EncapsulationTamper Protection

Secure BootKey Handling

Device Identification

BASIC SECURITY REQUIREMENTS

InterfaceMainline BSP

Network Security

RUNTIME SECURITY

PHYSICALSECURITY

Security for Embedded Systems

With increasing digitalization and networking, the protection of embedded systems against unauthorized access and targeted attacks is more important than ever. Gua-ranteeing this type of security, along with functional security, is a major challenge in electronics design. PHYTEC supports you in minimizing risks by considering security requirements during the development of our hardware and board support packages. On top of these deployment ready solutions, we support you with individual project consulting on complex security principles. We will be happy to discuss the various deployment methods and support you in establishing the appropriate processes.

Security Pyramid

CUSTOMER APPLICATION

FILESYSTEM

Trusted ROM-BOOT-

LOADER

BOOT-LOADER

KERNEL-IMAGE

verifies verifies verifies

Device Identification When it comes to communicating with your devices in networks, secure device identification is a fundamental prerequisite. Among other things, we are working on a process for secure crypto-chip initialization for device identification.

Secure BootSecure boot is used to ensure that only trustworthy, signed soft-ware can be launched on the controller. This is the first stage of the Chain-of-Trust. With the Chain-of-Trust, signed programs are always started by other previously verified programs. This ensures that even the end application at the highest layer is trustworthy.

Basic Security Requirements

TPM and Secure BootTPM chips (or Crypto-chips) are a good way to store and manage cryptographic keys, but cannot be used for secure boot with ARM. The ROM Bootloader must first verify the software and has no way to communicate with the TPM chip to perform this verification.

• Suitable for a Secure Boot from the bootloader• Tamper-proof unique identification number (Unique ID) for device identification• Secure storage option for symmetric encryption keys and/or private keys• Manipulation pins to detect physical attacks• Certified Random Number Generator (RNG)• Cryptographic acceleration (CPU relief)• Key Generator & Encryption algorithms

Crypto-chips have the advantage of taking over these functions regardless of the operating system used later. Many processors already support similar functions.

Characteristics:• Trusted ROM Bootloader verifies software image before they are executed• Use of RSA-4096 key pairs and SHA-256 signatures• We already meet future BSI (Bundesamt für Sicherheit in der Informationstechnik) and NIST (National Institute of Standards and Technology) requirements up to 2030 and beyond.• Basis for a Trusted Execution Environment (TEE) set up

Chain-of-Trust

PHYTEC | Security for Embedded Systems

Runtime Security

Client Hello

Verify Server Certificate

Acknowledge Client

Server Hello

Verify Client CertificateServers Puplic Key

Decrypt Pre-Master KeyEncrypted Pre-Master Key

Use Pre-Master Key to Create Shared Secret

Use Pre-Master Key to Create Shared Secret

Symmetric Shared SecretSymmetric Shared Secret

C O N F I D E N T I A L & A U T H E N T I C A T E D C H A N N E L

CLIENT SERVER

Servers Puplic Key

Servers Private Key

Network SecurityWhen devices communicate with a server or with each other, the connection must be secure. TLS offers a protocol and application-independent solution. The TLS handshake is the most common method for establishing an encrypted connection.• Establish secure connection independent of used application or protocol • TLS (SSL) is recognized as a best practice and industry standard for encrypted communication

Further Recommendations• Run only the services you really need on your device• Close all ports and open ports selectivity as needed• Always use password login (including COM & Telnet interfaces)• Use standard protocols for transferring data• Use known (open-source) implementation of encryption methods (no proprietary developments)

Mainline Linux is our first choice as an operating system for industrial series use. One of PHYTEC's clear goals is to provide our custo-mers with the advantages of a Mainline board support package as early as possible: stable code, fast bug/security fixes, and the maintenance and further development of Mainline drivers by the community.

TLS Handshake

Mainline guarantees the maintenance of current operating system versions many years after they have been installed. We often pro-vide both a vendor and Mainline BSP at the same time. This way, you can decide when you want to start with Mainline.

• Mainline BSPs for PHYTEC Boards• Annual BSP updates with all security patches from the Mainline• The latest kernel version with current security patches included• The latest Yocto-Minor releases

• LTS-Kernel in the BSPs for the PHYTEC products• Customer-specific Continuous Integration Testing

InterfacesAll interfaces accessible in the end product are a potential secu-rity risk for embedded systems. Our recommendations for basic protection of the interfaces include:• Connect only the interfaces you really need• User-dependent access control to the interfaces• Always use communication encryption

Security for Embedded Systems | PHYTEC

Physical SecurityIn addition to attacks on the hardware via interfaces or the network, direct hardware manipulation also represents a security risk. In order to protect your electronics against physical attacks, we support the following procedures:

Tamper Protection• Schützt sensible Daten wie Verschlüsselung oder private Schlüssel• Löscht Daten dauerhaft, wenn das Gerät manipuliert wird• Verschiedenste Realisierungen möglich

Texas Instruments NXP

Description

HardwareSupportPresent

AM335x

AM571xAM572x AM574

AM654x*(PP)

i.MX6UL

i.MX6ULL

iMX6ULZ*(PP)

iMX6Solo &DualLight

i.MX6Dual &Quad

i.MX7Solo

i.MX7dual

i.MX8(PP)

i.MX8M(PP)

B a s i c S e c u r i t y R e q u i r e m e n t s

Secure Boot Ensure thatonly verifiedSoftware islaunched

yes ✘ *

(Premi-um)

✘ *

(Premi-um)

✔

(Stan-dard)

✔

(Stan-dard)

✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔

HardwareEncryption

Hardware-basedencryptionsupport

yes ✔ *

limited

✔ *

limited

? ✔ ✔ ✔ *

limited

✔ ✔ ✔ ✔ ✔ ✔ ✔

SecureDebug

DebugAccess toSecurity-RelevantSystemPartsPrevented

individu-allychecked

✘ ✘ ✔ ? ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔

SecurityCo-Processor

Completelyindependentsecurity unit

individu-allychecked

✘ ✘ ✘ ✔ ✘ ✘ ✘ ✘ ✘ ✘ ✘ ✔ ?

Encapsulation (Resin Casting)• Physical access to components is impossible• Chip-Identification (recognizing used components) is more difficult• Electrical Measurements are impossible to reverse engineer

Physical Security

In addition to attacks on the hardware via interfaces or the network, direct hardware manipulation also represents a security risk. In order to protect your electronics against physical attacks, we support the following procedures:

PHYTEC | Security for Embedded Systems

C o m p a r i s o n T a b l e : P H Y T E C C o n t r o l l e r S e c u r i t y F e a t u r e s

C o m p a r i s i o n T a b l e L e g e n d : ✔ = Feature supported by the controller ✘ = Feature not supported by the controller ? = Information is not currently known due to: (PP) = Pre-Production, Features may change · (Premium) = Secure Boot with Key Handling from TI only (with a min. number of pieces) · (Standard) = Secure Boot with any usable, seperate part number · * limited · Deployment Ready Solutions Available · Deployment Ready Solutions Not Planned / Not Possible · Implementation on Request

Your

contact@phytec.dewww.phytec.de

Texas Instruments NXP

Description

HardwareSupportPresent

AM335x

AM571xAM572x AM574

AM654x*(PP)

i.MX6UL

i.MX6ULL

iMX6ULZ*(PP)

iMX6Solo &DualLight

i.MX6Dual &Quad

i.MX7Solo

i.MX7dual

i.MX8(PP)

i.MX8M(PP)

R u n t i m e S e c u r i t y

One-TimeProgramming

One-timesetting ofsecurityparameters

yes ✔ *

limited

✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔

Cryptographicacceleration

Cryptographic coprocessor(CPU relief)

yes ✔ *

limited

✔ ✔ ✔ ✔ ✔ *

limited

✔ ✔ ✔ ✔ ✔ ✔ ✔

Secure On-ChipRAM

RAMdirectly onthe controller

yes ✘ ✘ ? ✔ ✔ ✘ ? ✔ ✔ ✔ ✔ ? ?

TrustedExecutionEnvironment

Hardware-securedarea in theoperatingsystem

yes ✘ ✔ ✔ ? ✔ ✔ ? ✔ ✔ ✔ ✔ ✔ ✔

P h y s i c a l S e c u r i t y

External Memory Protection

Accessprotectionfor built-inRAM

individu-allychecked

✘ ✘ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔

TamperPINs

TamperProtectionimplementation (TamperDetection)

individu-allychecked

✘ ✘ ? ? ✔ *

G3 Only

✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔

C o m p a r i s o n T a b l e : P H Y T E C C o n t r o l l e r S e c u r i t y F e a t u r e s

Your SECURIT Y PROJECT

Do you have questions about security or need specific support

for your project?

Our security experts are happy to help!

Security for Embedded Systems | PHYTEC

Most methods for securing devices and software are based on asymmetric cryptography using a connected public key infrastructure (PKI). To do this, you often need a different number of certificates, with public and private keys. Managing and protecting these certi-ficates and private keys is a big challenge. The private keys must be protected throughout their entire lifecycle.

PHYTEC is your partner for these tasks and can guarantee the security of your private keys and other secrets with its production concept.

PHYTEC you can trust! As a reliable partner for the implementation of your business ideas, we make protecting your secrets a top priority. We ensure the encrypted and verified trans-mission of your information for the realisation of your projects.

We protect your company secrets throughout the entire product lifecycle. We ensure safe storage on a specially developed system that is not connected to the company network. Strict access controls ensure maximum security.

• Strict access controls• Not on the company network• Physically separated network connection to production (software installation)

Key Handling Concept

PARTNERSHIP BUILDS TRUST

SECURE STOR AGE

PHYTEC | Security for Embedded Systems

––

–––––––

––

––

––

––

Security for Embedded Systems | PHYTEC

In order to guarantee secure device initialization, PHYTEC is planing a secure zone at our new manufacturing site currently under construction. All security relevant features of your device will be enabled within the secure zone. The use of special Hardware Security Modules (HSM) during the import process ensures that your know-how remains confidential. The transfer of cryptographic keys to your end device takes place in the security zone with special access controls. This allows us to guaran-tee the highest level of security: whether patent-protected software, cryptographic keys for verifying software updates, or certificates for unique device identification on the Internet. We bring your solutions securely onto your product!

• No direct access to private keys in the test environment• Use of HSM modules to protect private keys• Physically independent network for the entire process

We take care of the protection of your products during the entire production process and during storage, after installation of your customer software. We design the procedure up to the agreed delivery time according to your requirements.

SAFE INTRODUC T ION INTO THE PRODUC T

PROTEC T YOUR PRODUC T UNT IL DEL IVERY

PHYTEC | Deutschland +49 6131 9221-32 · contact@phytec.de · www.phytec.de | Europa · www.phytec.eu

Your Contact:Maik Otto · Head of Security

maik.otto@phytec.de+ 49 (0) 6131/ 9221-32

PHYTEC | Security for Embedded Systems

Benefit from our security services throughout the entire lifecycle of your products

Let's talk about your project!

Device Identification

Mainline BSP with LTS-

Kernel

Product Lifecycle

Management

Made in Germany