Secure Desktop Provisioner - Secure Provisioning

Secure Desktop Provisioner

Secure provisioning at your desk!

Secure Desktop Provisioner delivers secure provisioning at your desk, enabling simplified production for devices which do not require a fully automated production line. The product enables you, who have defined your company’s key infrastructure during development, to dynamically generate keys and provision these securely into the device alongside a cryptographically secured image of the application.

Provisioning provides unique characteristics to every device being produced, whether at the chip, board or system level. This enables every programmed device to be identified and acted upon, whether this is to provide authentication, or to enable updates to be targeted to a single device, or a group. The provisioning is often implemented alongside secure programming, ensuring as much information as possible is protected.

Key features

  • Dynamically interacts with target device to execute provisioning process in real time
  • Ensures that all application code, security features and production counters are fully protected
  • Designed to detect and respond to tamper attacks
  • Operates standalone with no internet connection required
  • Critical cryptographic keys are securely stored on a Trusted Platform Module certified to FIPS 140-2
  • Complete integration with IAR Embedded Workbench and C-Trust/Embedded Trust

Secure provisioning enabling Security from Inception

Security orientated development is traditionally challenging as there is a need to manage high-value code and secrets, including keys. 

The Security from Inception Suite enables developers to make the first critical step by building security into their designs ready for production. Secure Desktop Provisioner is a critical component of the Security from Inception Suite. For the first time, it is now possible to develop with keys and critical code being protected with the use of Secure Desktop Provisioner, a critical component of the security development workflow enabled by our security solutions. In C-Trust, development keys are replaced by secure production keys, during the creation of a final, secure production package. Secure Desktop Provisioner imports these production packages.

Provisioning with Secure Desktop Provisioner is done using an easy-to-use software tool which can automatically detect and provision new boards when connected, offering semi-automated operation. In addition, the software will only permit provisioning of the number of boards that have been authorized. The provisioning is controlled using tokens for prototyping and each board consumes one token per successful provisioning. Secure Desktop Provisioner includes 3000 tokens, and it is possible to add additional ones later.

Supported devices

Our security tools offer support for a wide range of devices, including Arm-based MCUs from STMicroelectronics, Renesas and NXP, as well as the Renesas RX MCU family devices, enabling you to choose the right MCU for the security and functional needs of your application. In addition, support for the vast majority of MCUs can be achieved through the use of Hardware Abstraction Layer (HAL).

All devices in the following list are ported and tested by us.

STMicroelectronics Renesas Microchip NXP

STM32F405
STM32F407
STM32F412
STM32F429
STM32F475
STM32F777

STM32L4R
STM32L4S5

STM32L5

STM32H725
STM32H735
STM32H743
STM32H753
STM32H7A3
STM32H7B3

RA6M3

RX65N
RX72N

SAML11

K22/K24
K56/KV58
K64/K65/K66

LPC55S16
LPC55S28
LPC55S69

i.MX RT1064

We are constantly updating our growing list of supported devices. If your device is not listed here, contact us to find out when your device will be supported.

Supported debug and flash programmers

For Arm-based devices, provisioning is done using the I-jet debug probe. For Renesas RX-based devices, Secure Desktop Provisioner supports the Renesas E2 emulator Lite.

Demo of Secure Desktop Provisioner

In this short video, you get a brief look at how Secure Desktop Provisioner works together with IAR Embedded Workbench and C-Trust.

© IAR Systems 1995-2021 - All rights reserved.

We use cookies on this website to provide you with a better experience. You need to accept cookies to continue using this site. Cookies