Guest Contribution By Secure-IC
The Internet of Things offers unprecedented opportunities to customize and even share digital services in everybody’s life. Your private car can be lent or rented through a mobile app, your favorite music/series can be enjoyed on multiple devices whilst fully respecting owners rights. Such fluidity in the information exchange requires rock-solid end-to-end security guarantees, from the cloud service provider to the chips laying in user mobile appliance. The scenario today is even more challenging as services need to be evolutive, and users wish to delegate them to friends or customers. Device-level security thereby becomes a focal point. Its embedded/integrated secure element shall endorse the responsibility to allow/disallow services, update and transfer them to other peers.
The aforementioned secure element must, therefore, have the legitimacy to hold the liability of executing the necessary action required for flexibility without any compromise. This new paradigm propels the secure element into a role: that of enabling variable-geometry services while ensuring a strict security policy. As an example, you might expect to grant access to someone else to your car when away from home, and furthermore to allow your guest to achieve the same. Obviously, you expect this cascade of trust to respect some constraints, such as duration, suspension of rights in case of irresponsible driving and to have a clear image of the current situation (who does what and when). Such a scenario is made possible by the embedded secure element present in the telematic central unit of your car. Indeed, its duties consist of the following tasks:- it checks whether or not the car is trustworthy, in that no malware has been installed,- it securely enforces the sharing configuration mandated by the primary ower,- it authenticates owner and the owner(s) by delegation, and- it provides necessary information to distribute to shareholders (owners, co-owners, and maybe insurance company, garage in case of incident).
In order to cope with all those missions, the secure element leverages several technologies, namely secure-boot, client authentication, access rights management, event logging for forensic and/or publication on a blockchain. Moreover, security monitoring task checks in the background that device vital functions and data are not tampered with. Secure-IC has designed Securyzr (TM), a secure element able to meet all those requirements. It roots its security in formally proven silicon IP blocks, able to withstand the strongest attacks. The threats indeed range from chip backside attack with highly energetic glitches or pulsed laser injection to sophisticated software attacks such as Spectre, RowHammer, Return-Oriented-Programming. The internal architecture of Securyzr (TM) builds upon the cyberdefense-in-depth strategy, and embeds conservative protection aiming at thwarting even unknown attacks: indeed, Securyzr (TM) proactively prevents attacks by implementing countermeasures that solve all compromises in a generic manner, i.e. irrespective of the actual leakage/perturbation cause.
“Secure-IC Securyzr (TM) solution is the result of 15 years of research and 10 years of deployment. Our engineers thrive to anticipate the state-of-the-art of attacks, and invent according to protections to always keep ahead of piracy,” explains Sylvain Guilley, CTO and co-founder, Secure-IC. “I quickly understood that trustworthy security technologies require the combination of the best-of-breed anti-tamper detectors, cryptography, embedded cybersecurity, along with a rigorous evaluation method, which validates the security properties, from source code to silicon masks. This tandem of protection & evaluation results in a unique offer on the market: Securyzr (TM) is a multi-tenant configurable secure element, formally proven and ready for the more stringent certifications,” comments Hassan Triqui, CEO and co-founder, Secure-IC.
Secure-IC S.A.S. is a provider of embedded security solutions, security analysis tools and related consulting services. Secure-IC is a thought leader, publishing numerous scientific papers and editing international standards in the field of security requirements, test and evaluation. Secure-IC operates in Rennes (HQ), Paris, Singapore, and Tokyo. It’s business consists of the licensing of certification-ready IP solutions and leverages on four Security Science Laboratories to develop its expertise.