• Secure boot for operating systems

    Secure boot for operating systems

    Hidden malware has become an enormous threat for embedded systems. Boot processes secured using cryptographic algorithms provide solid protection against these attacks.

Almost every day, new attacks are launched on embedded systems used, for example, in safety-critical applications such as in vehicles and industrial machines. Once hackers succeed in getting the attacked ECU to execute the manipulated software, they can sabotage machines by triggering faulty processes (one example for industrial plants is the Stuxnet virus). In the case of vehicle control systems, this can put human lives at risk.

updates
updates

Booting under the protection of algorithms
– with signed software

Secure booting is the basis for the trustworthiness of the devices. Once the ECU software is fully configured, tested, and released, an additional, crucial step follows– the executable binary code is assigned a signature. This signing essentially “seals” the code, meaning it can no longer be changed without the modifications becoming visible. The signature is created within the ESCRYPT key management solution.

This makes it possible to check the authenticity of the software. The code is sealed, because with every modification the related signature becomes invalid. The code is authenticated, because it has been signed with a unique, undisclosed, private key defined by the manufacturer. Just like the signature, this key is also created and managed using ESCRYPT’s key management solution.

As the device starts up, the signature is verified during the secure boot with the help of a corresponding certificate. This guarantees the authenticity and integrity of the manufacturer’s software. If verification fails because the software has been manipulated, the booting process is not executed in the usual way. An emergency program may then be started to guarantee the functional safety of the vehicle or machine.
 

We see to it that only authorized software is executed.

All necessary security products and services from a single source

Risk-appropriate, effective, and cost-efficient implementation of software on the product

Key management by experts for the security of embedded systems

Flexible, customized integration into existing solutions

Available as a “fully worry-free” managed service upon request

Language:
ISO 9001-2008 Home