TCG talks embedded security software at Embedded World 2020

Date Published: February, 12, 2020

With the popularity of devices like wearable devices, smart house appliances and infrastructure applications soaring, the number of Internet of Things (IoT)-enabled systems is set to surge upwards of 21 billion over the next five years. When it comes to security, this brings with it risks like never before.

As a result, the way embedded systems developers are creating their software and firmware is changing. A whole new landscape has emerged whereby security is moving to the top of everyone’s agenda as the need for new ways to counteract the increasing number of threats continues to grow.

This is the key theme that Trusted Computing Group (TCG) members will address at Embedded World 2020, with TCG taking a leading role in the conference. In addition to demonstrations inHall 5 Stand 5-341. , TCG will host an IoT Session and take part in a special panel on the exhibition floor.

The activity follows the release of TCG’s latest guidelines and best practices for software and firmware updates, which provides a set of guidelines and best practices for secure software and firmware updates. By following these guidelines, products can be secured throughout their lifetime, not just when they are purchased, helping manufacturers avoid bad publicity, recalls and other problems caused by infected machines.

TPM, 2.0, securing storage and the world’s ‘tiniest’ TPM

Taking place at Messezentrum Nürnberg, NCC Ost Conference Centeron, on Tuesday, February 25 from 2:30pm, TCG’s IoT Session will explore a variety of subjects, including how the TPM 2.0 can be applied to industrial and automotive applications with an Open Source Software Stack and how Secure Flash can increase the resilience of connected systems.

The first of these presentations will be led by Dr Florian Schreiner, of Infineon, who will showcase the use cases of the TPM Software Stack (TSS) and TPM alongside the potential applications and advantages which will be broken down with a detailed explanation of the technical mechanisms of how the software works.

Schreiner will be followed by Guenther Fischer, of Wibu-Systems, who will speak at 3:00pm on Protection Technologies. This presentation will look at effective protection technologies which will encrypt software code and create licences which can be attached to a secure element in the target system. This can prevent attacks occurring from when unsecured software is digitally copied and sold for personal gain well below its value.

At 3:30pm, Stephan Rosner, Vice President of Cypress, will deliver an overview of Secure Flash, including a discussion around a common attack where persistent memory that stores the code of the system is targeted. His talk will describe how secure memories can be applied to improve the resilience of a system against attacks via a network by providing an access control mechanism to protect the firmware and content. The role of Device Identifier Composition Engine (DICE) architectures will also be explored.

Tom Bostrum, of Cyber Pack Ventures, will complete the line-up with a presentation on MARS – Trusted Computing for Low-End Devices at 4:30pm. This will cover Roots of Trust and how they are required to attest to the boot state of a device. The Roots of Trust for Storage (RTS) and Reporting (RTR) are traditionally provided by the TPM – which are not in many smaller embedded systems such as IoT. Without this TPM, manufacturers lack a much-needed way of being able to perform reliable measurement and attestation. Bostrum, will present very low overhead options for integrating functionality around crypto acceleration hardware which is common today. This gives the choice for optimizing the overhead to a level which is suitable for the smallest of IoT devices.

Putting the theory into practice  

For Embedded World attendees who want to see the concepts explored at the IoT Session in action, a host of demonstrations will be showcased at the TCG booth.

Hosted by members Wibu-Systems and Fraunhofer SIT, the demonstrations will highlight solutions that can protect those all-important IoT and embedded system devices based upon TCG specifications and technologies with a root of trust.

We look forward to presenting our expertise and stressing the importance secure embedded systems have to play at Embedded World 2020 when it comes to the innovations of the future.

Visit our booth and attend the TCG IoT Sessionto learn more! To register to attend Embedded World, visit: https://www.embedded-world.de/en/visitors.

Join

Membership in the Trusted Computing Group is your key to participating with fellow industry stakeholders in the quest to develop and promote trusted computing technologies.

Join Now

Trusted Computing

Standards-based Trusted Computing technologies developed by TCG members now are deployed in enterprise systems, storage systems, networks, embedded systems, and mobile devices and can help secure cloud computing and virtualized systems.

Read more

Specifications

Trusted Computing Group announced that its TPM 2.0 (Trusted Platform Module) Library Specification was approved as a formal international standard under ISO/IEC (the International Organization for Standardization and the International Electrotechnical Commission). TCG has 90+ specifications and guidance documents to help build a trusted computing environment.

Read more