INTRODUCTION
A leading industrial automation systems vendor required a solution for its control solutions supporting military, transportation and industrial markets. Its products are installed throughout the world, controlling a wide variety of mission-critical and safety-critical processes and machinery. Solutions include launch systems, turbine and boiler control, and fire detection / safety systems.
THE PROBLEM—SECURING HIGH-AVAILABILITY PRODUCTS
In military applications, high availability is not negotiable. In addition to redundant input and output connections, network connections and power sources, the vendor’s controllers required a software installation and update process that would not compromise performance.
To ensure high availability, the solution needed to be able to securely boot, update, and recover using a process that would sign and verify the authentication of software. Encryption, exchanging and storing data, and executing a reliable process to store and manage keys was critical.
THE EmSPARK™ SOLUTION
SecEdge’s EmSPARK™ Security Suite was implemented to address the requirements of software verification, encryption and key management.
- To ensure a secure boot process from ROM boot to loading Linux files and device firmware, a secure memory partition, which loads the EmSPARK CoreTEE™ Trusted Execution Environment for critical applications, was created.
- At bootup, the firmware is verified, secure applications are loaded in the CoreTEE environment, and known software such as Linux was loaded into memory.
- EmSPARK™ provided key and certificate based payload authentication mechanisms to authenticate incoming payloads during firmware updates.
- EmSPARK™ provided key management functions as well as tools for the loading, deleting and updating of certificates.