Table of Contents

1 Introduction

  • Abstract

2 Key Security Measures

  • Encryption
  • Root of Trust
  • Identity
  • Hardware Security Module

3 Security Measures in Secure Provisioning

  • Symmetric and Asymmetric Keys
  • Digital Signatures

4 Secure Provisioning Workflow

  • Software Development
  • IP Packaging
  • Package Transfer
  • Secure Provisioning

1

Chapter 1

Introduction

Within seconds of searching for “secure provisioning” on the web, you are presented with a myriad of descriptions covering multiple technologies, but very few of which seem to relate to the problems placed upon your classic embedded development engineer. So why should an embedded engineer be interested in secure provisioning as a service?

Abstract

With the ever-increasing investment in engineering resources required to develop a connected product, it’s no surprise that managers are under pressure to find ways of protecting their investment. This pressure flows down to development engineers who are asked to come up with solutions to ensure the company’s valuable software is protected. There are many solutions available to help protect software, but a key factor that is often overlooked is the security of the manufacturing process that programs the software into the bare-metal micro-controller.


Can the process be trusted? And how does “Secure Provisioning” come into the equation?


In this whitepaper we will highlight four key areas of security, explain how they relate to the manufacture of a secure product, and show why secure provisioning should not be overlooked during product development.


Encryption

Root of Trust

Identity

Hardware Security Module

2. Key Security Measures

2.1 Encryption

This is a complex subject but is probably the key element in ensuring your software is protected and not visible to prying eyes. Encryption is often the first thing that comes to mind when the subject of security is raised. To be able to encrypt your software ensures that is can be transported securely, after all, it is common for software images to be sent to remote programming houses to turn bare-metal micro-controllers into useful products. This is a classic point where software is vulnerable to attack.


So, without getting too bogged down in math, what does an embedded development engineer need to know? Well, there are two public key cryptographic techniques that are popular today. These are Rivest, Shamir, & Adleman (RSA) and Elliptic Curve Cryptography (ECC). There is a great deal of information available when comparing the two techniques. However, from the embedded engineers’ viewpoint, it is necessary to understand what micro-controller resources are needed to implement these techniques. ECC seems to be the clear winner here with the main advantages being:


  • Very fast key generation
  • Fast signatures
  • Smaller key sizes for equivalent RSA security levels
  • Good standards support
  • Good key exchange mechanism

Basically, for ECC, it comes down to fast and small (short computation bursts and small flash memory needed for key storage and transmission). As an example, a 256-bit ECC public key has approximately the same level of security as a 3074-bit RSA public key.

Whitepaper Author

Chris Jones

Security Solutions Specialist & FAE (Freelance Consultant)

Chris has worked for BAE Systems; Cypress Semiconductor; Renesas Electronics; and SecureThingz in various roles. He conducts training in the complexities of security, also presenting at many IoT conferences on the topic of secure manufacturing techniques.