CardOS Secure Elements for Smart Home Applications

Similar documents
Cyber security mechanisms for connected vehicles

iotrust Security Solutions

Server side management system for multiple IoT terminals in industrial systems

Accelerating the implementation of trusted computing

EBV Personalization Services for Security Devices

Easy Incorporation of OPTIGA TPMs to Support Mission-Critical Applications

Securing V2X communications with Infineon HSM

ID Synchronization for a multi-directory identity repository

Spotlight on IoT Security. Choose the right security for the Internet of Things.

Bull Trustway DataProtect. Securing your end to end infrastructure with unified encryption

Information pack. #AtosGovCloud Making the world a better place

Evidian. Web Access Authentication for Apps

Patrick van der Griendt Atos International GSI SAP SAP HANA

Security in NFC Readers

Implementing security has never been easier. Infineon Security Partner Network.

Enabling Smart Lighting for Smart Cities. How Cheen Ng 18 August 2017

No Industry 4.0 without Security

BullSequana M series. Responsive mainframe for a digital world

Automotive Security An Overview of Standardization in AUTOSAR

Utimaco HSM Introduction JIPDEC Seminar June 2017

IDCore. Flexible, Trusted Open Platform. financial services & retail. Government. telecommunications. transport. Alexandra Miller

Security & Chip Card ICs SLE 55R04. Intelligent 770 Byte EEPROM with Contactless Interface complying to ISO/IEC Type A and Security Logic

Morgan Stanley Digital Day. London, March

Industrial PROFET. Universal Application Board User s Manual

SIMPLIFYING THE CAR. Helix chassis. Helix chassis. Helix chassis WIND RIVER HELIX CHASSIS WIND RIVER HELIX DRIVE WIND RIVER HELIX CARSYNC

Smart Meter Security. Martin Klimke, Principle of Technical Marketing Infineon Chip Card and Security

Secure Application Trend in Smartphones. STMicroelectronics November 2017

Connecting Securely to the Cloud

Cyber security of automated vehicles

Securing IoT devices with STM32 & STSAFE Products family. Fabrice Gendreau Secure MCUs Marketing & Application Managers EMEA Region

REALIZE YOUR. DIGITAL VISION with Digital Private Cloud from Atos and VMware

Demystifying Industrial Security

Smart High-Side Power Switch BSP742RI PG-DSO8. AEC qualified Green product (RoHS compliant)

Operating temperature T a

Application Note, V1.0, Jul AP08049 XC886/888CLM. Migration of Flash to ROM Device: Memory Protection Configurations.

Smart Payments. Generating a seamless experience in a digital world.

Overview of PBI-blockchain cooperation technology

PAC Q&A The Cloud Offering from Atos

Understanding modern security controllers. - which chip do you need for your identity document?

Scalable Security solutions to enable Cyber Security and to manage Digital Identities

The Open Application Platform for Secure Elements.

NovalithIC H-Bridge Demo Board

eidas compliant Trust Services with Utimaco HSMs

ARM Security Solutions and Numonyx Authenticated Flash

Introduction to Device Trust Architecture

Security of Embedded Hardware Systems Insight into Attacks and Protection of IoT Devices

How does your organization manage Privileged Users?

$263 WHITE PAPER. Flexible Key Provisioning with SRAM PUF. Securing Billions of IoT Devices Requires a New Key Provisioning Method that Scales

Provisioning secure Identity for Microcontroller based IoT Devices

A revolutionary visual security and analytics solution

Sicherheitsaspekte für Flashing Over The Air in Fahrzeugen. Axel Freiwald 1/2017

Confirmation concerning Products for Qualified Electronic Signatures

Database by bullion Leverage your data, reduce your cost

Trust & Privacy: Information Security and Identity Management for Autonomous Vehicles. March 31, failure analysis & prevention

The fast-track to NFV

SECURING THE CONNECTED ENTERPRISE.

HARDWARE SECURITY MODULES (HSMs)

Creating Trust in a Highly Mobile World

SLE66CX322P or SLE66CX642P / CardOS V4.3B Re_Cert with Application for Digital Signature

Azure Sphere Transformation. Patrick Ward, Principal Solutions Specialist

INTERNET OF THINGS KONTRON

Chip Card & Security ICs SLE Intelligent 1024 Byte EEPROM with Write Protection and Programmable Security Code

Application Note, V 1.1, Apr AP08006 C868. Interfacing SPI/I2C Serial EEPROM with C868 Microcontroller. Microcontrollers. Never stop thinking.

Utimaco Portfolio Overview Hardware Security Products and Services

Security Requirements for Crypto Devices

Internet of Things Toolkit for Small and Medium Businesses

TLS202B1. Demonstration Board Manual. Automotive Power. Demonstration Board Manual. Rev. 1.0,

Application Note No. 097

Intelligent Building and Cybersecurity 2016

Architecture 1 3. SecureToken. 32-bit microprocessor smart chip. Support onboard RSA key pair generation. Built-in advanced cryptographic functions

Date: 13 June Location: Sophia Antipolis. Integrating the SIM. Dr. Adrian Escott. Qualcomm Technologies, Inc.

TopSec Product Family Voice encryption at the highest security level

COMMON CRITERIA CERTIFICATION REPORT

Payment and Identification Secure solutions

white paper SMS Authentication: 10 Things to Know Before You Buy

WHAT FUTURE FOR CONTACTLESS CARD SECURITY?

Applied IT Security. Device Security. Dr. Stephan Spitz 10 Development Security. Applied IT Security, Dr.

UNCLASSIFIED//FOR OFFICIAL USE ONLY INDUSTRIAL CONTROL SYSTEMS CYBER EMERGENCY RESPONSE TEAM

Chip Card & Security ICs SLE Intelligent 256-Byte EEPROM with Write Protection function and Programmable Security Code

Building secure devices on the intelligent edge with Azure Sphere. Paul Foster, Microsoft Dr Hassan Harb, E.On

The Future of Smart Cards: Bigger, Faster and More Secure

Cybersecurity. Quality. security LED-Modul. basis. Comments by the electrical industry on the EU Cybersecurity Act. manufacturer s declaration

First quarter 2016 revenue

Introducing Hardware Security Modules to Embedded Systems

M2MD Communications Gateway: fast, secure, efficient

ASCLIN Asynchronous Synchronous Interface

XMC1000 EEPROM emulation and data retention

Windows 10 IoT Core Azure Connectivity and Security

PROTECTION FOR WORKSTATIONS, SERVERS, AND TERMINAL DEVICES ENDPOINT SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

standards and frameworks and controls oh my! Mike Garcia Senior Advisor for Elections Best Practices

Legal Regulations and Vulnerability Analysis

ARM European Technical Symposium The security challenges that IoT and Mobile Computing Devices are facing. Pierre Garnier, COO

PKI Credentialing Handbook

Application Note, V 1.1, Feb AP DAP Connector. Microcontrollers

TLT807B0EPV Demoboard

XC2000 Family AP Application Note. Microcontrollers. XC2236N Drive Card Description V1.0,

Linear movement with a 3D sensor

QuickSpecs. Key Features and Benefits. HP C-Series MDS 9000 Storage Media Encryption (SME) Software. Overview. Retired

The Open Protocol for Access Control Identification and Ticketing with PrivacY

Transforming IT: From Silos To Services

Transcription:

Infineon Security Partner Network Partner Use Case CardOS Secure Elements for Smart Home Applications Using cryptographic functionality provided by ATOS to secure embedded platforms in Smart Home applications. Products SLE 78 www.infineon.com/ispn

Use case Application context and security requirement With today s Smart Home applications more and more home devices are connected to the internet and IT security becomes more and more an issue. Smart Home devices are an attractive target for attackers, so confidentiality, integrity and authenticity must be maintained and additionally privacy protection becomes a concern. Challenge With the increase in networking in the Smart Home area, communication must be protected in order to prevent attackers manipulating data. This protection is mainly based on the secured storage and processing of cryptographic keys. These keys are used to prove the integrity and authenticity of data, which can be checked by cryptographic signatures. Additionally, for certain applications, some messages must also be encrypted. And the integrity of software running on application controllers needs to be monitored. The most efficient solution for those requirements is a dedicated secure element, providing much better security than software only solutions. The Smart Home secure element must provide the typical hardware interfaces used by the microcontrollers integrated on the respective controller boards. Implementation The Atos solution is based on a dedicated security controller which can be easily integrated into existing Smart Home controller without deeply affecting the complete board design. Infineon s SLE 78 was selected as the security chip to provide stateof-the-art security as known from the smart card area and in addition the needed hardware interfaces. Together with the chip platform Infineon provides a cryptographic library which supports the cryptographic functionality. On top of this platform Atos implements its well-known operating system CardOS, which performs the cryptographic functionality over standard interfaces like ISO 7816, SPI or I2C. CardOS is a multifunctional native operating system, which provides a high level of flexibility by adapting the file structure. In addition, it is extendable by customized packages to amend or adjust the operating system functionality. To ease implementation of the cryptographic functionality Atos also offers the abstraction layer CardOS API (Application Programming Interface), which appliance developers will use to access the keys and cryptographic functionality of the Atos secure element via high level interfaces. Benefits for the user: State-of-the-art crypto functionality provided by a certified chip platform based on Integrity Guard and SOLID FLASH and CardOS operating system Easy integration of cryptographic functionality by embedding a dedicated secure element into an existing board design Easy implementation of cryptographic functionality in application controllers by integrating CardOS API

Solution The control units of Smart Home devices like heating installations, air conditioning systems, alarm systems, entertainment electronics and many other devices communicate with each other and externally. Especially the external communication is critical because an attack using this attack surface endangers the functionality of the devices and enables a fast proliferation within the devices of a Smart Home appliance provider. To achieve the best protection for external communication a dedicated secure element should be used within these Smart Home devices rather than relying on a software based security solution. The secure element provided by Atos uses Infineon s SLE 78 chip as hardware platform and the CardOS operating system. The interface to the application controller is either ISO 7816-3 (T=1), SPI or I2C, with the last two being commonly used in embedded microcontrollers. The multifunctional native operating system CardOS provides all required state-of-the-art crypto functionalities like: Key generation and secured key storage Authentication with application controller or another communication end point Signature creation and validation Message encryption and decryption Cryptographic Algorithms: 3DES, AES (up to 256 bit), AES CMAC, SHA-2, ECDH (up to 521 bit), EC-KAEG, RSA (up to 4096 bit), ECDSA (up to 521 bit) True Random Number Generator (class PTG.2) Applications are supported by a dynamic, highly flexible file system based on the ISO 7816-4 standard. In addition to the comprehensive basic functionality of the operating system, CardOS allows users to add additional functionality by loading software enhancements. Besides that this mechanism also offers the possibility to change existing functionality thus offering a patch mechanism for the operating system. To simplify the software interface to the secure element, Atos provides in addition CardOS API. This API serves as an abstraction layer for using CardOS based secure elements, thus avoiding the complexity for the customer by dealing with low level communication. CardOS API allows applications to connect the secure element using standard interfaces. CardOS API will also support IoT specific platforms such as Embedded Linux or Windows 10 IoT. Smart Home Device Smart Home Application Controller Controller Communication Stack Crypto Interface based on CardOS API Secure Element based on CardOS on SLE 78

Solution Main benefits of the Infineon product The SLE 78 SOLID FLASH family is Infineon s state-of-the-art generation of 16-bit security controllers optimized for high security applications. With its Integrity Guard technology it provides highest standards for security controllers available on the market. Being certified according to Common Criteria EAL5+, the SLE 78 family meets the highest security levels for implementation of Smart Home security applications.

Partner Partners from the Infineon Security Partner Network help you secure your devices and applications: understand which threats can undermine your business, propose solutions that will protect your business, build and implement such security solutions and, when relevant manage their operation. They have been selected by Infineon on the basis of their system security competence and ability to design and deliver strong and trustworthy security solutions. Their activities are diverse and include security consulting, security solution provision, electronic design, systems integration and trust services management. For some, offers are off-the-shelf; while for others, offers are custom-built. Atos Atos SE (Societas Europaea) is a leader in digital services with pro forma annual revenue of over 12 billion and circa 100,000 employees in 72 countries. Serving a global client base, the Group provides Consulting & Systems Integration services, Managed Services & BPO, Cloud operations, Big Data & Cyber-security solutions, as well as transactional services through Worldline, the European leader in the payments and transactional services industry. With its deep technology expertise and industry knowledge, the Group works with clients across different business sectors: Defense, Financial Services, Health, Manufacturing, Media, Utilities, Public sector, Retail, Telecommunications, and Transportation. Atos is focused on business technology that powers progress and helps organizations to create their firm of the future. The Group is the Worldwide Information Technology Partner for the Olympic & Paralympic Games and is listed on the Euronext Paris market. Atos operates under the brands Atos, Atos Consulting, Atos Worldgrid, Bull, Canopy, Unify and Worldline. For more information, visit: www.atos.net. Atos contribution to the Infineon Security Partner Network Atos provides products in the field of embedded device security in the context of ISPN. In addition to the standard smartcard solutions for legacy applications, Atos offers products for the IoT market such as industrial applications, home automation and the automotive market. The focus of the products is to integrate separate secure elements to provide the highest security achievable with today s security technology. Atos also has many years of experience with Common Criteria certifications for the security products. In addition Atos provides the complete chain of cyber security consulting from initial consultancy and analysis, through to implementation and ongoing management. Published by Infineon Technologies AG 81726 Munich, Germany 2017 Infineon Technologies AG. All Rights Reserved. Date: 11 / 2017 Additional information For further information on technologies, our products, the application of our products, delivery terms and conditions and/or prices please contact your nearest Infineon Technologies office (www.infineon.com). Please note! THIS DOCUMENT IS FOR INFORMATION PURPOSES ONLY AND ANY INFORMATION GIVEN HEREIN SHALL IN NO EVENT BE REGARDED AS A WARRANTY, GUARANTEE OR DESCRIPTION OF ANY FUNCTIONALITY, CONDITIONS AND/OR QUALITY OF OUR PRODUCTS OR ANY SUITABILITY FOR A PARTICULAR PURPOSE. WITH REGARD TO THE TECHNICAL SPECIFICATIONS OF OUR PRODUCTS, WE KINDLY ASK YOU TO REFER TO THE RELEVANT PRODUCT DATA SHEETS PROVIDED BY US. OUR CUSTOMERS AND THEIR TECHNICAL DEPARTMENTS ARE REQUIRED TO EVALUATE THE SUITABILITY OF OUR PRODUCTS FOR THE INTENDED APPLICATION. WE RESERVE THE RIGHT TO CHANGE THIS DOCUMENT AND/OR THE INFORMATION GIVEN HEREIN AT ANY TIME. Warnings Due to technical requirements, our products may contain dangerous substances. For information on the types in question please contact your nearest Infineon Technologies office. Except as otherwise explicitly approved by us in a written document signed by authorized representatives of Infineon Technologies, our products may not be used in any lifeendangering applications, including but not limited to medical, nuclear, military, life-critical or any other applications where a failure of the product or any consequences of the use thereof can result in personal injury.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback