Security Made Simple

Efficient, reliable, and intuitive: The world-leading end-to-end embedded security builder.

Security Needed for Your Product

IAR's security solution is enabled by the generation of unique device information within volume production. IAR Embedded Trust focuses on four key areas to provide a simple but effective security solution for each device.

Authentication

To ensure data integrity and prevent unauthorized access, IAR's authentication solution verifies the source of data and establishes a unique identity for each device during manufacturing. This enables devices to prove their authenticity and prevents attackers from impersonating genuine devices to compromise the system. 

 

Active intellectual property rights protection

Embedded devices are at risk of software theft, damaging the developer's return on investment. IAR's solutions protect the customer's intellectual property throughout the development, manufacturing, and deployment stages. 

Anti-rollback and software update

Embedded devices are susceptible to software defeats, even after rigorous development efforts. These security problems may not surface until deployment, requiring software updates. IAR's security solution facilitates software updates while ensuring that only genuine updates from authorized developers are installed. Additionally, it prevents the installation of outdated software, which could re-introduce fixed bugs, potentially enabling hackers to compromise devices or gain access to sensitive user data.

 

Anti-cloning

To prevent unauthorized cloning of embedded devices, IAR's solutions safeguard the software from running on counterfeit devices. This effectively thwarts attempts to replicate the product and ensures that the original developer's intellectual property remains protected. 

Empower Your Product's Security Journey

At IAR, our mission is to make embedded security a seamless part of your product's development process – offering a shield to safeguard the product during development, pre-production, volume production, and operational life.  

IAR's security solutions and tools effortlessly weave security into the development and the manufacturing process, whether you are using other IAR software development products or not. These solutions allow our customers to focus on their core competencies and not worry about having to be security experts. IAR also provides a consultative solutions engineering approach where we can adapt our existing tools and solutions to meet bespoke customer needs. 

IAR's security solution focuses on threats to embedded devices, which can mean anything from a small microcontroller with a few kBs of memory, up to a complex, multi-core device with advanced features. Embedded security is designed to protect the hardware, its operating system, boot and user applications, and data stored or processed, and it applies to both connected and non-connected products.

Non-connected devices may not suffer from remote attacks, but they still remain at risk of being exploited to change their fundamental performance or cause financial and reputational damage. 

Connected device embedded security enables safe and trusted operation as part of a wider system, such as with IoT deployments or other networks. 

An Embedded Security Environment

No matter how faultless the engineering or how innovative the technology, IAR's Security Environment gives our customers the confidence to develop a sustainable future. 

IAR have identified the following fundamental security threats: 

  • Defrauding the original developer to enable features the customers has not paid for. 
  • The extraction of the original developer's intellectual property.
  • The leaking of critical user information e.g., passwords, location information. 
  • Exploited to be used in wider criminal activity, nationally or internationally. 

Impacts

  • Due to the risks to society and individuals that stem from the misuse of embedded products, governments are now driving implementation of mandatory security. 
  • Examples of this recent introduction of security-specific legislation include: 
    - ETSI EN 303 645, Cyber Security for Consumer Internet of Things (EU)
    - The IoT Cybersecurity Improvement Act of 2020 (US) 
    - PSTI Act 2022 (UK)

IAR End-to-End Embedded Security Solutions

IAR Embedded Trust enables easy configuration and building of the enforcement software used to protect the device, and is the most suitable solution for new embedded development or major system updates. 

For projects in the later stages of development or ones already poised for production, IAR Embedded Secure IP can enable a level of embedded security with minimal change. 

 

IAR Secure Deploy enforces the security settings defined by IAR Embedded Trust and IAR Embedded Secure IP on every manufactured device in a production system, including the provisioning of unique device information. 

IAR Secure Deploy also ensures secure transfer of IP to the production system and prevents unauthorized over-production of products. 

Explore a safer future with IAR's embedded security solutions. 

Webinars: Dive Deeper into Embedded Security! 

Explore our on-demand webinars designed to equip you with cutting-edge knowledge in embedded system security

woman_man_embedded_developers.jpg

Get Embedded Security Insights

White Paper: Economic Factors of Embedded Security Neglect

As industries adopt digitalization and incorporate AI technologies, consumer devices and industrial machines are becoming smarter and more automated.

Despite the widespread understanding among executives that cyber risks have grown due to digital transformation, a worrying trend continues – many companies neglect security, especially in their device products.

Download White Paper

White Paper

Getting Serious About Embedded Security

Everyone seems to be talking about security, but the real question is: what are they doing about it?

It’s very easy to find articles concerning security that have little (if anything) actionable. In this white paper, our primary objective is to define a foundational set of security goals that every embedded development organization should aspire to achieve.

Access White Paper
microsoftteams-image-44-copy.jpg
s2.jpg

White Paper: Legislation Compliance

EU Cyber Resilience Act

Discover how IAR's extensive engagement with security organizations and how the embedded security solutions can help you navigate the EU Cyber Resilience Act's impact on digital systems.

Download White Paper

Features and highlights

IAR's approach to tackling embedded security vulnerabilities

Discover how IAR addresses embedded security vulnerabilities in this informative infographic. Learn about the key features and benefits of their Late-Stage Embedded Security solution, designed to provide comprehensive protection for embedded systems. 

Download infographic
info-graphic-security.jpg

We do no longer support Internet Explorer. To get the best experience of iar.com, we recommend upgrading to a modern browser such as Chrome or Edge.