protect intellectual property and deliver secure ... · integration with the cloud solutions from...
TRANSCRIPT
![Page 1: Protect Intellectual Property and Deliver Secure ... · integration with the cloud solutions from Amazon Web Services. Thanks to this integration, you can inspect and control the](https://reader034.vdocuments.us/reader034/viewer/2022042221/5ec7e6639b761d7a4112aa8e/html5/thumbnails/1.jpg)
Protect Intellectual Property and Deliver Secure, Encrypted Code with C-TrustShawn A. Prestridge, US FAE Team Leader
![Page 2: Protect Intellectual Property and Deliver Secure ... · integration with the cloud solutions from Amazon Web Services. Thanks to this integration, you can inspect and control the](https://reader034.vdocuments.us/reader034/viewer/2022042221/5ec7e6639b761d7a4112aa8e/html5/thumbnails/2.jpg)
Agenda
Where does security begin? Joining forces with Secure Thingz Encrypted code delivery simplified Summary
![Page 3: Protect Intellectual Property and Deliver Secure ... · integration with the cloud solutions from Amazon Web Services. Thanks to this integration, you can inspect and control the](https://reader034.vdocuments.us/reader034/viewer/2022042221/5ec7e6639b761d7a4112aa8e/html5/thumbnails/3.jpg)
Where does security begin?
It should be from your project’s inception
![Page 4: Protect Intellectual Property and Deliver Secure ... · integration with the cloud solutions from Amazon Web Services. Thanks to this integration, you can inspect and control the](https://reader034.vdocuments.us/reader034/viewer/2022042221/5ec7e6639b761d7a4112aa8e/html5/thumbnails/4.jpg)
The road to security: With our customers all the way
Ensured code quality> Analysis and
testing
Functional safety
> Certifiedproducts
Securing IP and data
> Chain of Trust
Traditional embedded
development
![Page 5: Protect Intellectual Property and Deliver Secure ... · integration with the cloud solutions from Amazon Web Services. Thanks to this integration, you can inspect and control the](https://reader034.vdocuments.us/reader034/viewer/2022042221/5ec7e6639b761d7a4112aa8e/html5/thumbnails/5.jpg)
More than an ordinary toolbox
![Page 6: Protect Intellectual Property and Deliver Secure ... · integration with the cloud solutions from Amazon Web Services. Thanks to this integration, you can inspect and control the](https://reader034.vdocuments.us/reader034/viewer/2022042221/5ec7e6639b761d7a4112aa8e/html5/thumbnails/6.jpg)
Integrated code analysisC-STAT: Static code analysis• Check compliance with specific standards like MISRA C:2004,
MISRA C++:2008 and MISRA C:2012• Checks compliance with the coding standard CERT C for
secure coding• Detect defects, bugs, and security vulnerabilities as defined by
the Common Weakness Enumeration (CWE)• Extensive and detailed documentation
C-RUN: runtime analysis• Bounds checking, arithmetic, heap and memory leaks checking• Code correlation and graphical feedback in editor• Very efficient instrumentation of compiled code
![Page 7: Protect Intellectual Property and Deliver Secure ... · integration with the cloud solutions from Amazon Web Services. Thanks to this integration, you can inspect and control the](https://reader034.vdocuments.us/reader034/viewer/2022042221/5ec7e6639b761d7a4112aa8e/html5/thumbnails/7.jpg)
Debugging all the way up to the cloudIntegration with Amazon Web Services is available in IAR Embedded Workbench
IAR Embedded Workbench for Arm, AWS edition, provides an integration with the cloud solutions from Amazon Web Services.
Thanks to this integration, you can inspect and control the cloud communication of your device directly in the world’s leading development toolchain, making development and debugging of IoT applications simplified and more efficient.
![Page 8: Protect Intellectual Property and Deliver Secure ... · integration with the cloud solutions from Amazon Web Services. Thanks to this integration, you can inspect and control the](https://reader034.vdocuments.us/reader034/viewer/2022042221/5ec7e6639b761d7a4112aa8e/html5/thumbnails/8.jpg)
IAR Systems and Secure Thingz share a vision on security
![Page 9: Protect Intellectual Property and Deliver Secure ... · integration with the cloud solutions from Amazon Web Services. Thanks to this integration, you can inspect and control the](https://reader034.vdocuments.us/reader034/viewer/2022042221/5ec7e6639b761d7a4112aa8e/html5/thumbnails/9.jpg)
1. Security must be integrated from inception- Adding security late in the development process rarely
works.
2. IoT security needs to be straightforward, scalable and sustainable
- Building security into the design process is the best way to achieve long-term robust and scalable security.
3. By making security implementation easier, we will help our customers secure their intellectual assets, accelerate trustworthy product delivery and transform security from a cost to a benefit.
Shared vision for a secure future, based on three fundamental beliefs:
![Page 10: Protect Intellectual Property and Deliver Secure ... · integration with the cloud solutions from Amazon Web Services. Thanks to this integration, you can inspect and control the](https://reader034.vdocuments.us/reader034/viewer/2022042221/5ec7e6639b761d7a4112aa8e/html5/thumbnails/10.jpg)
Encrypted Code Delivery
![Page 11: Protect Intellectual Property and Deliver Secure ... · integration with the cloud solutions from Amazon Web Services. Thanks to this integration, you can inspect and control the](https://reader034.vdocuments.us/reader034/viewer/2022042221/5ec7e6639b761d7a4112aa8e/html5/thumbnails/11.jpg)
C-Trust
Already using IAR Embedded Workbench for Arm? Get started in no time!
• Security development tool that works as an extension to IAR Embedded Workbench
• Enables application developers to deliver secure, encrypted code• Ready-made Security Context Profiles for IP protection and
Production control included• Support for mainstream microcontroller devices enables large
number of existing applications to now have security integrated
![Page 12: Protect Intellectual Property and Deliver Secure ... · integration with the cloud solutions from Amazon Web Services. Thanks to this integration, you can inspect and control the](https://reader034.vdocuments.us/reader034/viewer/2022042221/5ec7e6639b761d7a4112aa8e/html5/thumbnails/12.jpg)
Deploy Manage and updateManufacture
DevelopSecurityContext
Build SBM, Provision device TestDevelop
application
Security SW development flow
Create your Security Context, Build the Secure Boot Manager and Provision the device
001011110100111101010010001011110100111111010110101010001111010101101010110110110101010010100100100101101010010100100011101000100101
1001011110100000111100101101001010
10101100101001110111100 0101101001011
001011101101010010001010100101110010111101111101001111001010101001101011000
010111100
Develop and Test the applicationusing development keys
Build using production keys,then Deploy to Manufacturing
00101111010011110101001000101111010011110101001011001011110100111101010010111100
0101001011001011110100111101010010111100
SBM00101111010011110101001000101111010011110101001011001011110100111101010010111100
MasteredApplication
![Page 13: Protect Intellectual Property and Deliver Secure ... · integration with the cloud solutions from Amazon Web Services. Thanks to this integration, you can inspect and control the](https://reader034.vdocuments.us/reader034/viewer/2022042221/5ec7e6639b761d7a4112aa8e/html5/thumbnails/13.jpg)
Steps to providing encrypted code delivery• Define security context
– Contains information about the MCU you are using– Contains information about the Chain of Trust (CoT) so code can be signed
• Develop Secure Boot Manager (SBM)– Can use our ready-made example– Can customize our SBM to your needs
• Provision devices– Program boards with the SBM and CoT so they can verify code– Done for both production board and pre-production (engineering) boards
![Page 14: Protect Intellectual Property and Deliver Secure ... · integration with the cloud solutions from Amazon Web Services. Thanks to this integration, you can inspect and control the](https://reader034.vdocuments.us/reader034/viewer/2022042221/5ec7e6639b761d7a4112aa8e/html5/thumbnails/14.jpg)
Steps to providing encrypted code delivery• Security Context Profiles are provided to developers who have C-Trust
enabled on their Embedded Workbench
• Once a developer enables C-Trust with the security context profile, each time they build a project, the executable is mastered according to the context*
– Code is encrypted– Encrypted code is then signed
• Download-and-debug puts the encrypted/signed code into an update slot and the SBM decrypts and bootloads the code*
*Done automatically with no intervention necessary from developer
![Page 15: Protect Intellectual Property and Deliver Secure ... · integration with the cloud solutions from Amazon Web Services. Thanks to this integration, you can inspect and control the](https://reader034.vdocuments.us/reader034/viewer/2022042221/5ec7e6639b761d7a4112aa8e/html5/thumbnails/15.jpg)
Demonstration
![Page 16: Protect Intellectual Property and Deliver Secure ... · integration with the cloud solutions from Amazon Web Services. Thanks to this integration, you can inspect and control the](https://reader034.vdocuments.us/reader034/viewer/2022042221/5ec7e6639b761d7a4112aa8e/html5/thumbnails/16.jpg)
Security from Inception SuiteUnique set of tools and services for implementing and customizing security in embedded applications!
• Embedded Trust – Security Development Environment• C-Trust – integrating security in the development workflow• Secure Desktop Provisioner – Secure development and prototyping• IAR Embedded Workbench – Complete C/C++ compiler and debugger
toolchain in one single integrated development environment• C-STAT – integrating static code analysis in the development workflow• I-jet – Industry-leading high-speed in-circuit debugging probe• Training services and custom design reviews
![Page 17: Protect Intellectual Property and Deliver Secure ... · integration with the cloud solutions from Amazon Web Services. Thanks to this integration, you can inspect and control the](https://reader034.vdocuments.us/reader034/viewer/2022042221/5ec7e6639b761d7a4112aa8e/html5/thumbnails/17.jpg)
Security from Inception Suite—Editions
![Page 18: Protect Intellectual Property and Deliver Secure ... · integration with the cloud solutions from Amazon Web Services. Thanks to this integration, you can inspect and control the](https://reader034.vdocuments.us/reader034/viewer/2022042221/5ec7e6639b761d7a4112aa8e/html5/thumbnails/18.jpg)
Summary• We are with you all the way to total security• Good security is hard, but with the right
tools it becomes easy• Providing encrypted and secured code is
simple with our solution