Safety-certified tools Tools for Automotive Applications C-STAT Static analysis C-RUN Runtime analysis Debugging and trace probes
With C-Trust for IAR Embedded Workbench, we provide a number of pre-defined Security Context Profiles for you to get started developing secure applications.
The Security Context defines the configuration of the trusted execution environment. It is a description of the security environment that is required to protect your application. The properties of the pre-defined Security Context Profile include:
The security context is a framework that defines how devices are identified, managed and secured. For some users this context may apply to just to a single product, and for others the context will apply to their entire range of solutions, defining a standard approach to managing devices, driving patching strategy, and ultimately enabling the transition of ownership to end users.
To deliver "security out of the box" Secure Thingz offer two Security Context frameworks for developers to download and rapidly prototype applications. The frameworks are available as a Base Security Context for simple applications and resource-limited devices, and as an Advance Security Context which extends the frameworks with a feature rich Secure Boot Manager.
The Base and Advanced Security Contexts are available as worked examples within Embedded Trust, enabling organizations to rapidly modify the frameworks to meet the specific needs of their organizations, ensuring truly unique certificates and keys, providing flexibility in certificate hierarchies, and delivering a flexible yet powerful Secure Boot Manager. Secure Contexts created within Embedded Trust are manufacturing ready, enabling developers to exchange development certificates with productions certificate, accelerating them towards seamless secure provisioning.
|Multi-level certificate hierarchy (CA, Intermediate, device)||✓||✓|
|Advanced asymmetric and asymmetric key support||✓||✓|
|X509 standard certificate||✓||✓|
|Application provisioning encryption||✓||✓|
|Baseline Secure Boot||✓||✓|
|Secure Device Management Support inc. Secure Enclave support||Device Specific||Device Specific|
|Update Policy Management – Device resource aware policies||✓||✓|
|Version update management||-||
|Device boot with device Secure Enclave support||Device Specific||Device Specific|
|Compromise recovery (Update pull)||✓||✓|
|Active update (Update pull)||✓||✓|