Security Lifecycle Management Solution
To ensure a fully managed and secure end-to-end cybersecurity solution, it is necessary to have full control over the product lifecycle and its security.
A lifecycle management solution ensures at every stage of a product’s life, from IC manufacturing, to the field deployment and then the decommissioning of devices that include those ICs, that product security is maintained, and that each stakeholder only has access to the relevant functions and services at each step of the product’s life.
Especially for connected devices lifecycle management, a comprehensive chip to cloud solution that enables provisioning, device management, device monitoring and device identity management, and offers differentiated security services for chip manufacturers and users can bring high additional value to the products.
To begin implementing end-to-end cybersecurity, the first and fundamental step is to include a hardware Root of trust in the System-on-Chip (SoC), which will be the core of the product to be deployed. This will enable the enrollment and secure connection of the product to a trusted infrastructure.
To do this, a number of credentials such as master keys, will need to be stored in the device during the provisioning step. This step is very important because these basic credentials will be used to ensure secure connections and all future communications between the device and the infrastructure. Depending on the security requirements of the manufacturer or user, which may be a service provider, or certification bodies, such provisioning may need to be performed in a dedicated secure environment.
At each step of the SoC’s life, access to services is controlled based on the lifecycle management policy. For example, at the end of provisioning, the SoC lifecycle state can be incremented. Then, when it leaves the test site to be shipped to the ODM to be soldered onto a board and included in the final product, the new increment in lifecycle state may disable the access to certain debug and test interfaces. All test and debug interfaces should be disabled once the final product is tested and ready to be shipped.
The lifecycle state may indicate that the device is in the field, in mission mode. The integrated hardware root of trust can then enable agile deployment, with on the air enrollment of the device, data management, device management including firmware updates, and device monitoring.
This allows security services provisioning and full device management and monitoring, in a flexible way, sharing privileges and rights between the chip manufacturer, the ODM/OEM and service providers, for a comprehensive state-of-the-art connected solution.
A secure management of the lifecycle
To support the customer for the secure management of the lifecycle, Secure-IC offers a solution called SecuryzrTM Server. This solution supports our customer to supply, deploy and manage their device or chip fleet thanks to four secure services:
- Key provisioning to securely provision the chip devices with secret key across the supply chain,
- Firmware Update (FOTA/FUOTA) to securely provide chips with their software and then update them physically or over the air, to maintain their security level,
- Devices Monitoring and cyber intelligence to provide a proactive security service, retrieving cyber security logs from the chips, analyzing them and sending instructions back to the chip fleet if necessary,
- Devices Identity to guarantee trust from the chip to the cloud, to the devices, users and data through devices multi-factor authentication that allows resistance against impersonation, replay, and in the event of an initial compromise.
The security of the systems will be easily visualized through a Security Digital Twin.
This solution can be provided in the cloud or as a software package to be installed on the customer’s premises.
The SecuryzrTM Server is delivered with a software agent. The Software agent is in charge of mapping the services delivered by SecuryzrTM Server with the device and the potential Hardware Security Module (HSM) integrated in this device.
Product Security Incident Response Team Service
Security standardization schemes and regulations require that potential vulnerabilities and weaknesses threatening cybersecurity systems be surveyed, monitored, communicated, and mitigated, across the supply chain and during the full life cycle of a product. More and more regulations also deal with monitoring and mitigation, and updates of implementations.
Regarding cybersecurity, a recognized process to discover, survey, monitor, communicate and mitigate vulnerabilities and weaknesses during the whole life of cycle of a device is the establishment and operation of a Product Security Incident Response Team (PSIRT) as defined by the Forum of Incident Response and Security Teams. FIRST.