Professional Documents
Culture Documents
embedded security
solutions
Threats Impact
2 3
Service Offering
• Definition of security requirements
• Device selection Time to change the game
• Customer specific configuration support
Cheer up those times are over!
• Sabotage – deliberate, destructive force used to • Damaged reputation • Personalization of secure elements EBV is changing the game with an industry first custom
prevent a system from working as intended. (DDOS • Financial loss • Logistics programming service for security devices. Now you can
integrate embedded custom security
(Distributed Denial of Service), Ransom ware, etc.) • Decreased customer experience
seamlessly into your supply chain at affordable cost, without
• Reverse engineering – extracting information from a • Intellectual Property (IP) / Data loss Benefits security experience and independently of volumes.
device or system in order to reproduce or copy it. Can • Ransom • The personalization takes place in a highly secure and
also be used to access data on similar devices based on • Legal consequences separated area
the knowledge gained during the reverse engineering • Failure of functional safety systems • A HSM (High Security Module) ensures highest level of
process. • Physical impact, injuries security for generating keys and certificates How does it work?
• HW counterfeit – Copy of a device, system or • No investment needed on customer side • We take “blank” devices
• We define the OEM certificate and parameters with you
consumable; often difficult to distinguish from original • Flexible solution for any quantities
• We program the devices using a Data I/O machine
and low quality. • Fast and secure
• Eavesdropping/ Man-in-the-middle – Breach of • Fits into standard logistics flow Customer
Specific
communication or data exchange in order to obtain • Minimized risk of security breaches Device
Remote • For personalization, the encrypted file is loaded in the • We box and ship them using our
Miuse of network protocols
Box Internet software • Exploit communication protocol errors HSM where it’s being decrypted (it will never be visible
Avnet Logistics Backbone
• You receive the security chips ready to drop
=
attack • Flaws in software design / implementation to anybody) them into your application
Your
Product
Cloud equipped
• Before programming, devices are checked for • That’s it! You’re ready to market your devices with
Custom
equipped with reliable custom security hardware Security
originality Hardware
With the case opened / removed • Device data and secret configuration data are
Board • Test / debug port access combined and injected into the device
level • Inter device bus and IO probing
• A log file is generated for each single device and is
• Reset, clock attacks
attack available for download for the customer
• Power analysis
• Temperature / electrical attacks (glitch, overvoltage)
Response
Integrity
Turnkey solutions
Product name OPTIGA™ TRUST E SLS 32AIA OPTIGA™ Trust X SLS 32AIA OPTIGA™ TRUST M SLS 32AIA
The level of security depends on
how secrets are Enhanced authentication solution
- generated Product description Enhanced device security solution Enhanced device security solution
for high-value goods
- stored
- handled
Trust Interfaces I2C I2C I2C (shielded connection)
EEPROM – – –
NVM 3 kByte 10 kByte 10 kByte
Software Security IT security
RAM – – –
OS, firewall, virusscanner
CPU 16-bit 16-bit 16-bit
Secure boot, secure data storage, ECC 256-bit, ECC 384-bit, RSA
Asymmetrical cryptography ECC 256-bit ECC 256-bit
network security 1024-bit, RSA 2048-bit
EBV "SLS32AIA020X4 standard: "SLS32AIA010MS standard:
Hardware Security -25 to +85°C -25 to +85°C ;
Root of trust Secure key storage, crypto acceleration, Ambient temperature -40°C to +85°C
SLS32AIA020X2 extended: SLS32AIA010MH extended:
authentication -40 to +105°C" -40 to +105°C"
Delivery forms USON-10-2 USON-10-2 USON-10
Organizational Security PKI networks, consumer electronics, Internet of Things (IoT), smart home,
Security policies, access to information smart home, industrial automation, industrial automation, consumer Mutual authentication, secured
6 Partner Internet of Things (IoT), electronics, smart metering, communication, secured updates, 7
network
authentication of system services authentication of system services key provisioning, life- cycle
Physical Security Typical applications
and accessories, original and accessories, original management, data store protection,
Access control, tamper protected case, alarm systems replacement parts, smart metering, replacement parts, secure power management, platform
system configuration management, communication, IP/software integrity protection
IP/software protection protection
Certifications – EAL6+ (high) for the HW CC EAL6+ (high) for HW
EBV personalization services available available
Trusted Computing
OPTIGA™ TPM (Trusted Platform Module)
Product name OPTIGA™ TPM SLB OPTIGA™ TPM SLB OPTIGA™ TPM SLB OPTIGA™ TPM SLB OPTIGA™ TPM SLB OPTIGA™ TPM SLB OPTIGA™ TPM SLB OPTIGA™ TPM SLB OPTIGA™ TPM SLB
9645TT1.2 9645XT1.2 9645VQ1.2 9645XQ1.2 9660TT1.2 9660XT1.2 9660VQ1.2 9660XQ1.2 9665TT2.0
The Infineon OPTIGA™ TPM The Infineon OPTIGA™ TPM The Infineon OPTIGA™ TPM The Infineon OPTIGA™ TPM The Infineon OPTIGA™ TPM The Infineon OPTIGA™ TPM The Infineon OPTIGA™ TPM The Infineon OPTIGA™ TPM The Infineon OPTIGA™ TPM
(Trusted Platform Module) is a (Trusted Platform Module) is a (Trusted Platform Module) is a (Trusted Platform Module) is a (Trusted Platform Module) is a (Trusted Platform Module) is a (Trusted Platform Module) is a (Trusted Platform Module) is a (Trusted Platform Module) is a
standardized security standardized security standardized security standardized security standardized security standardized security standardized security standardized security standardized security
controller which provides a controller which provides a controller which provides a controller which provides a controller which provides a controller which provides a controller which provides a controller which provides a controller which provides a
Product description
wide range of security wide range of security wide range of security wide range of security wide range of security wide range of security wide range of security wide range of security wide range of security
functions for computing functions for computing functions for computing functions for computing functions for computing functions for computing functions for computing functions for computing functions for computing
platforms and embedded platforms and embedded platforms and embedded platforms and embedded platforms and embedded platforms and embedded platforms and embedded platforms and embedded platforms and embedded
systems. systems. systems. systems. systems. systems. systems. systems. systems.
Interfaces I2C I2C I2C I2C LPC LPC LPC LPC LPC
Symmetrical
AES, HMAC, SHA-1 AES, HMAC, SHA-1 AES, HMAC, SHA-1 AES, HMAC, SHA-1 AES, HMAC, SHA-1 AES, HMAC, SHA-1 AES, HMAC, SHA-1 AES, HMAC, SHA-1 AES, HMAC, SHA-1, SHA-256
cryptography
ECC, ECC BN-256, ECC NIST
Asymmetrical
RSA1024, RSA2048 RSA1024, RSA2048 RSA1024, RSA2048 RSA1024, RSA2048 RSA1024, RSA2048 RSA1024, RSA2048 RSA1024, RSA2048 RSA1024, RSA2048 P-256, ECC256, ECDH, RSA1024,
cryptography
RSA2048
Ambient temperature -20°C to +85°C -40°C to +85°C -20°C to +85°C -40°C to +85°C -20°C to +85°C -40°C to +85°C -20°C to +85°C -40°C to +85°C -20°C to +85°C
Package TSSOP-28 TSSOP-28 VQFN-32 VQFN-32 TSSOP-28 TSSOP-28 VQFN-32 VQFN-32 TSSOP-28
PC and mobile computing with PC and mobile computing with PC and mobile computing with PC and mobile computing with PC and mobile computing with
PC and mobile computing on PC and mobile computing on PC and mobile computing on PC and mobile computing on
Intel x86, ARM platforms and Intel x86, ARM platforms and Intel x86, ARM platforms and Intel x86, ARM platforms and Intel x86, ARM platforms and
non-x86 platforms; embedded non-x86 platforms; embedded non-x86 platforms; embedded non-x86 platforms; embedded
8 others; embedded devices e.g. others; embedded devices e.g. others; embedded devices e.g. others; embedded devices e.g. others; embedded devices e.g. 9
Typical applications devices e.g.communication, devices e.g. communication, devices e.g. communication, Devices e.g. communication,
communication, gateways, communication, gateways, communication, gateways, communication, gateways, communication, gateways,
gateways, printer,PoS systems, gateways, printer, PoS systems, gateways, printer, PoS systems, gateways, printer, PoS systems,
printer, PoS systems, printer, PoS systems, printer, PoS systems, printer, PoS systems, printer, PoS systems,
networking, ATMs networking, ATMs networking, ATMs networking, ATMs
networking, ATMs networking, ATMs networking, ATMs networking, ATMs networking, ATMs
"CC EAL4+, "CC EAL4+, "CC EAL4+, "CC EAL4+, "CC EAL4+,
based on CC EAL4+ certified based on CC EAL4+ certified based on CC EAL4+ certified based on CC EAL4+ certified
Certifications FIPS 140-2 level 2 (with FW FIPS 140-2 level 2 (with FW FIPS 140-2 level 2 (with FW FIPS 140-2 level 2 (with FW FIPS 140-2 level 2 (with FW
HW HW HW HW
update)" update)" update)" update)" update)"
Standard Version 1.2 Rev. 116 Version 1.2 Rev. 116 Version 1.2 Rev. 116 Version 1.2 Rev. 116 Version 1.2 Rev. 116 Version 1.2 Rev. 116 Version 1.2 Rev. 116 Version 1.2 Rev. 116 Version 2.0 Rev. 01.16
OPTIGA™ TPM
OPTIGA™ trusted platform module (TPM) OPTIGA™ TPM Industrial
Automotive
Product name OPTIGA™ TPM SLB OPTIGA™ TPM SLB OPTIGA™ TPM SLB OPTIGA™ TPM SLB OPTIGA™ TPM SLB OPTIGA™ TPM SLB OPTIGA™ TPM SLB OPTIGA™ TPM SLM 9670 OPTIGA™ TPM SLI 9670
9665XT2.0 9665VQ2.0 9665XQ2.0 9670VQ1.2 9670XQ1.2 9670VQ2.0 9670XQ2.0
The Infineon OPTIGA™ TPM The Infineon OPTIGA™ TPM The Infineon OPTIGA™ TPM The Infineon OPTIGA™ TPM The Infineon OPTIGA™ TPM The Infineon OPTIGA™ TPM The Infineon OPTIGA™ TPM The Infineon OPTIGA™ TPM (Trusted Platform
(Trusted Platform Module) is (Trusted Platform Module) is (Trusted Platform Module) is (Trusted Platform Module) is (Trusted Platform Module) is (Trusted Platform Module) is (Trusted Platform Module) is Module) SLM 9670 is a special model of OPTIGA™
a standardized security a standardized security a standardized security a standardized security a standardized security a standardized security a standardized security TPM that meets the requirements of industrial and
controller which provides a controller which provides a controller which provides a controller which provides a controller which provides a controller which provides a controller which provides a other demanding applications, where key Security cryptocontroller for
Product description
wide range of security wide range of security wide range of security wide range of security wide range of security wide range of security wide range of security requirements include an extended temperature automotive use cases
functions for computing functions for computing functions for computing functions for computing functions for computing functions for computing functions for computing range (-40 to +105°C), extended lifetime, long-lasting
platforms and embedded platforms and embedded platforms and embedded platforms and embedded platforms and embedded platforms and embedded platforms and embedded supply availability in combination with industrial
systems. systems. systems. systems. systems. systems. systems. quality grade.
Interfaces LPC LPC LPC SPI SPI SPI SPI SPI SPI
Symmetrical
AES, HMAC, SHA-1, SHA-256 AES, HMAC, SHA-1, SHA-256 AES, HMAC, SHA-1, SHA-256 AES, HMAC, SHA-1 AES, HMAC, SHA-1 AES, HMAC, SHA-1, SHA-256 AES, HMAC, SHA-1, SHA-256 HMAC, SHA-1, SHA-256 HMAC, SHA-1, SHA-256
cryptography
ECC, ECC BN-256, ECC NIST ECC, ECC BN-256, ECC NIST ECC, ECC BN-256, ECC NIST ECC, ECC BN-256, ECC NIST ECC, ECC BN-256, ECC NIST ECC, ECC BN-256, ECC NIST
Asymmetrical ECC, ECC BN-256, ECC NIST P-256, ECC256, ECDH,
P-256, ECC256, ECDH, P-256, ECC256, ECDH, P-256, ECC256, ECDH, RSA1024, RSA2048 RSA1024, RSA2048 P-256, ECC256, ECDH, P-256, ECC256, ECDH, P-256, ECC256, ECDH,
cryptography RSA1024, RSA2048
RSA1024, RSA2048 RSA1024, RSA2048 RSA1024, RSA2048 RSA1024, RSA2048 RSA1024, RSA2048 RSA1024, RSA2048
Ambient temperature -40°C to +85°C -20°C to +85°C -40°C to +85°C -20°C to +85°C -40°C to +85°C -20°C to +85°C -40°C to +85°C -40°C to +105°C -40°C to +105°C
Package TSSOP-28 VQFN-32 VQFN-32 VQFN-32 VQFN-32 VQFN-32 VQFN-32 VQFN-32 VQFN-32
PC and mobile computing PC and mobile computing PC and mobile computing PC and mobile computing PC and mobile computing PC and mobile computing PC and mobile computing
Industrial computing, industrial PCs, servers, tablets,
with Intel x86, ARM platforms with Intel x86, ARM platforms with Intel x86, ARM platforms with Intel x86, ARM platforms with Intel x86, ARM platforms with Intel x86, ARM platforms with Intel x86, ARM platforms
single-board computers, programmable logic
and others; embedded and others; embedded and others; embedded and others; embedded and others; embedded and others; embedded and others; embedded
Typical applications controllers (PLCs), industrial networking Automotive security
devices e.g. communication, devices e.g. communication, devices e.g. communication, devices e.g. communication, devices e.g. communication, devices e.g. communication, devices e.g. communication,
infrastructure & equipment, industrial servers,
gateways, printer, PoS gateways, printer, PoS gateways, printer, PoS gateways, printer, PoS gateways, printer, PoS gateways, printer, PoS gateways, printer, PoS
gateways, routers, switches
systems, networking, ATMs systems, networking, ATMs systems, networking, ATMs systems, networking, ATMs systems, networking, ATMs systems, networking, ATMs systems, networking, ATMs
"CC EAL4+, "CC EAL4+, "CC EAL4+, "CC EAL4+, "CC EAL4+, "CC EAL4+ & FIPS 140-2 level "CC EAL4+ & FIPS 140-2 level
Certifications FIPS 140-2 level 2 (with FW FIPS 140-2 level 2 (with FW FIPS 140-2 level 2 (with FW FIPS 140-2 level 2 (with FW FIPS 140-2 level 2 (with FW 2 2 CC EAL4+, FIPS 140-2 CC EAL4+, FIPS 140-2
update)" update)" update)" update)" update)" combined certification" combined certification"
Standard Version 2.0 Rev. 01.16 Version 2.0 Rev. 01.16 Version 2.0 Rev. 01.16 Version 1.2 Rev. 116 Version 1.2 Rev. 116 Version 2.0 Rev. 01.38 Version 2.0 Rev. 01.38 Version 2.0 Rev. 1.38 Version 2.0 Rev. 1.38
Qualification – – – – – – – – AEC-Q100
EBV personalization
available available available available
services
Evaluation Boards
OPTIGA™ Trust
OPTIGA™ TPM (Trusted Platform Module) OPTIGA™ TPM Iridiumboards OPTIGA™ TPM Xenonboards
Evaluation Kits
Product name S2Go Security S2Go Security S2Go Security MY IOT ADAPTER OPTIGATM Trust E TPM SLB 9645 IRIDIUM9670 IRIDIUM9670 IRIDIUM SLI9670 IRIDIUM SLM9670 TPM 70 1.2 TPM 70 2.0
OPTIGA™ Trust E OPTIGA™ Trust X OPTIGA™ Trust M EVAL KIT IRIDIUMBOARD TPM1.2 LINUX TPM2.0 LINUX TPM2.0 LINUX TPM2.0 LINUX XENONBOARD XENONBOARD
Picture
oD eite
offices,10th floor, Unit 1006 Building 13, Ground Floor
Neue Ramtelstraße 4 Brannfjellveien 11
Phone: +359 2 9264 337 Phone: +27 11 23619 00
Phone: +49 7152 3009 0 Phone: +47 22 67 17 80
Fax: +359 2 9264 133 Fax: +27 11 23619 13
Fax: +49 7152 759 58 Fax: +47 22 67 17 89
SPAIN
CZECH REPUBLIC POLAND
90471 Nürnberg 08014 Barcelona
18600 Prague 80-838 Gdansk c/Tarragona 149 - 157 Planta 19 1º
Lina-Ammon-Straße 19B
Amazon Court, Karolinska 661/4 Targ Rybny 11/12 Phone: +34 93 47332 00
Phone: +49 911 817669 0
Phone: +420 2 34091 011 Fax: +49 911 817669 20 Phone: +48 58 30781 00 Fax: +34 93 47363 89
Fax: +420 2 34091 010
P02-676 Warszawa 39005 Santander (Cantabria)
04435 Schkeuditz
DENMARK Postepu 14 Racing nº 5 bajo
8230 Åbyhøj
Ved Lunden 10-12, 1. sal
Phone: +45 8 6250 466
Fax: +45 8 6250 660
n P -S
Frankfurter Straße 2
Phone: +49 34204 4511 0
Fax: +49 34204 4511 99
78048 VS-Villingen
Phone: + 48 22 209 88 05
50-062 Wroclaw
Pl. Solny 16
Phone: +48 71 34229 44
Phone: +34 94 22367 55
Phone: +34 94 23745 81
FRANCE
Building B, 2nd Floor - 2nd District
91300 Massy Cedex (Paris) Fax: +36 1 43672 20
Phone: +40 21 52816 12 TURKEY
Le Copernic bât B Fax: +40 21 52816 01 06520 Ankara
12 rue Jean Bart ISRAEL
Armada Is Merkezi
Phone: +33 1 644729 29 4581500 Bnei Dror Eskisehir Yolu No: 6, Kat: 14
RUSSIA
Tirosh 1 Ofis No: 1406, Sogutozu
620028 Ekaterinburg
35700 Rennes Phone: +972 9 77802 60 Phone: +90 312 2956 361
Tatischeva Street 49A
ro
16, Rue de Jouanet Fax: +972 3 76011 15 Fax: +90 216 528831 1
Phone: +7 343 31140 4
Phone: +33 2 998300 51 Fax: +7 343 31140 46
ITALY 34774 Ümraniye / Istanbul
Fax: +33 2 998300 60
20095 Cusano Milanino (MI) Tatlısu Mahallesi Pakdil Sokak 7
127486 Moscow Phone: +90 216 528831 0
Via Alessandro Manzoni, 44
67400 Illkirch Graffenstaden Korovinskoye Shosse 10, Fax: +90 216 528831 1
Phone: +39 02 660962 90
35 Rue Gruninger Build 2, Off. 28
Bü