C-Trust
Extension to IAR Embedded Workbench which enables you to protect your application and deliver secure, encrypted code, without having to master the deeper complexities of security.
01
Automatic encrypted code
C-Trust enables every application developer to deliver secure, encrypted code without having to master the deeper complexities of security.
02
Integrated with IAR Embedded Workbench
C-Trust works as extension to IAR Embedded Workbench. Each time a project is build, the executable is mastered (encrypted and signed) automatically. A download-and-debug puts the encrypted/signed code into an update slot and the ready-made Secure Boot Manager decrypts and bootloads the code directly on the device.
03
Preconfigured Security Contexts included
C-Trust uses the innovative Security Contexts technology to help you with protecting your application. A Security Context defines the configuration of a trusted execution environment by describing the security environment that is required to protect an application.
04
Security just a tickbox away
Correct security and encryption settings are automatically enforced with C-Trust according to the Security Context, enabling you as application developer to focus on the functionality of the application.
Getting started with C-Trust
It's easy getting started with C-Trust in IAR Embedded Workbench.
Already using IAR Embedded Workbench?
It's easy adding C-Trust to an existing license of IAR Embedded Workbench for Arm and for Renesas RX.
Supported devices
Our security tools and services offer support for a wide range of devices, including Arm-based MCUs from STMicroelectronics, Renesas and NXP, as well as the Renesas RX MCU family devices, enabling you to choose the right MCU for the security and functional needs of your application. In addition, support for the vast majority of MCUs can be achieved through the use of Hardware Abstraction Layer (HAL).
All devices in the list are ported and tested by us.
We are constantly updating our growing list of supported devices. If your device is not listed here, contact us to find out when your device will be supported.
| STMicroelectronics | Renesas | Microchip | NXP |
|
STM32F405 STM32L4R STM32L5 STM32H725 |
RA6M3 RX65N |
SAML11 | K22/K24 KV56/KV58 K64/K65/K66 LPC55S16 LPC55S28 LPC55S69 i.MX RT1064 |
Innovative Security Context technology
A Security Context defines the configuration of a trusted execution environment by describing the security environment that is required to protect an application. For simplified development, C-Trust includes Preconfigured Security Contexts. With Embedded Trust, companies can define custom Security Contexts which are able to uniquely service companies' specific needs.
Details about Security Context
C-Trust enables you as developer to use Preconfigured Security Contexts, ensuring that you remain in control of system operation today, and into the future. With Embedded Trust, companies are able to define custom Security Contexts, which uniquely service their specific needs.
Security Contexts define the configuration of the trusted execution environments. Security Contexts enable organizations to simplify:
- Complex cryptographic device identities and ownership structures
- Creation of a robust Root of Trust, ensuring device authentication, authorization and attestation, the core proofs of identity
- Implementation of security hygiene, dependant on device hardware support
- Secure Boot Manager extensions to support core boot functionality
- Application of patches, updates, and other lifecycle management criteria
- Delegation of identity for onboarding into cloud infrastructure applications
These Security Contexts provide the foundation for a set of core security concepts, enabling Security From Inception, including protection of Intellectual Property, which is about inhibiting IP theft and malware injection, and Production Control, which is about protecting keys across development and production.
Security Contexts
The IP Protection and Production Control Security Contexts have been designed to enable developers to rapidly protect the high value and critical IP that organizations create, and to provide reassurance that only authorized and authenticated IP can be installed on devices.
Features
- Secure application and credential provisioning
Ensuring devices are born securely with the correct software - Integrated Secure Boot Manager
Providing low level device services to manage device access - Device-specific Security Management
Servicing the device specific Root of Trust and system configuration - Authorized & authenticated software install
Cryptographic enforcement of ownership and delegated rights - Automatic encryption and signature of code
Ensuring only correctly managed and formatted code can be installed - Update policing in Secure Boot Manager
Integrated device level configuration for seamless updates and patches - Integration into secure provisioning flow
Compatible with Secure Desktop Provisioner - Integrated application versioning management
Providing structured versioning in the development flow - OEM-Developer defined software key infrastructure
Enabling developers to define the critical key management of their application - Application updates with anti-rollback protection
Providing protection against roll-back attacks and versioning threats - Bootloader device level trace and debug management
Configuration of the device to ensure integrity of the boot process and RoT
Want to know more about this product?
We are present worldwide to help you wherever you are, and we are happy to answer any questions you might have about our products.
Get quote
Want to use this product in your development projects? Our sales team is here to guide you to the right solution for you. Complete this form and we will get back to you with a price quote tailored for your needs. We look forward to your request!