Enhance Production control with the Secure Desktop Provisioner...Toys (95) Perfumery and cosmetics...
Transcript of Enhance Production control with the Secure Desktop Provisioner...Toys (95) Perfumery and cosmetics...
Enhance Production control with the Secure Desktop Provisioner
Agenda
Problem statementThreatsThreat Defense Technologies IAR Systems SolutionsSummary
Problem Statement
Supply Chains are complex
enterprise iot insights, 2017
All the news is about attacks here i.e.IoT devices in
service
But attacks can also occur here …
… and here
IoT Supply Chains are even more complex
SoftwareApplicationDeveloper
IoTDeviceOEM
End User
Contract Manufacturer
SiliconPlatformVendor
ProvisioningCentre
ProgrammingCentre
Threats
Attacks targeting IoT devices
Top countries being targeted, and from which other countries, for the first half of 2019 (Source: F-Secure)
What is driving attacks?
Surge in IoT device attacks
Visual summary of IoT topics discussed in five underground hacking communities (Source: Trend Micro)
https://www.bankinfosecurity.com/attacks-targeting-iot-devices-windows-smb-surge-a-13082
The need for security has never been higher
0 5000 10000 15000 20000 25000 30000
Jewellery (71)
Pharmaceuticals (30)
Toys (95)
Perfumery and cosmetics (33)
Clothing, non knitted or crocheted (62)
Instruments, optical, medical etc. (90)
Watches (91)
Electrical machinery and equipment (85)
Articles of leather (42)
Clothing, knitted or crocheted (61)
Footwear (64)
Counterfeit Goods Seizures by Units **
* : OECD, April 2016. Trade in Counterfeit &Pirated Goods Mapping The Economic Impact**: OECD, April 2015. http://dx.doi.org/10.1787/888933345913
$500B+ per year• Intellectual property theft• Counterfeiting• Cloning and over-production
• Combined GDP of Ireland & Netherlands• Electronic devices Rank #4 & #6 by volume; #1 by
value• Overproduction & Counterfeiting Rampant• Offshoring has led to massive rise in issues• Transition of value moving to IP & Software
*
Threat Defence Technologies
Available security technologies
HSM
Root Certificate Authority
Self-signedRoot
Certificate
Root Private Key
Device
Device Private Key
Root Certificate Authority
DeviceCertificate
Digital Certificates
Public Key Infrastructures
Cryptography
Hash Algorithms
Hardware TechnologiesHardware Security Modules (HSM)
Trusted computers with the following features:o Perform cryptographic operations
• Key generation• Certificate generation/signing• HASHing functions• True random number generation (with good entropy)
o Manufactured with specialised hardware• Tamperproof
‒ Shrouded by conductive mesh‒ Encased in epoxy resin
o Runs on security oriented OSo Limited network accesso Management access controlled by strict processeso Actively hides and protects cryptographic material
Our solutions
Security Development Tools
Embedded Trust• Integrates identity and certificate
management• Implements a Secure Boot Manager• Protects your IP by inhibiting
unauthorized manufacturing• Provides secure deployment with
integrated manufacturing mastering• Enables release management with
versioning and update infrastructure
C-Trust
• Implements a Secure Boot Manager• Protects your IP by inhibiting
unauthorized manufacturing• Provides secure deployment with
integrated manufacturing mastering• Enables release management with
versioning and update infrastructure• Plug-in to IAR Embedded Workbench• C-STAT static analysis tool
Secure Desktop ProvisionerKey benefits
– Easy import of Secure Production Packages from C-Trust
– No additional security measures required, such as secure rooms
– Supports multiple products from multiple designers/OEMs
– Runs on a modern desktop or laptop– Example application to provision “out-of-the-box”– Full integration into IAR Embedded Workbench and
C-Trust development tools
Export Options
Create new versionand Master
Generate Encrypted User Application
Create secure Production Package for manufacture
Sign & authorisemanufacturing
Cloud Service
Secure Desktop Provisioner softwareSimple to use application allows:
o Selection of product to provisiono Selection of number of boards to provisiono Multiple target boards to be connected and
provisioned simultaneously (up to max of 4)o Semi-automated operationo Provisioning of authorised quantities only
Summary
• We make security simple• We provide software and hardware
tools that ensure secure provisioning