. Cypherbridge SDKs, including uLoadXL+ for STM32 platforms, have added support for the STSAFE secure element.
. The STMicroelectronics STSAFE-A100 secure element provides highly secure, tamper-proof authentication and data management services. It can be integrated in IoT devices, smart-home, smart-city and industrial applications, consumer electronics devices, consumables and accessories. It is certified to CC EAL5+ AVA_VAN5 Common Criteria.
. The uLoadXL+ solution adds secure element profile provisioning, and software update management tools, expanding software lifecycle support from manufacturing through production and product support stages.
. Cypherbridge will demonstrate these integrated solutions at Embedded World 2018 in Nuremberg, Germany, February 27th - March 1st.
The Cypherbridge uLoad SDK is widely deployed today across a range of products and vertical markets such as payment systems, industrial control, and medical devices. It provides secure boot loading, root of trust, and safe software update. The SDK includes an in-device secure boot loader and software update handler, along with offline software management tools.
Authorized software updates are securely managed, distributed and installed from network and removable media. Encrypted software updates are authenticated to verify genuine origin, and integrity checked against hacking or corruption. This process includes malware blocking and anti-cloning protection.
Trends in the Market:
The Internet of Things, or IoT, is rapidly expanding and is increasingly vulnerable to hacking and privacy risks. Regulation and standards such as GDPR and UL2900 have shifted emphasis to data privacy practices, product safety and reliability. Together these trends have put a spotlight on IoT security.
uLoadXL+ , a comprehensive IoT device and vertically integrated lifecycle solution, is ready to help meet and respond to these market trends with:
- Added hardware secure element support for the STMicro STSAFE-A100. uLoadXL+ is first to market with integrated support for STSAFE on the high performance STM32 Cortex platforms, including STM32F7 and STM32H7.
- Evolution of the uLoad secure boot loader and safe installer, executing root of trust, sign and verify, authentication and attestation using the STSAFE tamper proof discrete secure element.
- Expansion of the Software Update Management Station. WinSUMS provides secure element key generation and processing features. Built on the foundation of our Windows software distribution server, the WinSUMS offline application intakes standard linked binary executable images, graphic files and FPGA bitfiles, and generates encrypted and authenticated managed files. These can be safely distributed and only activated in target under secure controlled workflow.
- Roll-out of the all new Secure Element Profile Station. The WinSEPS Windows UI application and executable service work in tandem to provision STSAFE secure element devices. Off the shelf STSAFE ICs, available through standard distribution channels, are uniquely identified with the Cypherbridge Systems 1st stage profile, including Issuer signed device attestation certificate and key. The WinSEPS Station provisions the 2nd stage profile at time of production, including PKI elements and key material. This provides a flexible solution that supports customer specific security requirements and unique profiles. The executable service application can be integrated with manufacturing line assembly stations and key management systems for production.
Features and Benefits:
uLoadXL+ adds important new features and benefits for the industry including:
- Authorized use and anti-cloning. Only managed images under control of authorized customers can be used on genuine products. Together the Management Station, Profile Station, uLoadXL+ boot loader, and Secure Element, create a cryptographically federated chain of custody. Unauthorized or hacked images cannot be injected into, or used outside, this chain.
- Tamper Proof PII Storage. The STSAFE Secure Element features include crypto operation offload, tamper proof key material storage, and secure encrypted channel. Additionally, byte-oriented data zones can be used for secure storage of private information to help meet PII requirements.
- Support throughout the Product Lifecycle. The uLoadXL+ solution is designed for use at prototype, pilot and manufacturing production stages, with support for software install and update, and secure element provisioning. The Profile Station incorporates a test fixture interfaced to the WinSEPS application.
“Cypherbridge is focused on security solution delivery, working with our customers throughout the product lifecycle from specification, design and engineering, to production and support,” said Steve DeLaney, President of Cypherbridge Systems. “With the adoption, deployment and growth of our uLoad secure boot loader, it became increasingly evident that our customers needed us to tie in with their full product lifecycle, not only for deployment and software updates, but also at the manufacturing stage for software commissioning and key material provisioning.”
“At the same time, customers responding to industry standards are reviewing and upgrading their security models, including electronic data privacy protection both in-flight and at-rest. With our support for the STMicro STSAFE, we can now deliver solutions, at cost-effective incremental value points, that exceed the capability of MCU software-only designs."
“Cypherbridge is working with our industry partners to deliver security software solutions for Data Privacy, Safety and Reliability. The rollout of uLoadXL+ further extends the span, depth and lifecycle of our IoT security protection. We are well positioned to work with our customers to help meet industry standards and regulations including GDPR and UL2900.”
View Demonstrations at Embedded World 2018:
Cypherbridge will showcase uLoadXL+, along with its other connected device security solutions February 27th - March 1st, at Embedded World 2018, Hall 4 Stand 4-131. Visit Cypherbridge to see how these solutions can increase trust, security and value points for IoT product applications.
Availability and Resources:
uLoadXL+ for STSAFE-A is available for delivery in 2018Q1. For information and pricing contact Cypherbridge Systems at firstname.lastname@example.org, or by phone +1 (760) 814-1575