Compliance Suite for STM32
Compliance Suite for STM32 includes security development tools and practical guidance, delivering a shrink-wrapped solution for organizations to ensure security legislation assurance in IoT applications.
With new legislation for IoT security and privacy rapidly being introduced globally, compliance according to these regulations is a challenge for organizations and developers working with embedded applications. For your existing or new application, this means that it has to meet a new set of baseline standards. The good news is that we can help you to comply with the new regulations. Compliance Suite is what you need!
Overview video
Get an overview of the Compliance Suite for STM32 and the included software in this video.
不断发展的物联网安全立法
消费者物联网安全标准 EN 303 645 基于物联网安全基金会和英国政府制定的 13 项最佳实践指南,被广泛视为消费者物联网的安全基准。标准和指南都包含应用程序的核心要求,开发人员应该达到这些要求。IAR 合规性套件 (Compliance Suite) 使您能够快速构建包含这些核心要求的应用程序。
合规性套件 (Compliance Suite) 使您能够快速构建包含这些核心要求的应用程序。
作为致力于推动卓越安全性的非营利组织 IoT Security Foundation 的创始成员,Secure Thingz 已参与创建最佳实践、合规性和漏洞披露超过 5 年。
什么是 13 项最佳实践指南?
- 由物联网安全基金会定义
- 被英国政府采纳
- 在 ETSI EN 303 645 中被欧盟采用
- 由美国网络安全改进法案支持
13 Best Practices in practice
The Preconfigured Security Context included with Compliance Suite targets a broad set of the Best Practice requirements.
A Preconfigured Security Context defines the configuration of a trusted execution environment. It includes all the necessary security and encryption settings for protecting an application against security threats such as IP theft, malware injection, illegal access, copying or counterfeiting. This innovative technology ensures that you remain in control of your application, today and into the future.
Included in Compliance Suite
Tools
Compliance Suite for STM32 is specifically designed for applications based on the STM32 family of MCUs from STMicrolelectronics. To use it, you need a license of IAR Embedded Workbench for Arm.
- Preconfigured Security Context - Ensuring all necessary security and encryption are automatically included in your application
- Secure Boot Manager - Securing the overall boot process to protect the device
- C-Trust - Extension to IAR Embedded Workbench for Arm enabling secure, encrypted code
- C-STAT - Static code analysis tool ensuring code quality
Supported devices: STM32F405, STM32F407, STM32F412, STM32F429, STM32F777, STM32L475, STM32L4R, STM32L4S5, STM32L5, STM32H725, STM32H735, STM32H743, STM32H753, STM32H7A3, STM32H7B3, STM32WB55
Practical guidance
Unique package of courses with hands-on guides led by Secure Thingz’ in-house security experts. Topics include:
- Introduction to Embedded Security
- Security Development Workflow
- Legislation and Compliance Requirements
- Meeting the IoT Security Foundation Compliance Framework
Practical guidance included
Unique package of courses with hands-on guides led by Secure Thingz’ in-house security experts. The package includes a full day of training, divided in different parts based on topic.
Introduction to Security
- Introduction to Embedded Security
- Guiding principals and outcomes - Threats, Analysis and Requirements
- Fundamentals of Security - PKI, Identity, Device Management and Cryptography
Secure Development Workflow
- Introduction to the Secure Development Workflow
- Introduction to C-Trust
- Security Context Overview
- Application Development
- Leveraging Preconfigured Security Contexts
- Lifecycle Management
Legislation and Compliance Requirements
- Legislation and Standards Update
- Introduction to IoT Cybersecurity Improvement Act
- Introduction to European Standard EN 303645
- 13 Best Practices & Requirements
- Alternative regulations
- Vulnerability Disclosure
Meeting the IoT Security Foundation Compliance Framework
- Mapping C-Trust implementations to the Compliance Framework
- Compliance Classes
- Business Processes
- Device Hardware and Software Requirements
- Authentication, Authorization and Privacy
- Secure Supply Chain Production
- Configuration Considerations
- Device Ownership and Transfer
FAQ
Our most common questions about Compliance Suite.
What is Compliance Suite for STM32?
Compliance Suite has been created to enable a fast and easy on-ramp introduction to security based on Preconfigured Security Contexts, tools to get you started, and Practical Guidance in the form of an online training package.
The Security Context is built by Secure Thingz on your behalf, based on a high security requirement and customized to your company. A Secure Boot Manager will be provided as a binary file, as part of the Security Context, to be used in the development tool C-Trust enabling your application to be secure and encrypted.
How is the Practical Guidance training package delivered?
The package of courses is targeted at the security requirements demanded by EN 303645 and the IoT Security Foundation Assurance framework, including a deep dive into the individual hardware and software component requirements.
The course package is delivered through the online IAR Academy platform. We have created a training package that you should be able to go through in a day, but you can also choose to split the learning over several days or sessions. The content is highly technical and in case you have questions, we are available for you to provide answers.
Can the Security Context be used in production?
The Security Context in Compliance Suite should be seen as a first step and mainly for development purposes. While it can be used in production, we would recommend you take ownership of your own Security Context when going into production. For this, you need the additional product Embedded Trust.
Some critical context setups, such as Device Lockdown, are not configured in the default Security Context.
Can I replace the keys/certificates for my own PKI?
No - Customization of keys and certificates is not the purpose of Compliance Suite. The Security Contexts included in Compliance Suite are implemented to support the compliance requirement learning.
What is the precise device support for Compliance Suite for STM32?
The Compliance Suite for STM32 supports standard Root of Trust implementation on the following devices: STM32F405, STM32F407, STM32F412, STM32F429, STM32F777, STM32L475, STM32L4R, STM32L4S5, STM32L5, STM32H725, STM32H735, STM32H743, STM32H753, STM32H7A3, STM32H7B3, STM32WB55.
SFI technology is primarily utilized in mass secure provisioning and is not supported in Compliance Suite. We do have other options if you wish to use SFI, please reach out to us to discuss your needs!
Interested in buying Compliance Suite?
Fill out this form with your needs and requirements, and our sales team will contact you to guide you and give you a price offering tailored for your needs. We look forward to your request!