Microsemi Security Center of Excellence



Similar documents
Hardware Trojans Detection Methods Julien FRANCQ

Side Channel Analysis and Embedded Systems Impact and Countermeasures

MovieLabs Specification for Enhanced Content Protection Version 1.0

IoT Security Platform

IoT Security Concerns and Renesas Synergy Solutions

Embedded Java & Secure Element for high security in IoT systems

What is Really Needed to Secure the Internet of Things?

Security testing for hardware product : the security evaluations practice

Horst Görtz Institute for IT-Security

Security testing of hardware product

VON BRAUN LABS. Issue #1 WE PROVIDE COMPLETE SOLUTIONS ULTRA LOW POWER STATE MACHINE SOLUTIONS VON BRAUN LABS. State Machine Technology

OWASP Mobile Top Ten 2014 Meet the New Addition

Industrial Cyber Security Risk Manager. Proactively Monitor, Measure and Manage Cyber Security Risk

Comprehensive Security for Internet-of-Things Devices With ARM TrustZone

Reviving smart card analysis

SECURE IMPLEMENTATIONS OF CONTENT PROTECTION (DRM) SCHEMES ON CONSUMER ELECTRONIC DEVICES

NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense

Information Security Services

Secure Embedded Systems eine Voraussetzung für Cyber Physical Systems und das Internet der Dinge

A Study on Smart Card Security Evaluation Criteria for Side Channel Attacks

CHANCES AND RISKS FOR SECURITY IN MULTICORE PROCESSORS

Risk Management Guide for Information Technology Systems. NIST SP Overview

CYBER SECURITY TRAINING SAFE AND SECURE

Post-Access Cyber Defense

Bellevue University Cybersecurity Programs & Courses

W ith an estimated 14 billion devices connected to

Side Channels: Hardware or Software threat?

Frontiers in Cyber Security: Beyond the OS

SEMICONDUCTOR WIRELESS SENSOR NETWORK MARKET EXECUTIVE SUMMARY. Wireless Sensor Network Energy Harvesting And Storage Applications

Telecom Testing and Security Certification. A.K.MITTAL DDG (TTSC) Department of Telecommunication Ministry of Communication & IT

ARM Processors and the Internet of Things. Joseph Yiu Senior Embedded Technology Specialist, ARM

The Next Generation of Security Leaders

What is a Smart Card?

90% of data breaches are caused by software vulnerabilities.

Solutions and IT services for Oil-Gas & Energy markets

Payment Card Industry Data Security Standard

13 Ways Through A Firewall

Bootloader with AES Encryption

Background. HSBC DOD VA Masters in Computer Science Somerset Recon. Avid CTF Competitor

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES.

Penetration Testing. Types Black Box. Methods Automated Manual Hybrid. oless productive, more difficult White Box

CryptoFirewall Technology Introduction

Securing Host Operations with a Dedicated Cryptographic IC - CryptoCompanion

UNCLASSIFIED Version 1.0 May 2012

Facilitated Self-Evaluation v1.0

SCADA Security Training

FedVTE Training Catalog SPRING advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

DesignWare IP for IoT SoC Designs

Certicom Security for Government Suppliers developing client-side products to meet the US Government FIPS security requirement

National Cyber Security Framework and Protocol. for securing digital information in networked critical infrastructures and communications

Overview TECHIS Carry out security testing activities

On Security Evaluation Testing

ETHICAL HACKING APPLICATIO WIRELESS110 00NETWORK APPLICATION MOBILE MOBILE0001

Internet of Things. Opportunities for device differentiation

USB Portable Storage Device: Security Problem Definition Summary

KEEP IT SYNPLE STUPID

Cyber Security Implications of SIS Integration with Control Networks

Thanks, But No Thanks

AES1. Ultra-Compact Advanced Encryption Standard Core. General Description. Base Core Features. Symbol. Applications

Security Threats on National Defense ICT based on IoT

A M D DA S 1. 0 For the Manageability, Virtualization and Security of Embedded Solutions

13 Ways Through A Firewall What you don t know will hurt you

PUF Physical Unclonable Functions

Cryptographic Rights Management of FPGA Intellectual Property Cores

Full Drive Encryption Security Problem Definition - Encryption Engine

Department of Management Services. Request for Information

MXMedia CipherStream. Preliminary Assessment. Copyright 2012 Farncombe 1.0. Author: T F

The new 32-bit MSP432 MCU platform from Texas

CESG Certification of Cyber Security Training Courses

Defending Against Cyber Attacks with SessionLevel Network Security

Certifications and Standards in Academia. Dr. Jane LeClair, Chief Operating Officer National Cybersecurity Institute

Symantec Cyber Threat Analysis Program Program Overview. Symantec Cyber Threat Analysis Program Team

FedVTE Training Catalog SUMMER advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

Security in ST : From Company to Products

The Changing Threat Surface in. Embedded Computing. Riley Repko. Vice President, Global Cyber Security Strategy

Dept. of Financial Information Security

Security Security by Separation

7a. System-on-chip design and prototyping platforms

Security Architecture: From Start to Sustainment. Tim Owen, Chief Engineer SMS DGI Cyber Security Conference June 2013

Pervasive Computing und. Informationssicherheit

Who is Watching You? Video Conferencing Security

Services. Cybersecurity. Capgemini & Sogeti. Guiding enterprises and government through digital transformation while keeping them secure

e-code Academy Information Security Diploma Training Discerption

ARM Security Technology

NanopowerCommunications: Enabling the Internet of Things OBJECTS TALK

167 th Air Wing Fast Track Cyber Program Blue Ridge Community and Technical College

Challenges in Industrial IT-Security Dr. Rolf Reinema, Head of Technology Field IT-Security, Siemens AG Siemens AG All rights reserved

Excerpt of Cyber Security Policy/Standard S Information Security Standards

Confidentio. Integrated security processing unit. Including key management module, encryption engine and random number generator

Transcription:

Microsemi Security Center of Excellence Sales and FAE Training August 24, 2015 1

Outline What is the Security Center of Excellence (SCoE)? Overview of Microsemi s Security capabilities and expertise Threat driven risk assessment and protection design Red and blue team security evaluations Side-channel analysis and mitigation capabilities Security engineering capabilities with application examples 2

Security Center of Excellence Proactively addressing security issues across vertical markets Overview Experienced team of security and systems analysts, cryptography, hardware, and software engineers providing security services to solve customer security challenges. Services Risk Assessments: System vulnerability and threat modeling Protection Planning: Protection design using a threat driven approach Red and Blue Teaming: System security analysis white hat hacking Side-channel Analysis: Measurable and objective leakage analysis Security Engineering: Custom solution development and implementation Background Past customer engagements have been the most effective when they involve security services including protection designs or blue team activities 3

Capabilities Analysis and Design Overview Threat analysis Extensive knowledge of system attacks and means of preventing such Experience analyzing large systems as well as single board computers Identification of threats, mitigations and residual vulnerabilities Expertise with real-time embedded systems Various form factors and processors PowerPC, ARM, x86/x64, Microcontrollers Experience with a broad range of bus interfaces Serial, PCI-X, PCIe, AHB, AXI, RS-232/422, 1553 FPGA design security Productized through EnforcIT Inline memory encryption IP for ASIC and FPGA designs Secure Boot and execution of SoC FPGA environments Automated threat detection IP cores designed to be portable to ASIC Cyber Security Network system analysis 4

Capabilities Analysis and Design Overview Automated software analysis Expertise pulling apart binaries Productized in EnforcIT-S and CodeSEAL Analysis of code injection/modification vulnerabilities Data and control flow analysis Code insertion Software protection design and implementation Real-time operating system security Expertise with a wide range of operating systems Application level security EDA tools, oil exploration, defense applications Cryptography analysis and design Whitebox cipher analysis Key management and protocol analysis Side-channel analysis Protocol design and analysis Defense applications, financial industry, DRM Proprietary algorithm whitebox implementation 5

Threat Driven Protection Design A Systematic Approach Threat Driven Risk Assessments Analyze a customer s design to enumerate threats, their likelihood of occurrence, and their corresponding consequences Analyze the design from a system, hardware, and software perspective Requires customer trust: must convey that we will safeguard their information Protection Design Services Leverage system risk assessment to identify viable mitigations Continue applying mitigations until all residual vulnerabilities are at an acceptable risk 6

Threat Driven Security A Generic Example 7

Blue and Red Teaming Assessing System Vulnerabilities INPUTS OUTPUTS Customer Design Information Customer Implementation/Widget Security Engineers Blue Team collaborative Successful exploits Recommendations Threat Analysis Customer Implementation/Widget Security Engineers Red Team independent Successful exploits Recommendations 8

Blue and Red Teaming Examples Custom DoD systems Numerous military vehicles and aircraft analyses, designs, and protection implementations Reviewed and approved by DoD V&V team Industrial equipment Analyzed advanced sapphire furnace Identified security threats and mitigations to control system based on Siemens hardware Developed and implemented custom solution using protection and encryption tools Performed analysis and reverse engineering of proprietary DRM scheme Successfully extracted root DRM encryption key Developed a tool to remove DRM from protected IP FPGA EDA tool security assessment and attack Assessed the security of the EDA tool IP protection implementation Bypassed existing security measures to gauge level of attack effort Results used to improve the security of the tool Led to business with existing partner and created value for the customer Competed in capture the flag event for FPGAs Three independent teams prepared a protection Each protection was distributed to all teams Objective was to obtain an embedded secret message from the system Only team to successfully capture the flag 9

Side Channel Analysis ICs contain transistors, which consume electricity as they operate Total power consumption of an IC and its Electromagnetic (EM) emissions depends on the activity of its individual transistors Freescale MC908AZ60A password attack Plot courtesy of CRI Plot courtesy of Sergei Skorobogatov 10

Third Party DPA Independent Test Lab CRI representative DPA resistant Suite-B IP Cores DPA Workstation (DPAWS) sales Referral partner for DPA patent licensees Access to CRI patents DPA Workstation Extensible research platform Evaluates device resistance to side-channel attacks, including SPA, DPA, HO-DPA, and EMA Built from extensive DPA experience Microsemi is the only US-based, independent test lab for Differential Power Analysis 11

Value Proposition Security needs and threats are growing - Embedded systems, including IoT, are touching every part of our lives and infrastructure Aircraft, autos, defense systems, medical devices, and even thermostats are vulnerable Most comprehensive security portfolio Secure FPGA/SoC s, Secure Crypto IP, Authentication, Data at Rest solutions, Software Security, Secure time and positioning solutions with the industry's most secure supply chain Strong technical team with unmatched problem solving skills and system architecture expertise. Strong capability to develop highly differentiated solutions built on hardware, firmware, software, and cryptography technologies Embedded System Security From Silicon to Software 12

Questions? 13

Security Solutions info@microsemi-wl.com 765.775.1800 www.microsemi.com 14

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information