your geography, or more specifically, the intended geography for your embedded design, the rules surrounding security may be different than other geographies. Different governments and other legislative bodies are continually changing the rules of the game. And again, depending on your geography, they may be stricter or more lenient, but they are likely different.
In Part I of this five-part series, we’ll cover which legislative issues you need to concern yourself with; how to find the information that matches your geography; and how to implement that end-to-end strategy. The webcast will be led by Haydn Povey, CEO of Secure Thingz, and one of the leaders of the IoT Security Foundation.
Your IP is essentially the crown jewels of your design, if not your entire company. Hence, it’s vital to ensure that it remains secure. However, it’s not always obvious where the weak link in your protection chain resides. And there’s far more to it than the old adage of “monitor, detect, and respond.”
In Part II of this five-part webinar series, we’ll help developers chart a course for complete IP security to protect end devices and company IP. We will reference the IAR Systems’ C-Trust Security tool to aid in the design-flow process. C-Trust can be integrated into the company’s popular Embedded Workbench product. Hosted by Rafael Taubinger, IAR’s Global FAE Manager, the webinar will provide specifics tactics you can deploy today to ensure the safety of your IP.
Secure contexts define the configuration of the trusted execution environment and ensure that minimum standards of authentication and confidentiality are met. In many cases, APIs are only accessible via a secure context. This is a method of ensuring that your embedded code remains secure and out of the hands of attackers. And it ensures that you remain in control of your system’s operation.
The need for such a process sounds obvious, but when it comes to implementation, strict guidelines should be adhered to. In Part III of this five-part webinar series, we’ll show you the secure contexts editor employed in the C-Trust security tool, and how to rapidly apply secure contexts to your application. The webinar is led by Clive Watts, Director of Product Management at Secure Thingz.
Secure Provisioning involves defining a key infrastructure during the development process to dynamically generate secure keys, then insert those keys into the device along with a cryptographically secured application image. That process sounds complex, but it needn’t be if you follow a step-by-step process. In Part V of this five-part webinar series, Clive Watts, Director of Product Management at Secure Thingz, will lay out a roadmap for that device provisioning. Clive will show how the combination of IAR’s C-Trust tool and its Secure Desktop Provisioner work together to make this process seamless. Specifically, he’ll discuss which devices permit provisioning; what tradeoffs are involved; and how you can maintain security over time.
System security often starts with a secure boot process, which is managed by the Secure Boot Manager, which lives alongside the provisioning of secure keys and certificates, to provide a robust root of trust. If your system does not deploy a secure boot mechanism, you’re clearly opening yourself up to hackers.
Questions that will be addressed in Part IV of this five-part webinar series include: when is the best time to implement a secure boot manager; how do I ensure that the application code is signed and encrypted correctly; and what other features of the Secure Boot Manager should developers know about. The webinar is led by Shawn Prestridge, IAR’s US Field Applications Engineer Team Leader.