EBV Personalization Services for Security Devices

Similar documents
iotrust Security Solutions

Server side management system for multiple IoT terminals in industrial systems

CardOS Secure Elements for Smart Home Applications

Securing V2X communications with Infineon HSM

Easy Incorporation of OPTIGA TPMs to Support Mission-Critical Applications

Cyber security mechanisms for connected vehicles

Accelerating the implementation of trusted computing

Spotlight on IoT Security. Choose the right security for the Internet of Things.

Implementing security has never been easier. Infineon Security Partner Network.

Operating temperature T a

Smart High-Side Power Switch BSP742RI PG-DSO8. AEC qualified Green product (RoHS compliant)

$263 WHITE PAPER. Flexible Key Provisioning with SRAM PUF. Securing Billions of IoT Devices Requires a New Key Provisioning Method that Scales

ENABLING HARDWARE SECURITY FOR THE INTERNET OF THINGS

ABOUT COMODO. Year Established: 1998 Ownership: Private Employees: over 700

IoT & SCADA Cyber Security Services

Smart Payments. Generating a seamless experience in a digital world.

Industrial PROFET. Universal Application Board User s Manual

OPTIGA TM Trust B SLE95250

Planning a scalable long-term wireless strategy

Strong Security Elements for IoT Manufacturing

INNOVATIVE IT- SECURITY FOR THE BANKING AND PAYMENT INDUSTRY

Scalable Security solutions to enable Cyber Security and to manage Digital Identities

Nasdaq: DAIO. Anthony Ambrose. President and CEO. Data I/O Corporation May 2017 B. Riley & Co. Conference -- Investor Presentation

NovalithIC H-Bridge Demo Board

Introduction to Device Trust Architecture

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

DesignWare IP for IoT SoC Designs

RF Power Product Selection Guide LDMOS Transistors and ICs

Drive your future with Hammer

Smart Meter Security. Martin Klimke, Principle of Technical Marketing Infineon Chip Card and Security

hidglobal.com HID ActivOne USER FRIENDLY STRONG AUTHENTICATION

Belden Overview. Corporate Presentation. Dec Belden Inc. Inc.

Smart Data Center Solutions

Delivering High-mix, High-volume Secure Manufacturing in the Distribution Channel

Windows 10 IoT Core Azure Connectivity and Security

Application Note TLE9252V. About this document. Application Note. Safety Recommendations Z8F

Cisco Secure Boot and Trust Anchor Module Differentiation

COST OF CYBER CRIME STUDY INSIGHTS ON THE SECURITY INVESTMENTS THAT MAKE A DIFFERENCE

Continuous protection to reduce risk and maintain production availability

align security instill confidence

50 years Committed to Service with Integrity

GLOBAL PKI TRENDS STUDY

M2MD Communications Gateway: fast, secure and efficient

A C H I E V E B O T H W I T H K E Y S I G H T. Company Profile

More than 85% of our work is either repeat business or referrals from satisfied customers, a statistic that we are very proud of.

M2MD Communications Gateway: fast, secure, efficient

Integrated C4isr and Cyber Solutions

A HOLISTIC APPROACH TO IDENTITY AND AUTHENTICATION. Establish Create Use Manage

Sensor supply in bus mode

2017 Company Profile

Microsoft 365 Business FAQs

ARM European Technical Symposium The security challenges that IoT and Mobile Computing Devices are facing. Pierre Garnier, COO

ASCLIN Asynchronous Synchronous Interface

HPE Data Center Operations Consulting Service

TLT807B0EPV Demoboard

SECURING DEVICES IN THE INTERNET OF THINGS

Drive your future with Exertis Hammer

Linear movement with a 3D sensor

Cybersecurity eit. Software. Certification. Industrial Security Embedded System

SmartZone Rack Energy Kits Energy and Environmental Monitoring for Small Data Centers

SAP Single Sign-On 2.0 Overview Presentation

Windows IoT Security. Jackie Chang Sr. Program Manager

IMPORTANT NOTICE. use

PKI is Alive and Well: The Symantec Managed PKI Service

Trusted Computing As a Solution!

Secure Connections for a Smarter World

Security & Chip Card ICs SLE 55R04. Intelligent 770 Byte EEPROM with Contactless Interface complying to ISO/IEC Type A and Security Logic

TLS202B1. Demonstration Board Manual. Automotive Power. Demonstration Board Manual. Rev. 1.0,

Two-Factor Authentication over Mobile: Simplifying Security and Authentication

itelligence Your One-Stop Partner

Application Note, V1.0, Jul AP08049 XC886/888CLM. Migration of Flash to ROM Device: Memory Protection Configurations.

Validated P2PE for Reduced Compliance Scope, More Peace-of-Mind

How can the Future Internet

Demystifying Industrial Security

TIDA Test Report

JUST WHAT THE DOCTOR ORDERED: A SOLUTION FOR SMARTER THERAPEUTIC DEVICES PLACEHOLDER IMAGE INNOVATORS START HERE.

Overview. Business value

In data sheets and application notes which still contain NXP or Philips Semiconductors references, use the references to Nexperia, as shown below.

CABLE ASSEMBLIES WIRING LOOMS BOX & PANEL BUILD

-- Smart Grid Communication --

Application Note No. 097

DATACARD PB6500 PASSPORT ISSUANCE SYSTEM ADVANCED TECHNOLOGY FOR HIGH-SECURITY PASSPORTS

Docker Business Partner Program Guide

Connecting to the future ELATEC RFID SYSTEMS

Siebel Project and Resource Management Administration Guide. Siebel Innovation Pack 2013 Version 8.1/8.2 September 2013

Temperature Control and Cooling Technology First Choice in Temperature Control

UNIFIED THREAT MANAGEMENT SOLUTIONS AND NEXT-GENERATION FIREWALLS NETWORK SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

Security Fundamentals for your Privileged Account Security Deployment

PROGRAM GUIDE RED HAT CONNECT FOR TECHNOLOGY PARTNERS

IEEE-SA Internet of Things - Security & Standards

CNSC Presentation to the Federal Agency for Nuclear Control

MASP Chapter on Safety and Security

NETWORK SECURITY STORMSHIELD. Unified Threat Management Solutions and Next- Generation Firewalls

DEPARTMENT OF THE AIR FORCE PRESENTATION TO THE SUBCOMMITTEE ON STRATEGIC FORCES U.S. HOUSE OF REPRESENTATIVES

Interactive Gen2 Bridging the Gap between Passive RFID, Sensors and Electronics

white paper SMS Authentication: 10 Things to Know Before You Buy

ETNO Reflection Document on the EC Proposal for a Directive on Network and Information Security (NIS Directive)

IBM SmartCloud Engage Security

MF1ICS General description. Functional specification. 1.1 Key applications. 1.2 Anticollision. Energy. MIFARE card contacts La, Lb.

THE RTOS AS THE ENGINE POWERING THE INTERNET OF THINGS

Transcription:

Infineon Security Partner Network Partner Use Case EBV Personalization Services for Security Devices Secured generation and storage of personalized OEM certificates in the OPTIGA Trust E for sophisticated and effective hardware authentication without facing high expenses or risks. CUSTOM PROGRAMMED CRYPTO-HARDWARE ENABLES Precise identification and authentication of devices Products OPTIGA Trust E High-levels of security Excellent anti-counterfeiting & brand protection The advantages of customized security elements are only accessible for companies capable of handling the related high costs of equipment, required security and programming expertise as well as high product volumes to make the implementation feasible. www.infineon.com/ispn

Use case Application context and security requirement Connectivity has spread to almost every market segment and is now part of diverse devices and applications. Consequently more and more original equipment manufacturers (OEMs) need to rethink their product security strategy. One fundamental part of security is authentication. Personalized authentication devices like the OPTIGA Trust E provide excellent protection for a large variety of application scenarios but also require custom certificates and programming. Challenge In order to defend devices against counterfeiting, data theft and attacks, smaller and medium sized enterprises now face the challenge of implementing advanced security mechanisms. The ideal solution would be based on personalized authentication components. However the customization of authentication hardware is bound to high investments in programming hardware/machines and extensive security expertise smaller and medium sized enterprises often can t afford this. In addition these companies have only limited flexibility within their supply chain and depend on partners that are able to reliably deliver solutions in order to prevent down time and delivery issues. Implementation EBV, as a semiconductor specialist, has now developed a unique security hardware service that covers this gap and enables small and medium size companies to get access to OEM level authentication devices. The solution consists of a programming service for security devices paired with extensive design and security strategy support as well as additional hardware support and delivery services. The system works as follows: A customer defines the parameters for his own personalized OEM security certificate together with EBV. EBV programs the Infineon OPTIGA Trust E device using a Hardware Security Module (HSM) combined with a Data I/O machine. The components are then shipped to the customer ready to be deployed in the final product. User benefits: Costs for the programming of the security devices and definition of the OEM certificate are significantly reduced Small and medium size companies that could usually not afford personalized authentication devices can now easily design-in such solutions with EBV s support End-consumer enjoys a high level of security at reasonable cost creating a strong level of trust and contributing to the reputation of the OEM Supply chain is based on EBV s Avnet Logistic backbone and is therefore promising ultra-high reliability

Solution In order to protect products and intellectual property against common threats like counterfeiting, strong and secured authentication is required. This can be easily achieved with the inclusion of hardware-based security devices like Infineon s OPTIGA Trust E. The design-in of such authentication hardware can be achieved with comparably lower effort. In order to further minimize this effort the security strategy should be considered early in the design process. The production and programming of a personalized, genuine authentication component however requires extensive security expertise as well as highly-specialized production hardware. The process which is used to create the necessary security certificate and to program the security devices is outlined in the graphic below. Step 1: Authenticate Security Chip using a 2-Step Process Device manufacturer certificate preprogrammed Unique Serial ID xxx NVM ECC Security Chip Read and verify manufacturer certificate* Issue random number challenge Trusted Production Environment Check possession of device private key Host (HSM Module) Security device authenticated * Device certificate includes device public key, private key, unique serial ID and other technical data Step 2: Apply OEM Authentication Setting Trusted Production Environment Device manufacturer certificate preprogrammed OEM certificate Unique Serial ID xxx xxx NVM Generate OEM certificate* Write OEM certificate into non-volatile memory Manages/maintains OEM private keys ECC Security Chip OEM info locked in, device is secured and ready to be shipped Host (HSM Module) * OEM certificate is based on OEM private key, device public key and other technical data Core to this approach is a Hardware Security Module (HSM) attached to a computer or a programming machine (in production environments). A HSM is a physical computing module that can generate OEM certificates, manage/store keys in a secured way and provide tamper-detect alerts. EBV has installed such a setup consisting out of a HSM and a Data I/O programming machine in its Avnet Logistics warehouse in Poing, Germany. In these facilities EBV is defining the personalized security certificates together with customers and is executing the programming of the security devices. In addition, EBV takes over the storage of the private OEM keys in the secured Trusted Production Environment. The whole supply chain process is outlined in the graphic below.

Solution The OPTIGA Trust E is a turnkey one-way authentication device for markets looking to protect IP and brand image. Targeted at industrial automation, medical devices, consumer electronics, smart home and PKI network applications, the reduced design-in and integration effort of the OPTIGA Trust E offers OEMs an attainable peace of mind that their products are secured. EBV, with their personalization services, makes this even further achievable by enabling customers to integrate embedded custom security into their products independent of their security experience or volumes. HOW DOES IT WORK? OPTIGA + + Data I/O = We take Infineon OPTIGA Trust E devices We define the OEM certificate and parameters with you We program the devices using a Data I/O machine HOW DOES THIS INTEGRATE INTO YOUR SUPPLY CHAIN? We program the OPTIGA security device We box and ship them using our Avnet Logistics Backbone You receive the security chips ready to drop them into your application That s it! You re ready to market your devices equipped with reliable custom security hardware CUSTOMER SPECIFIC DEVICE = YOUR PRODUCT EQUIPPED WITH CUSTOM SECURITY HARDWARE

Partner Partners from the Infineon Security Partner Network help you secure your devices and applications: understand which threats can undermine your business, propose solutions that will protect your business, build and implement such security solutions and, when relevant manage their operation. They have been selected by Infineon on the basis of their system security competence and ability to design and deliver strong and trustworthy security solutions. Their activities are diverse and include security consulting, security solution provision, electronic design, systems integration and trust services management. For some, offers are off-the-shelf; while for others, offers are custom-built. EBV Elektronik EBV Elektronik, an Avnet Company, was founded in 1969 and is one of the leading specialists in European semiconductor distribution. EBV covers a broad range of market areas with its vertical technology and market segments that include Security & Identification, Analog & Power, High-End Processing, Smart Sensing & Connectivity, RF & Wireless, Industrial, Automotive, Healthcare & Wearables, High-Rel, LightSpeed, Smart Consumer & Buildings, and Smart Grid. The company s successful strategy of personal commitment and excellent services enables its customers to develop and design some of the most innovative products available today. The special focus on embedded security and services, like the personalization of security hardware and crypto components, help EBV to offer sophisticated solutions in order to prevent hacking, counterfeiting and other attacks. 240 Technical Sales Specialists and 105 continuously trained Application Specialists offer extensive application know-how and design expertise. EBV operates from 62 offices in 28 countries throughout Europe as well as in Israel and South Africa. EBV Elektronik s contribution to the Infineon Security Partner Network EBV Elektronik offers personalization services for embedded security devices and extensive security hardware design support in the context of ISPN. The company is the first semiconductor distributor able to program secure devices like the OPTIGA Trust E from Infineon for customers. The generation of OEM certificates and the secured programming of the security components can be fully managed and executed by EBV Elektronik, enabling customers with low production volumes or without security expertise to take advantage of the high protection levels of customized security hardware. In addition to these unique services, EBV Elektronik offers comprehensive hardware design support and security hardware consultancy including guidance during the selection process of the appropriate security hardware. The security know-how of the company spans across the complete IoT market enabling outstanding support for customers in areas like smart consumer devices, home automation, connected car and industrial automation. Published by Infineon Technologies AG 81726 Munich, Germany 2018 Infineon Technologies AG. All Rights Reserved. Date: 01 / 2018 Additional information For further information on technologies, our products, the application of our products, delivery terms and conditions and/or prices please contact your nearest Infineon Technologies office (www.infineon.com). Please note! THIS DOCUMENT IS FOR INFORMATION PURPOSES ONLY AND ANY INFORMATION GIVEN HEREIN SHALL IN NO EVENT BE REGARDED AS A WARRANTY, GUARANTEE OR DESCRIPTION OF ANY FUNCTIONALITY, CONDITIONS AND/OR QUALITY OF OUR PRODUCTS OR ANY SUITABILITY FOR A PARTICULAR PURPOSE. WITH REGARD TO THE TECHNICAL SPECIFICATIONS OF OUR PRODUCTS, WE KINDLY ASK YOU TO REFER TO THE RELEVANT PRODUCT DATA SHEETS PROVIDED BY US. OUR CUSTOMERS AND THEIR TECHNICAL DEPARTMENTS ARE REQUIRED TO EVALUATE THE SUITABILITY OF OUR PRODUCTS FOR THE INTENDED APPLICATION. WE RESERVE THE RIGHT TO CHANGE THIS DOCUMENT AND/OR THE INFORMATION GIVEN HEREIN AT ANY TIME. Warnings Due to technical requirements, our products may contain dangerous substances. For information on the types in question please contact your nearest Infineon Technologies office. Except as otherwise explicitly approved by us in a written document signed by authorized representatives of Infineon Technologies, our products may not be used in any lifeendangering applications, including but not limited to medical, nuclear, military, life-critical or any other applications where a failure of the product or any consequences of the use thereof can result in personal injury.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback