Scribd
Upload
22 views

ST Secure Solutions Authentication and Iot

ST provides secure authentication solutions for consumer and industrial devices using its STSAFE product family. STSAFE includes optimized, flexible, and standardized solutions based on a CC EAL5+ secure element. It provides authentication, secure communication, platform integrity, and secure storage. This protects brands, ensures trusted devices, and provides privacy.

Uploaded by

jbs
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
22 views

ST Secure Solutions Authentication and Iot

ST provides secure authentication solutions for consumer and industrial devices using its STSAFE product family. STSAFE includes optimized, flexible, and standardized solutions based on a CC EAL5+ secure element. It provides authentication, secure communication, platform integrity, and secure storage. This protects brands, ensures trusted devices, and provides privacy.

Uploaded by

jbs
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 14

Secure authentication

solutions for consumer &


industrial
Consumer & Industrial market segments
Security hardening

Consumer Industrial & infrastructure

• Consumables, printers • Factory automation


• Various consumer goods and accessories • Environmental sensors, actuators
• Batteries • Gateway, base station
• Qi wireless chargers • Utilities
• EV chargers
• Connected objects

2
Threats and countermeasures
Threats Security services Benefits

Device cloning or • Authentication, unique ID Brand protection


counterfeiting
• Secure communication
Device integrity or
• Platform integrity Trusted Device
data corruption
• Usage monitoring
Loss of confidential Privacy
• Secure storage
information

• EAL5+ CC certified secure MCU


• Secure operating system, secure handling of
cryptographic keys

• Customer secure keys and certificates loading at ST


in a security certified environment

3
STSAFE* solution overview

A scalable secure solution for consumer & industrial devices

• Developed to ensure devices authentication, platform integrity,


data confidentiality and availability

• Scalable STSAFE family from optimized to flexible and standardized


TPM solutions

• Based on proven CC EAL5+ hardware Secure Element

• Provided within a complete ecosystem

• With in-house pre-personalized secrets and certificates

*is a registered and/or unregistered trademark of STMicroelectronics International


NV or its affiliates in the EU and/or elsewhere

4
STSAFE market segments
Consumer Industrial Infrastructure

Consumables, printers, computers Sensors, actuators, factory automation Gateways, base stations, utilities

Optimized (STSAFE-A)
Tuned for brand protection and secure connection

Flexible (STSAFE-J)
Flexible Java™ platform

Standardized (STSAFE-TPM)
TCG-standardized platform

5
STSAFE family
Certified security solutions from nodes to infrastructure

STSAFE-A STSAFE-J STSAFE-TPM


Optimized Flexible Standardized

• Fixed features set: • JavaCardTM-based OS • Platform integrity


• Authentication • Applet specific features set: • Secure Boot
• Secure connection establishment • Authentication • Secure Firmware upgrade
• Secure storage • Secure connection establishment • Trusted network access
• Personalization services • Secure storage • Secure storage
• Seamless integration with STM32 ODE • Personalization services • Linux-based MPU Development kit
package • HW CC EAL5+ certified • SoC CC EAL4+, TCG 2.0, FIPS140-2
• HW CC EAL5+ certified certified

6
STSAFE-A110 services

Secure authentication Ecosystem Secure Provisioning Cloud Attachment

• Unique ID • X-NUCLEO-SAFEA1 • Customer certificates • Amazon Web service


• Authentication with • X-CUBE-SAFEA1 • WPC 1.3 QI charging • Microsoft Azure
asymmetric cryptography
• Private Clouds
• Attestation based on X509
certificates

7
STSAFE-A110 overview

Secure solution for brand protection & connected devices

Optimized and certified • Strong authentication


• Secure channel establishment (TLS)
• Signature verification
• Decrement counter
Provisioning services • Secure data storage
• Amazon AWS JIT and Microsoft Azure DPS
device enrollment
• WPC 1.3 Qi authentication compliant
Seamless integration • Based on CC EAL5+ platform

8
STSAFE-A110 evaluation tools & software

STM32 Nucleo board X-NUCLEO-SAFEA1


• ODE STM32 expansion board
• Pre-personalized STSAFE-A110
• ArduinoTM interface

• A complete software package STM32


cube compliant
• X-CUBE-SAFEA1
• STSW-SAFEA1-MW

• An openSSL security stack


STSAFE-A110 • STSW-STSA110-SSL

9
STSAFE-J overview

A secure platform for industrial devices and infrastructure

• Java based platform Java 3.0.4, GP 2.1.1,


Flexible and certified HW CC EAL5+ certified
• A Java CardTM applet for
• Authentication
• Secure connection
• Secure data storage
Provisioning services • Personalization service

• Customer specific applet


• Arduino-compliant expansion board
Complete ecosystem • PKCS11 Software package
(driver and code examples)

10
STSAFE-TPM overview

Expanding standardized trust from personal computing to connected devices

• Ensure platform integrity


Standardized & certified • Secure connected devices
• TPM 2.0 r1.38 or r1.59
• Available in consumer, automotive and
industrial qualifications
Provisioning • Upgradable firmware
• Linux Open-source ecosystem
(driver, Software stacks, Linux open source)
• Provisioning service
Complete ecosystem • Common criteria EAL4+ & FIPS 140-2 level 2
certified

11
STSAFE-TPM evaluation tools & software
STPM4RasPI

• STPM4RasPI expansion board for


Raspberry PI ® and STM32-MP1
with Consumer TPM supporting I²C or SPI
interfaces

Raspberry PI ®
40-pin connector
• TPM Linux integration application note
• AN5714

• ST Github Linux I²C driver TCG-compliant STSAFE-TPM


• TCG-TPM-I2C-DRV Consumer
(ST33TPHFxx, ST33K-TPM)
• Board databrief
• STPM4RasPi databrief

12
STSAFE solution takeaways

Product family addressing end-to-end security

STSAFE-A & STSAFE-TPM offer a comprehensive ecosystem

In-house personalization services

13
Find out more at www.st.com/stsafe

© STMicroelectronics - All rights reserved.


ST logo is a trademark or a registered trademark of STMicroelectronics International NV or its affiliates in the EU and/or other countries.
For additional information about ST trademarks, please refer to www.st.com/trademarks.
All other product or service names are the property of their respective owners.

You might also like