Security Context Framework

C-Trust enables you to use pre-defined Security Context Profiles, ensuring that you remain in control of system operation today, and into the future.

Security Context Profiles define the configuration of the trusted execution environment. It is a description of the security environment that is required to protect your application. With C-Trust, developers are able to rapidly apply Security Context Profiles to application development, ensuring consistency and reducing development effort. With Embedded Trust, organizations are able to define custom Security Context Profiles, which uniquely service their specific needs. Security Context Profiles enable organizations to simplify:

  • Complex cryptographic device identities and ownership structures
  • Creation of a robust Root of Trust, ensuring device authentication, authorization and attestation, the core proofs of identity
  • Implementation of security hygiene, dependant on device hardware support
  • Secure Boot Manager extensions to support core boot functionality
  • Application of patches, updates, and other lifecycle management criteria
  • Delegation of identity for onboarding into cloud infrastructure applications

These Security Context Profiles provide the foundation for a set of core security concepts, enabling Security From Inception, including protection of Intellectual Property, which is about inhibiting IP theft and malware injection, and Production Control, which is about protecting keys across development and production.

Security Context Profiles

The IP protection and Production Control Security Context Profiles have been designed to enable developers to rapidly protect the high value and critical IP that organizations create, and to provide reassurance that only authorized and authenticated IP can be installed on devices.

Features

  • Secure application and credential provisioning
    Ensuring devices are born securely with the correct software
  • Integrated Secure Boot Manager
    Providing low level device services to manage device access
  • Device-specific Security Management
    Servicing the device specific Root of Trust and system configuration
  • Authorized & authenticated software install
    Cryptographic enforcement of ownership and delegated rights
  • Automatic encryption and signature of code
    Ensuring only correctly managed and formatted code can be installed
  • Update policing in Secure Boot Manager
    Integrated device level configuration for seamless updates and patches
  • Integration into secure provisioning flow
    Compatible with the Secure Desktop Provisioner
  • Integrated application versioning management
    Providing structured versioning in the development flow
  • OEM-Developer defined software key infrastructure
    Enabling developers to define the critical key management of their application
  • Application updates with anti-rollback protection
    Providing protection against roll-back attacks and versioning threats
  • Bootloader device level trace and debug management
    Configuration of the device to ensure integrity of the boot process and RoT

© IAR Systems 1995-2020 - All rights reserved.

We use cookies on this website to provide you with a better experience. You need to accept cookies to continue using this site. Cookies