Using ARM TrustZone Technology for Securing Embedded Devices Running Applications of Mixed Criticality Presenter: Felix Baum, Mentor
|
|
- Dayna Berry
- 7 years ago
- Views:
Transcription
1 Using ARM TrustZone Technology for Securing Embedded Devices Running Applications of Mixed Criticality Presenter: Felix Baum, Mentor
2 Agenda Objectives Describe the need for hardware enforced security Outline the use cases for the ARM TrustZone deployments Highlight the pros and cons of various options Results Provide a better understanding of how to secure embedded devices by utilizing the ARM Cortex-A hardware and software capabilities Mentor Embedded products
3 Why Secure the Device Devices are everywhere: outside traditional security perimeter Perimeter security is not enough Perimeter can be compromised Insider attacks account for ~70% of threats Your PC is on a secure network but still has endpoint security Embedded devices need the same protection Security of the software in the consolidated multicore device has a new meaning
4 Security starting point: Root of Trust Device Hardware to Boot Boot to OS OS to Application Execution Authorized Access Prevent untrusted boot Prevent untrusted OS from launching Prevent untrusted Application from executing Prevent attacks Establishing Software Chain of Trust from the root HARDWARE! 1. Hardware to Bootrom 2. Bootrom to Operating System 3. Operating System to Application
5 Security starting point: Chain of Trust Before loading any software, ask: Did it come from the OEM? Has it been tampered with? App 1 App 2 App N First Stage Boot Loader Signature Crypto Key Second Stage Boot Loader Signature Crypto Key Operating System(s) Signature Crypto Key ARM TrustZone can be used for: Crypto Key Storage Signature Generation and Comparison Signature Storage Loading OS and Apps Proprietary and Confidential 2014 Mentor Graphics
6 Securing Multicore Devices Linux or RTOS (master) Linux or RTOS or BME Hypervisor Cortex A Cortex A 14 use cases
7 Securing Multicore Devices Linux or RTOS (master) Linux or RTOS or BME RTOS or BME RTOS or BME Hypervisor Cortex A Cortex A Cortex M Cortex M 14 use cases * N use cases
8 Securing Multicore Devices Linux or RTOS (master) Linux or RTOS or BME RTOS or BME RTOS or BME RTOS or BME Hypervisor Cortex A Cortex A Cortex M Cortex M Soft Core 14 use cases * N use cases * M use cases
9 Security and Safety via Separation Safety: Protecting the world from the device Security: Protecting the device from the world Mixed criticality: Protecting of security or safety critical parts of the device from other parts of the device ISO requires freedom from interference. If two systems can interfere with each other, they must be certified to the highest ASIL level of the two. Secure separation aims to eliminate such interference.
10 Use Case 1: Physical Separation aka AMP
11 What the system looks like today Graphics or Web Real Time App SMP Linux A9 A9 Multicore Device running one Operating System Migrating to multicore device for the next generation or project Need to consolidate applications that require real time and determinism with applications requiring Linux networking or graphics services Addressing performance constrains of existing design
12 What the system will look like Graphics or Web Real Time App Linux RTOS A9 A9 or M4 Multicore Device running multiple Operating Systems Single user interface for Configure, Edit, Debug, Optimize work Framework to configure, boot, execute and communicate across cores and Operating Systems Take full advantage of the underlying silicony goodness
13 How this could be accomplished Sourcery CodeBench IDE Floor 5 Room 304 Patient Name: Jan Facility: Clinic User Applications Webserver rpmsg virtio Qt HMI Mentor Embedded Linux Core Lifecycle Management Remote Firmware Patient Sensor Data Acquisition Application Mentor Embedded Multicore Framework remoteproc Nucleus RTOS rpmsg virtio ARM Cortex -A9 IPC Freescale i.mx6 SoloX ARM Cortex -M4
14 Use Case 2: Separation via Virtualization
15 What the system looks like today Cluster App Infotainment App ECU App OS OS Autosar SoC SoC SoC Multiple boards running various Operating Systems and dedicated applications Migrating to multicore device for the next generation or project Need to consolidate applications that require real time with Linux Must share displays and other resources
16 What the system will look like Cluster App Infotainment App ECU App RTOS Linux Autosar A15 Hypervisor A15 M4 Consolidation to a single Heterogeneous Multicore SoC running multiple Operating Systems and Applications Virtualizing GPU to either control multiple displays per application or layer multiple applications on a single display (1:1, 1:N, N:1) Framework to configure, boot, execute and communicate across domains in safe and reliable matter
17 How this could be accomplished Infotainment Display Cluster Display FPD-Link Touch Display 10 (1280x800 ) FPD-Link Display 12 (1280x480 ) BusMaster CAN Vehicle Simulator USB 2CAN CAN BUS AUTOSAR & CAN stack on M4 AXSB J6 IVI Linux Nucleus Hypervisor (2xA15) + GPU sharing
18 Use Case 3: Separation via ARM TrustZone
19 Separation via ARM TrustZone ARM TrustZone can be thought of as a hardware-based solution that can be used to define a subset of the SoC for access by software. Software that is designated as Secure World software has access to ALL of the SoC, while software that is designated as Normal World can access only those HW elements that are defined as Non-Secure.
20 Separation via ARM TrustZone ARM TrustZone can be thought of as a hardware-based solution that can be used to define a subset of the SoC for access by software. Software that is designated as Secure World software has access to ALL of the SoC, while software that is designated as Normal World can access only those HW elements that are defined as Non-Secure. S S
21 Separation via ARM TrustZone ARM TrustZone can be thought of as a hardware-based solution that can be used to define a subset of the SoC for access by software. Software that is designated as Secure World software has access to ALL of the SoC, while software that is designated as Normal World can access only those HW elements that are defined as Non-Secure. S S
22 Separation via ARM TrustZone ARM TrustZone can be thought of as a hardware-based solution that can be used to define a subset of the SoC for access by software. Software that is designated as Secure World software has access to ALL of the SoC, while software that is designated as Normal World can access only those HW elements that are defined as Non-Secure. S S
23 What the system looks like today App 1 App 2 App 1 App 2 RTOS RTOS RTOS A9 A9 A9 One or more cores running applications of various security or robustness levels Migrating to multicore or more powerful device for the next project Need to consolidate applications that require secure and non secure apps
24 What the system will look like Secure App nonsecure App Secure App nonsecure App RTOS RTOS Linux A9 A9 A9 One or more cores running applications of various security or robustness levels Migrating to multicore or more powerful device for the next project Need to consolidate applications that require secure and non secure apps
25 How this could be accomplished Secure App nonsecure App Secure App nonsecure App Nucleus RTOS Data Control Nucleus RTOS or Linux Nucleus RTOS Data Control Nucleus RTOS or Linux TrustZone TrustZone A9 A9 A9 Using the ARM TrustZone capabilities of the SoC separating secure or robust applications from the rest of the system Control only flows from Secure World to Normal World Data could flow either way
26 Use Case 4: Separation via Virtualization and TEE
27 GlobalPlatform and TEE GlobalPlatform.org identifies, develops and publishes specifications for secure and interoperable deployment and management of multiple embedded applications on secure chip technology. The TEE is a secure area within the main processor of a embedded device ensuring that sensitive data is stored, processed and protected in a trusted environment. The TEE offers safe execution of authorized security software and enables it to provide end-to-end security by enforcing protection, confidentiality, integrity and data access rights.
28 What the system looks like today Non-secure Apps Linux A9 Single or Multicore Device running one Operating System Migrating to multicore device for the next generation or project Need to consolidate applications that require real time and determinism with applications requiring Linux networking or graphics services Must address security!!!
29 What the system will look like Real Time App Graphics or Web Secure Apps RTOS Linux Secure OS Cortex A Cortex A Cortex A Multicore Device running multiple Operating Systems Must run Operating Systems reliably and robustly Must have a dedicated context to run secure applications
30 How this could be accomplished Secure App Real Time App Graphics or Web TEE RTOS Linux TrustZone Hypervisor Cortex A Cortex A Multicore Device running multiple Operating Systems Hypervisor supports running Operating Systems reliably and robustly TrustZone and TEE provide a dedicated context to run secure applications according GlobalPlatform specifications
31 Summary Analyze your specific requirements to determine which use case outlined in this session makes sense for your device Integrate security into the device itself don t just rely on a secure perimeter Develop solutions that integrate hardware specific capabilities along with software framework that relies on it
32 The World of Embedded Devices The is no silver bullet or one single button to push to adequately protect an embedded device! Consider using ARM TrustZone and Mentor Graphics products to meet security and regulatory requirements!
Comprehensive Security for Internet-of-Things Devices With ARM TrustZone
Comprehensive Security for Internet-of-Things Devices With ARM TrustZone Howard Williams mentor.com/embedded Internet-of-Things Trends The world is more connected IoT devices are smarter and more complex
More informationMentor Embedded Automotive Solutions
Mentor Embedded Automotive Solutions Overview May 2013 mentor.com/embedded Android is a trademark of Google Inc. Use of this trademark is subject to Google Permissions. Linux is the registered trademark
More informationSecure Containers. Jan 2015 www.imgtec.com. Imagination Technologies HGI Dec, 2014 p1
Secure Containers Jan 2015 www.imgtec.com Imagination Technologies HGI Dec, 2014 p1 What are we protecting? Sensitive assets belonging to the user and the service provider Network Monitor unauthorized
More informationMentor Embedded IVI Solutions
Mentor Embedded IVI Solutions Infotainment Instrument Cluster Andrew Patterson andrew_patterson@mentor.com Business Development Director Automotive Embedded Software mentor.com/embedded Android is a trademark
More informationSierraware Overview. Simply Secure
Sierraware Overview Simply Secure Sierraware Software Suite SierraTEE/Micro Kernel TrustZone/GlobalPlatform TEE SierraVisor: Bare Metal Hypervisor Hypervisor for ARM Para-virtualization, TrustZone Virtualization,
More informationARM Processors and the Internet of Things. Joseph Yiu Senior Embedded Technology Specialist, ARM
ARM Processors and the Internet of Things Joseph Yiu Senior Embedded Technology Specialist, ARM 1 Internet of Things is a very Diverse Market Human interface Location aware MEMS sensors Smart homes Security,
More informationCustomer Experience. Silicon. Support & Professional Eng. Services. Freescale Provided SW & Solutions
September 2013 Silicon Support & Professional Eng. Services Customer Experience Freescale Provided SW & Solutions Provide Valued Software, Support & Professional Engineering Services, Competitively 2 Customer
More informationVerfahren zur Absicherung von Apps. Dr. Ullrich Martini IHK, 4-12-2014
Verfahren zur Absicherung von Apps Dr. Ullrich Martini IHK, 4-12-2014 Agenda Introducing G&D Problem Statement Available Security Technologies Smartcard Embedded Secure Element Virtualization Trusted Execution
More informationHigh Performance or Cycle Accuracy?
CHIP DESIGN High Performance or Cycle Accuracy? You can have both! Bill Neifert, Carbon Design Systems Rob Kaye, ARM ATC-100 AGENDA Modelling 101 & Programmer s View (PV) Models Cycle Accurate Models Bringing
More informationAndroid Virtualization from Sierraware. Simply Secure
Android Virtualization from Sierraware Simply Secure Integration Challenges DRM Mandates TrustZone TEE Hypervisor provides the flexibility and security needed for BYOD Power management, responsibility
More informationH MICRO CASE STUDY. Device API + IPC mechanism. Electrical and Functional characterization of HMicro s ECG patch
H MICRO CASE STUDY HMicro HMicro is a wireless healthcare chip company to enable industry s first fully disposable wireless patches with high reliability, high data integrity, low cost, small form factor
More informationInfotainment and Telematics Solutions with Renesas R-Car Course ID: 0C18I
Infotainment and Telematics Solutions with Renesas R-Car Course ID: 0C18I mentor.com/embedded Android is a trademark of Google Inc. Use of this trademark is subject to Google Permissions. Linux is the
More informationEmbedded Java & Secure Element for high security in IoT systems
Embedded Java & Secure Element for high security in IoT systems JavaOne - September 2014 Anne-Laure SIXOU - ST Thierry BOUSQUET - ST Frédéric VAUTE - Oracle Speakers 2 Anne-Laure SIXOU Smartgrid Product
More informationSimplify rich applications & hard real-time
embedded world Conference 2013 Simplify rich applications & hard real-time F&S Elektronik Systeme GmbH Untere Waldplätze 23 D-70569 Stuttgart Tel. (+49)(0)711 123722-0 Speaker: Dipl.Ing.(FH) Martin Kiepfer
More informationSecurity 4.0 - Security by Separation
Security 4.0 - Security by Separation Making Industrial Control Systems More Secure Author(s): Date: Version Mehmet Özer 19.05.2015 v1.0 SYSGO AG 1 Agenda Security Challenges IoT Architecture for Industrial
More informationWeek Overview. Installing Linux Linux on your Desktop Virtualization Basic Linux system administration
ULI101 Week 06b Week Overview Installing Linux Linux on your Desktop Virtualization Basic Linux system administration Installing Linux Standalone installation Linux is the only OS on the computer Any existing
More informationWIND RIVER SECURE ANDROID CAPABILITY
WIND RIVER SECURE ANDROID CAPABILITY Cyber warfare has swiftly migrated from hacking into enterprise networks and the Internet to targeting, and being triggered from, mobile devices. With the recent explosion
More information2015 MicroDoc GmbH, München www.microdoc.com. Java and IoT from a MicroDoc perspective
Java and IoT from a MicroDoc perspective MicroDoc Profile Founded in 1991 Privately owned software engineering company Offices in Munich, Berlin, Stuttgart International, cross industry, customer base
More informationPikeOS: Multi-Core RTOS for IMA. Dr. Sergey Tverdyshev SYSGO AG 29.10.2012, Moscow
PikeOS: Multi-Core RTOS for IMA Dr. Sergey Tverdyshev SYSGO AG 29.10.2012, Moscow Contents Multi Core Overview Hardware Considerations Multi Core Software Design Certification Consideratins PikeOS Multi-Core
More informationDevelopment With ARM DS-5. Mervyn Liu FAE Aug. 2015
Development With ARM DS-5 Mervyn Liu FAE Aug. 2015 1 Support for all Stages of Product Development Single IDE, compiler, debug, trace and performance analysis for all stages in the product development
More informationDOWNLOAD COURSE PRESENTATIONS. Scan to download course presentations
DOWNLOAD COURSE PRESENTATIONS 2 Scan to download course presentations ZYNQ OS SUPPORT 3 AGENDA 4 > OS/Ecosystem Overview > Xilinx Petalinux/OSL > AMP Reference Design Information > Linux Partial Reconfiguration
More informationApplying Multi-core and Virtualization to Industrial and Safety-Related Applications
White Paper Wind River Hypervisor and Operating Systems Intel Processors for Embedded Computing Applying Multi-core and Virtualization to Industrial and Safety-Related Applications Multi-core and virtualization
More informationSECURE IMPLEMENTATIONS OF CONTENT PROTECTION (DRM) SCHEMES ON CONSUMER ELECTRONIC DEVICES
SECURE IMPLEMENTATIONS OF CONTENT PROTECTION (DRM) SCHEMES ON CONSUMER ELECTRONIC DEVICES Contents Introduction... 3 DRM Threat Model... 3 DRM Flow... 4 DRM Assets... 5 Threat Model... 5 Protection of
More informationVehicular On-board Security: EVITA Project
C2C-CC Security Workshop 5 November 2009 VW, MobileLifeCampus Wolfsburg Hervé Seudié Corporate Sector Research and Advance Engineering Robert Bosch GmbH Outline 1. Project Scope and Objectives 2. Security
More informationAN INTEL COMPANY WIND RIVER AUTOMOTIVE SOLUTIONS
AN INTEL COMPANY WIND RIVER AUTOMOTIVE SOLUTIONS The Software-Enabled Automobile Software is a key differentiating factor for today s automakers. It is critical to harnessing the opportunities of autonomous
More informationARM TrustZone and KVM Coexistence with RTOS For Automotive
ARM TrustZone and KVM Coexistence with RTOS For Automotive Michele Paolino m.paolino@virtualopensystems.com Automotive-grade Linux Summit, 2015-06-01, Tokyo, Japan Authorship and sponsorship Michele Paolino,
More informationIoT Security Concerns and Renesas Synergy Solutions
IoT Security Concerns and Renesas Synergy Solutions Simon Moore CTO - Secure Thingz Ltd Agenda Introduction to Secure.Thingz. The Relentless Attack on the Internet of Things Building protection with Renesas
More informationBuilding Blocks Towards a Trustworthy NFV Infrastructure
Building Blocks Towards a Trustworthy NFV Infrastructure IRTF NFVRG Adrian L. Shaw Hewlett-Packard Laboratories / July 22 nd, 2015 1 Why security and trust? Big requirement for critical
More informationVirtualization Technologies and Blackboard: The Future of Blackboard Software on Multi-Core Technologies
Virtualization Technologies and Blackboard: The Future of Blackboard Software on Multi-Core Technologies Kurt Klemperer, Principal System Performance Engineer kklemperer@blackboard.com Agenda Session Length:
More informationGETTING STARTED WITH ANDROID DEVELOPMENT FOR EMBEDDED SYSTEMS
Embedded Systems White Paper GETTING STARTED WITH ANDROID DEVELOPMENT FOR EMBEDDED SYSTEMS September 2009 ABSTRACT Android is an open source platform built by Google that includes an operating system,
More informationLeveraging Thin Hypervisors for Security on Embedded Systems
Leveraging Thin Hypervisors for Security on Embedded Systems Christian Gehrmann A part of Swedish ICT What is virtualization? Separation of a resource or request for a service from the underlying physical
More informationsamsung mobility solutions discover business built in
samsung mobility solutions discover business built in the world s most popular devices are now ready for enterprise with business built in Samsung Mobility Solutions include a complete range of enterprise
More information8 Solutions Designed To Optimize The Data Center The Power of OS Portability
8 Solutions Designed To Optimize The Data Center The Power of OS Portability Break the Dependence of Software on Hardware Configurations Increasing Flexibility in the Data Center through OS Portability
More informationVirtualization in the ARMv7 Architecture Lecture for the Embedded Systems Course CSD, University of Crete (May 20, 2014)
Virtualization in the ARMv7 Architecture Lecture for the Embedded Systems Course CSD, University of Crete (May 20, 2014) ManolisMarazakis (maraz@ics.forth.gr) Institute of Computer Science (ICS) Foundation
More informationUNCLASSIFIED Version 1.0 May 2012
Secure By Default: Platforms Computing platforms contain vulnerabilities that can be exploited for malicious purposes. Often exploitation does not require a high degree of expertise, as tools and advice
More informationA Perspective on the Evolution of Mobile Platform Security Architectures
A Perspective on the Evolution of Mobile Platform Security Architectures Kari Kostiainen Nokia Research Center, Helsinki TIW, June 2011 Joint work with N. Asokan, Jan-Erik Ekberg and Elena Reshetova 1
More informationA M D DA S 1. 0 For the Manageability, Virtualization and Security of Embedded Solutions
A M D DA S 1. 0 For the Manageability, Virtualization and Security of Embedded Solutions AMD DAS (DASH, AMD Virtualization (AMD-V ) Technology, and Security) 1.0 is a term used to describe the various
More informationVirtualization for Hard Real-Time Applications Partition where you can Virtualize where you have to
Virtualization for Hard Real-Time Applications Partition where you can Virtualize where you have to Hanspeter Vogel Triadem Solutions AG Real-Time Systems GmbH Gartenstrasse 33 D-88212 Ravensburg Germany
More information1. Survey on the Embedded Windows Сompact 7 for System-
Testing NVidia Tegra 2 and Microsoft Windows Embedded Compact 7 SoC Artsiom Staliarou, Pavel Savyghin, AXONIM Devices, Microsoft Embedded Partner Plan 1. Survey on the Embedded Windows Сompact 7 for System-on-Chip
More informationSmartphone Security. A Holistic view of Layered Defenses. David M. Wheeler, CISSP, CSSLP, GSLC. (C) 2012 SecureComm, Inc. All Rights Reserved
Smartphone Security A Holistic view of Layered Defenses David M. Wheeler, CISSP, CSSLP, GSLC 1 The Smartphone Market The smartphone security market is expected to grow at a rate of 44 percent annually
More informationVirtualization: Hypervisors for Embedded and Safe Systems. Hanspeter Vogel Triadem Solutions AG
1 Virtualization: Hypervisors for Embedded and Safe Systems Hanspeter Vogel Triadem Solutions AG 2 Agenda Use cases for virtualization Terminology Hypervisor Solutions Realtime System Hypervisor Features
More informationIntecs 2011 - Roma - Pisa - Napoli - Milano - Torino - Cagliari - Genova L Aquila - Toulouse - Paris
In Vehicle Infotainment and Open Source Summary In Vehicle Infotainment GENIVI Alliance Open Source in IVI Intecs Experience In Vehicle Infotainment In Vehicle Infotainment is a rapidly growing gand evolving
More informationEVITA-Project.org: E-Safety Vehicle Intrusion Protected Applications
EVITA-Project.org: E-Safety Vehicle Intrusion Protected Applications 7 th escar Embedded Security in Cars Conference November 24 25, 2009, Düsseldorf Dr.-Ing. Olaf Henniger, Fraunhofer SIT Darmstadt Hervé
More informationMobile Cloud Computing and Regulatory Issues
Mobile Cloud Computing and Regulatory Issues 1 Have you ever used Mobile Cloud Computing? 2 Mobile Processor Storage Network Power Sensors/gadgets Personal Small Small Constant Change! Limited Battery
More informationTrustworthy Computing
Stefan Thom Senior Software Development Engineer and Security Architect for IEB, Microsoft Rob Spiger, Senior Security Strategist Trustworthy Computing Agenda Windows 8 TPM Scenarios Hardware Choices with
More informationAvailability For Network Function Virtualization. Alon Bernstein Distinguished Engineer Cisco Systems
Availability For Network Function Virtualization Alon Bernstein Distinguished Engineer Cisco Systems Availability Using Software In The Data Center Storage Compute Networking (NFV) NFV Redundancy Requirements
More informationNetwork connectivity controllers
Network connectivity controllers High performance connectivity solutions Factory Automation The hostile environment of many factories can have a significant impact on the life expectancy of PCs, and industrially
More informationDeeply Embedded Real-Time Hypervisors for the Automotive Domain Dr. Gary Morgan, ETAS/ESC
Deeply Embedded Real-Time Hypervisors for the Automotive Domain Dr. Gary Morgan, ETAS/ESC 1 Public ETAS/ESC 2014-02-20 ETAS GmbH 2014. All rights reserved, also regarding any disposal, exploitation, reproduction,
More informationObjectives. Chapter 2: Operating-System Structures. Operating System Services (Cont.) Operating System Services. Operating System Services (Cont.
Objectives To describe the services an operating system provides to users, processes, and other systems To discuss the various ways of structuring an operating system Chapter 2: Operating-System Structures
More informationThe Art of Virtualization with Free Software
Master on Free Software 2009/2010 {mvidal,jfcastro}@libresoft.es GSyC/Libresoft URJC April 24th, 2010 (cc) 2010. Some rights reserved. This work is licensed under a Creative Commons Attribution-Share Alike
More informationAndroid on i.mx Applications Processors
July 2009 Android on i.mx Applications Processors Sridharan Subramanian Senior Product Manager Software and Platforms Abstract Android is a software platform and operating system for mobile devices, based
More informationSierraVMI Sizing Guide
SierraVMI Sizing Guide July 2015 SierraVMI Sizing Guide This document provides guidelines for choosing the optimal server hardware to host the SierraVMI gateway and the Android application server. The
More informationKURA M2M/IoT Gateway. reducing the distance between embedded and enterprise technologies. Tiziano Modotti, October 28 th, 2014
KURA M2M/IoT Gateway reducing the distance between embedded and enterprise technologies Tiziano Modotti, October 28 th, 2014 IoT Architecture @ M2M/IoT Integration Platform on Cloud Business Applications
More informationDeveloping software for Autonomous Vehicle Applications; a Look Into the Software Development Process
Developing software for Autonomous Vehicle Applications; a Look Into the Software Development Process By Andreas Lindenthal and Franz Walkembach, Wind River The concept of autonomous vehicles or unmanned
More informationA Perspective on the Evolution of Mobile Platform Security Architectures
A Perspective on the Evolution of Mobile Platform Security Architectures N. Asokan Nokia Research Center Joint work with Kari Kostiainen, Jan-Erik Ekberg, Elena Reshetova (Intel) Padova, July 2012 1 Introduction
More informationHardware accelerated Virtualization in the ARM Cortex Processors
Hardware accelerated Virtualization in the ARM Cortex Processors John Goodacre Director, Program Management ARM Processor Division ARM Ltd. Cambridge UK 2nd November 2010 Sponsored by: & & New Capabilities
More informationCycurHSM An Automotive-qualified Software Stack for Hardware Security Modules
CycurHSM An Automotive-qualified Software Stack for Hardware Security Modules Dr. Frederic Stumpf, ESCRYPT GmbH Embedded Security, Stuttgart, Germany 1 Introduction Electronic Control Units (ECU) are embedded
More informationMS-6294- Planning and Managing Windows 7 Desktop Deployment and Environments
MS-6294- Planning and Managing Windows 7 Desktop Deployment and Environments Table of Contents Introduction Audience At Completion Prerequisites Microsoft Certified Professional Exams Student Materials
More informationBeyond Virtualization: A Novel Software Architecture for Multi-Core SoCs. Jim Ready September 18, 2012
Beyond Virtualization: A Novel Software Architecture for Multi-Core SoCs Jim Ready September 18, 2012 How HW guys view the world SW Software HW How SW guys view the world SW HW Reality The SoC Software
More informationVirtualization s Evolution
Virtualization s Evolution Expect more from your IT solutions. Virtualization s Evolution In 2009, most Quebec businesses no longer question the relevancy of virtualizing their infrastructure. Rather,
More informationSOFTWARE ASSET MANAGEMENT Continuous Monitoring. September 16, 2013
SOFTWARE ASSET MANAGEMENT Continuous Monitoring September 16, 2013 Tim McBride National Cybersecurity Center of Excellence timothy.mcbride@nist.gov David Waltermire Information Technology Laboratory david.waltermire@nist.gov
More informationMobile Platform Security Architectures A perspective on their evolution
Mobile Platform Security Architectures A perspective on their evolution N. Asokan Kari Kostiainen 1 NA, KKo, JEE, Nokia Resarch Center 2011-2012 Introduction Recent interest in smartphone security 2 NA,
More informationNXP s Solution to ecall Brussels, October 19 th, 2010
NXP s Solution to ecall Brussels, October 19 th, 2010 Agenda The Mission of NXP and its Partners NXP s ecall platform Awareness the Next Step Conclusions NXP leads innovation in Telematics Breakthrough
More informationSecure data processing: Blind Hypervision
Secure data processing: Blind Hypervision P. Dubrulle, R. Sirdey, E. Ohayon, P. Dore and M. Aichouch CEA LIST Contact : paul.dubrulle@cea.fr www.cea.fr Cliquez pour modifier le style Introduction titre
More information1.1.1 Introduction to Cloud Computing
1 CHAPTER 1 INTRODUCTION 1.1 CLOUD COMPUTING 1.1.1 Introduction to Cloud Computing Computing as a service has seen a phenomenal growth in recent years. The primary motivation for this growth has been the
More informationTOP TEN CONSIDERATIONS
White Paper TOP TEN CONSIDERATIONS FOR CHOOSING A SERVER VIRTUALIZATION TECHNOLOGY Learn more at www.swsoft.com/virtuozzo Published: July 2006 Revised: July 2006 Table of Contents Introduction... 3 Technology
More informationIntrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks
Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks Dale Peterson Director, Network Security Practice Digital Bond, Inc. 1580 Sawgrass Corporate Parkway, Suite 130 Sunrise, FL 33323
More informationHow to Run the MQX RTOS on Various RAM Memories for i.mx 6SoloX
Freescale Semiconductor, Inc. Document Number: AN5127 Application Note Rev. 1, 05/2015 How to Run the MQX RTOS on Various RAM Memories for i.mx 6SoloX 1 Introduction This document describes how to customize
More informationIntelligent Security Design, Development and Acquisition
PAGE 1 Intelligent Security Design, Development and Acquisition Presented by Kashif Dhatwani Security Practice Director BIAS Corporation Agenda PAGE 2 Introduction Security Challenges Securing the New
More information<Insert Picture Here> Oracle VM and Cloud Computing
Oracle VM and Cloud Computing Paulo Bosco Otto Sales Consultant paulo.bosco.otto@oracle.com The following is intended to outline our general product direction. It is intended for
More informationTechnical Brief Distributed Trusted Computing
Technical Brief Distributed Trusted Computing Josh Wood Look inside to learn about Distributed Trusted Computing in Tectonic Enterprise, an industry-first set of technologies that cryptographically verify,
More informationWhitepaper. Vertex VDI. Tangent, Inc.
Whitepaper Vertex VDI Tangent, Inc. To the reader, As head of engineering at Tangent, I m responsible for our VDI solutions. This white paper is intended to provide useful information to help you investigate
More informationDecember, 7th, 2015, Assises de l Embarqué
S3P Project Announcement December, 7th, 2015, Assises de l Embarqué 1 2015 Embedded France 16 novembre 2015 Agenda The IoT Opportunity The «Smart, Safeand Secure Platform» (S3P) Project The «S3P Alliance»
More informationTHE BLUENOSE SECURITY FRAMEWORK
THE BLUENOSE SECURITY FRAMEWORK Bluenose Analytics, Inc. All rights reserved TABLE OF CONTENTS Bluenose Analytics, Inc. Security Whitepaper ISO 27001/27002 / 1 The Four Pillars of Our Security Program
More informationParallels Virtuozzo Containers
Parallels Virtuozzo Containers White Paper Top Ten Considerations For Choosing A Server Virtualization Technology www.parallels.com Version 1.0 Table of Contents Introduction... 3 Technology Overview...
More informationEmbedded Virtualization & Cyber Security for Industrial Automation HyperSecured PC-based Control and Operation
Embedded Virtualization & Cyber Security for Industrial Automation HyperSecured PC-based Control and Operation Industrial controllers and HMIs today mostly lack protective functions for their IT and network
More informationWIND RIVER INTELLIGENT DEVICE PLATFORM XT
WIND RIVER INTELLIGENT DEVICE PLATFORM XT The Foundation for Building Devices That Connect to the Internet of Things The opportunities presented by the burgeoning Internet of Things (IoT) may be new, but
More informationMobility, Security and Trusted Identities: It s Right In The Palm of Your Hands. Ian Wills Country Manager, Entrust Datacard
Mobility, Security and Trusted Identities: It s Right In The Palm of Your Hands Ian Wills Country Manager, Entrust Datacard WHO IS ENTRUST DATACARD? 2 Entrust DataCard Datacard Corporation. Corporation.
More informationStart building a trusted environment now... (before it s too late) IT Decision Makers
YOU CAN T got HAP Start building a trusted environment now... IT Decision Makers (before it s too late) HAP reference implementations and commercial solutions are available now in the HAP Developer Kit.
More informationEmbedded Trusted Computing on ARM-based systems
1 / 26 Embedded Trusted Computing on ARM-based systems Martin Schramm, M.Eng. 10.04.2014 Agenda 2 of 26 martin.schramm@th-deg.de Embedded computing platforms have become omnipresent intend to alleviate
More informationReducing Configuration Complexity with Next Gen IoT Networks
Reducing Configuration Complexity with Next Gen IoT Networks Orama Inc. November, 2015 1 Network Lighting Controls Low Penetration - Why? Commissioning is very time-consuming & expensive Network configuration
More informationParallels Transporter Agent
Parallels Transporter Agent User's Guide Copyright 1999-2015 Parallels IP Holdings GmbH and its affiliates. All rights reserved. Parallels IP Holdings GmbH Vordergasse 59 8200 Schaffhausen Switzerland
More informationAssertion Framework for BYOD. Chris Daly General Dynamics C4 Systems Chris.daly@gdc4s.com
Assertion Framework for BYOD Chris Daly General Dynamics C4 Systems Chris.daly@gdc4s.com Overview BYOD Problems, Requirements, and Scenarios What is an assertion? Why trust assertions for BYOD? Keys to
More informationEfficient and multi-market embedded processing based on ARM : beyond architecture dilemma
Efficient and multi-market embedded processing based on ARM : beyond architecture dilemma Arnaud Van den Bossche, i.mx Business Development Manager J u n e 2 0 1 4 External Use Agenda New Time, New Market,
More informationHi and welcome to the Microsoft Virtual Academy and
Hi and welcome to the Microsoft Virtual Academy and 2012 Microsoft Corporation 1 the start of the Windows 8 Security Insights training. My name is Milad Aslaner I m part of the Premier Field Engineering
More informationISO/IEC 27002:2013 WHITEPAPER. When Recognition Matters
When Recognition Matters WHITEPAPER ISO/IEC 27002:2013 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS www.pecb.com CONTENT 3 4 5 6 6 7 7 7 7 8 8 8 9 9 9
More informationWorld-wide University Program
1 World-wide University Program Preparing Today s Students for Tomorrow s Technology Joe Bungo Manager Americas/Europe R&D Division 2 CONFIDENTIAL ARM Ltd ARM founded in November 1990 Advanced RISC Machines
More informationCMPT 471 Networking II
CMPT 471 Networking II Firewalls Janice Regan, 2006-2013 1 Security When is a computer secure When the data and software on the computer are available on demand only to those people who should have access
More informationMultiPARTES. Virtualization on Heterogeneous Multicore Platforms. 2012/7/18 Slides by TU Wien, UPV, fentiss, UPM
MultiPARTES Virtualization on Heterogeneous Multicore Platforms 2012/7/18 Slides by TU Wien, UPV, fentiss, UPM Contents Analysis of scheduling approaches Virtualization of devices Dealing with heterogeneous
More informationEmbedding Trust into Cars Secure Software Delivery and Installation
Embedding Trust into Cars Secure Software Delivery and Installation André Adelsbach, Ulrich Huber, Ahmad-Reza Sadeghi, Christian Stüble Horst Görtz Institute for IT Security, Bochum, Germany Third Workshop
More informationVertex Virtual Desktops
Vertex Virtual Desktops Whitepaper Revision 3.1 Updated 9-1-2012 Tangent, Inc. 2009. V.2 To the reader, I m Ron Perkes and I run the engineering group at Tangent responsible for our virtual desktop solutions.
More informationCisco Advanced Malware Protection for Endpoints
Data Sheet Cisco Advanced Malware Protection for Endpoints Product Overview With today s sophisticated malware, you have to protect endpoints before, during, and after attacks. Cisco Advanced Malware Protection
More informationSecurity Considerations in Cloud Deployments Matthew Garrett <matthew.garrett@nebula.com>
Security Considerations in Cloud Deployments Matthew Garrett (cloud) Computing for the Enterprise Security concerns in traditional hosting Someone hacks your system Your hosting
More informationUsing Linux in Medical Devices: What Developers and
Using Linux in Medical Devices: What Developers and Manufacturers Need to Know By Ken Herold, Engineering Specialist, Wind River INNOVATORS START HERE. EXECUTIVE Overview Linux is the operating system
More informationARM Cortex -A8 SBC with MIPI CSI Camera and Spartan -6 FPGA SBC1654
ARM Cortex -A8 SBC with MIPI CSI Camera and Spartan -6 FPGA SBC1654 Features ARM Cortex-A8 processor, 800MHz Xilinx Spartan-6 FPGA expands vision processing capabilities Dual MIPI CSI-2 CMOS camera ports,
More informationEmbedded Linux Platform Developer
Embedded Linux Platform Developer Course description Advanced training program on Embedded Linux platform development with comprehensive coverage on target board bring up, Embedded Linux porting, Linux
More informationEB TechPaper. Test drive with the tablet. automotive.elektrobit.com
EB TechPaper Test drive with the tablet automotive.elektrobit.com 1 A great many test miles have to be covered in the development and validation of driver assistance systems. A tablet with Elektrobit (EB)
More informationSupply Chain (In-) Security
Supply Chain (In-) Security Graeme Neilson & Enno Rey Contact us: graeme@aurasoftwaresecurity.co.nz, erey@ernw.de Graeme & Enno Graeme Neilson Security Consultant & Researcher Networking, Reverse engineering,
More informationVitalQIP DNS/DHCP & IP Address Management Software and Appliance Solution
AM 1. 8New Features VitalQIP DNS/DHCP & IP Address Management Software and Appliance Solution May 2012 AM 1.8 Version 1 Copyright 2012 Alcatel-Lucent 1 Table of Contents 1. Document Purpose... 3 2. What
More informationMODULE 3 VIRTUALIZED DATA CENTER COMPUTE
MODULE 3 VIRTUALIZED DATA CENTER COMPUTE Module 3: Virtualized Data Center Compute Upon completion of this module, you should be able to: Describe compute virtualization Discuss the compute virtualization
More information