How to protect software and IP, how to ensure software and IP will not be stolen and reused?
Trusted Objects has developed a set of security solutions to protect OEM’s software and IP at every stage of the product’s lifecycle:
Software and IP protection against copy and theft during manufacturing
Trusted Objects provides TOPS, an equipment made of hardware and software including a HSM (Hardware Security Module), which enables secure programming.
No matter where the production facility is located, TOPS handles the software secure transfer from the OEM to the production location, its secure storage during manufacturing and its secure programming inside the MCU.
TOPS is entirely controlled by the OEM and therefore no third party may have access to software and IP. The OEM can also control the number of devices programmed with TOPS through a secure report file generated at end of each batch.
TOPS can physically be installed inside the programming factory or on a remote location. In any case TOPS is programming equipment agnostic and scalable.
TOPS can perform any kind of existing cryptographic operations including generation of secret keys based on device ID and software encryption by using dedicated cryptographic routines before programming, among others.
Software and IP protection against copy and theft during OTA software update
In order to perform OTA (over the air) software updates securely, a secure channel must be established between the IoT device and the server.
The TLS (Transport Layer Security) is an easy way to implement this end-to-end security layer with a protocol based on mutual authentication and message encryption.
Trusted Objects provides TO-Protect TLS, a lightweight secure software library for embedded systems where high security and small code footprint are required.
Running on any generic MCU, TO-Protect TLS is a 100% software solution which comprises a secure implementation of the full TLS stack enabling a secure communication between the device and the server.
Combine with the MCU upgrader, TO-Protect TLS is an efficient way to implement a robust security mechanism to protect an OTA software update.
TO-Protect TLS handles secure connectivity but also secure storage of certificates and keys.
Software and IP protection against reverse engineering
Once in the field, a device might be hacked for instance using code dumping and reverse engineering that could trigger a high risk of cloned devices.
If code dumping is a risk, an efficient way to protect software and IP is to make the attack inoperable using encryption mechanisms.
The TO-Protect secure software library for embedded systems used to protect software and IP during OTA software update, is also used to protect software and IP against reverse engineering.
During manufacturing, software and IP are programmed encrypted or partially encrypted.
In the field, TO-Protect handles the following two operations:
At boot, software decryption or partial decryption,
During the device operation, keys secure storage with obfuscation techniques.
In addition TO-Protect is easy to implement and its efficiency against software reverse engineering has already be proven by independent security labs.
Trusted Objects security experts will help you defining the appropriate security implementation which depends on risk assessment, MCU capabilities, production flow and programming equipment.