Security Made Simple

Efficient, reliable, and intuitive: The world-leading end-to-end embedded security builder.

s1

Security Needed for Your Product

IAR's security solution is enabled by the generation of unique device information within volume production. IAR Embedded Trust focuses on four key areas to provide a simple but effective security solution for each device.

Title text

Vivamus sagittis lacus vel augue laoreet rutrum faucibus dolor auctor. Sed posuere consectetur est at lobortis. Praesent commodo cursus magna, vel scelerisque nisl consectetur et. 

Authentication

To ensure data integrity and prevent unauthorized access, IAR's authentication solution verifies the source of data and establishes a unique identity for each device during manufacturing. This enables devices to prove their authenticity and prevents attackers from impersonating genuine devices to compromise the system. 

 

Active intellectual property rights protection

Embedded devices are at risk of software theft, damaging the developer's return on investment. IAR's solutions protect the customer's intellectual property throughout the development, manufacturing, and deployment stages. 

Anti-rollback and software update

Embedded devices are susceptible to software defeats, even after rigorous development efforts. These security problems may not surface until deployment, requiring software updates. IAR's security solution facilitates software updates while ensuring that only genuine updates from authorized developers are installed. Additionally, it prevents the installation of outdated software, which could re-introduce fixed bugs, potentially enabling hackers to compromise devices or gain access to sensitive user data.

 

Anti-cloning

To prevent unauthorized cloning of embedded devices, IAR's solutions safeguard the software from running on counterfeit devices. This effectively thwarts attempts to replicate the product and ensures that the original developer's intellectual property remains protected. 

Empower Your Product's Security Journey

At IAR, our mission is to make embedded security a seamless part of your product's development process – offering a shield to safeguard the product during development, pre-production, volume production, and operational life.  

IAR's security solutions and tools effortlessly weave security into the development and the manufacturing process, whether you are using other IAR software development products or not. These solutions allow our customers to focus on their core competencies and not worry about having to be security experts. IAR also provides a consultative solutions engineering approach where we can adapt our existing tools and solutions to meet bespoke customer needs. 

IAR's security solution focuses on threats to embedded devices, which can mean anything from a small microcontroller with a few kBs of memory, up to a complex, multi-core device with advanced features. Embedded security is designed to protect the hardware, its operating system, boot and user applications, and data stored or processed, and it applies to both connected and non-connected products.

Non-connected devices may not suffer from remote attacks, but they still remain at risk of being exploited to change their fundamental performance or cause financial and reputational damage. 

Connected device embedded security enables safe and trusted operation as part of a wider system, such as with IoT deployments or other networks. 

An Embedded Security Environment

No matter how faultless the engineering or how innovative the technology, IAR's Security Environment gives our customers the confidence to develop a sustainable future. 

IAR have identified the following fundamental security threats: 

  • Defrauding the original developer to enable features the customers has not paid for. 
  • The extraction of the original developer's intellectual property.
  • The leaking of critical user information e.g., passwords, location information. 
  • Exploited to be used in wider criminal activity, nationally or internationally. 

Impacts

  • Due to the risks to society and individuals that stem from the misuse of embedded products, governments are now driving implementation of mandatory security. 
  • Examples of this recent introduction of security-specific legislation include: 
    - ETSI EN 303 645, Cyber Security for Consumer Internet of Things (EU)
    - The IoT Cybersecurity Improvement Act of 2020 (US) 
    - PSTI Act 2022 (UK)

IAR End-to-End Embedded Security Solutions

IAR Embedded Trust enables easy configuration and building of the enforcement software used to protect the device, and is the most suitable solution for new embedded development or major system updates. 

For projects in the later stages of development or ones already poised for production, IAR Embedded Secure IP can enable a level of embedded security with minimal change. 

IAR Secure Deploy enforces the security settings defined by IAR Embedded Trust and IAR Embedded Secure IP on every manufactured device in a production system, including the provisioning of unique device information. 

IAR Secure Deploy also ensures secure transfer of IP to the production system and prevents unauthorized over-production of products. 

Explore a safer future with IAR's embedded security solutions.