Security Context Framework

With C-Trust for IAR Embedded Workbench, we provide a number of pre-defined Security Context Profiles for you to get started developing secure applications.

The Security Context defines the configuration of the trusted execution environment. It is a description of the security environment that is required to protect your application. The properties of the pre-defined Security Context Profile include:

  • Cryptographic keys and certificates
  • Secure Boot configuration
  • Device security
  • Application update process
  • Update policy
  • Device memory layout

Reducing Your Time-To-Security

The security context is a framework that defines how devices are identified, managed and secured. For some users this context may apply to just to a single product, and for others the context will apply to their entire range of solutions, defining a standard approach to managing devices, driving patching strategy, and ultimately enabling the transition of ownership to end users.

To deliver "security out of the box" Secure Thingz offer two Security Context frameworks for developers to download and rapidly prototype applications. The frameworks are available as a Base Security Context for simple applications and resource-limited devices, and as an Advance Security Context which extends the frameworks with a feature rich Secure Boot Manager.

The Base and Advanced Security Contexts are available as worked examples within Embedded Trust, enabling organizations to rapidly modify the frameworks to meet the specific needs of their organizations, ensuring truly unique certificates and keys, providing flexibility in certificate hierarchies, and delivering a flexible yet powerful Secure Boot Manager. Secure Contexts created within Embedded Trust are manufacturing ready, enabling developers to exchange development certificates with productions certificate, accelerating them towards seamless secure provisioning.

Security Context Framework

Function

Base

Advanced

Multi-level certificate hierarchy (CA, Intermediate, device)
Advanced asymmetric and asymmetric key support
X509 standard certificate 
Application provisioning encryption 
Baseline Secure Boot
Secure Device Management Support inc. Secure Enclave support Device Specific Device Specific
Update Policy Management –  Device resource aware policies
Application update  
Version update management -

Embedded Trust

Device boot with device Secure Enclave support Device Specific Device Specific
Compromise recovery (Update pull) 
Active update (Update pull)

© IAR Systems 1995-2019 - All rights reserved.

We use cookies on this website to provide you with a better experience. You need to accept cookies to continue using this site. Cookies