IoT security stack available in 4 pre
- Communications
- 2023-09-23 21:39:54
In a quest for the magic recipe for Internet of Things (IoT) security in the microcontroller (MCU) context, here comes a software stack that can be built on top of hardware, so embedded developers can simply compile and go. More importantly, this security software is available in four categories of security configurations, enabling embedded system developers to pick a solution that meets their application requirements.
Edge Protect security software—optimized for Infineon’s PSoC and AIROC family of chips—features four preconfigured product-security categories to satisfy regulatory and industry standards. It’s also aligned with PSA certified framework, which ensures that security guidelines are validated through approved, third-party security test houses.
“It’s protecting the edge in four different categories in terms of what feature sets associated with security are required to satisfy an IoT application,” said Erik Wood, senior director of product security at Infineon. “Apart from meeting industry regulations, which are targeted at serving end users, we also have security features for safeguarding OEM IPs.”
Below is a brief outline of these four embedded security configurations.
Edge Protect categories are tied to regulations, certifications, and design use cases. Source: Infineon
Category 1 complies with CRA, RED, and PSA L1v2 standards and features root-of-trust, secure boot, firmware updates, and Trust Zone processing isolation. It also allows developers to debug access protection to secure OEM IP.
Category 2, which complies with PSA L2 requirements, encompasses Category 1 features as well as the TF-M security services stack. “It has sufficient internal memory and offers more security services than Category 1,” added Wood.
Category 3, compliant with the next security level, PSA L3, offers Category 2 features plus hardened accelerated crypto operations and fault sensors. “It brings more robust physical protection with another set of sensors and fault management systems that are better at monitoring attacks on a device,” Wood said.
Category 4, which complies with PSA L3 as well as SESIP certification, includes a hardware-isolated, lockstep redundant, embedded-secured enclave at an AVA.VAN.4 security rating for secure boot, key storage, crypto operations, and debug access control.
“Category 4 comes with an isolated, dual-core hardware, where all security operations are conducted in a lockstep manner,” Wood concluded. “We believe this is going to be the maximum-security level for the next five to 10 years for embedded MCUs.”
Related Content
How PUF Technology is Securing IoTMicrocontroller with ChipDNA PUF Technology for IoTSTMicro allies with AWS, Azure to bolster IoT security offeringsSecure Thingz CEO: Implementing IoT Security Has to Be SimpleFirst PUF-based Root-of-trust IP Overcomes SRAM Stability ChallengeIoT security stack available in 4 pre由Voice of the EngineerCommunicationsColumn releasethank you for your recognition of Voice of the Engineer and for our original works As well as the favor of the article, you are very welcome to share it on your personal website or circle of friends, but please indicate the source of the article when reprinting it.“IoT security stack available in 4 pre”
