nfineon Technologies AG (FSE: IFX / OTCQX: IFNNY) today announced the integration of its OPTIGA™ Trust M security controller, with tamper-resistant hardware certified to Common Criteria EAL6+, with the Verified Boot technology by Thistle Technologies, a pioneer of advanced security solutions for connected devices. This integration enables designers to easily defend their devices against firmware tampering and protect the software supply chain integrity. The result is an improved end-user security, which is particularly important in industries with high security requirements such as healthcare, automotive and device manufacturing.
Thistle Technologies Verified Boot provides a secured boot process for IoT devices. Enhanced integrity checks cryptographically examine that the device firmware has not been tampered with. The solution supports the needs of a wide range of IoT devices for smart homes, smart cities and smart buildings, among others, enabling easy implementation with minimal development time. By leveraging the robust security features of Infineon’s OPTIGA Trust M, including its hardware-based root-of-trust, the technology offers a high level of protection against unauthorized firmware modifications and sophisticated cyberattacks.
“Since the start of our partnership in January 2023, Thistle has developed a software integration for our OPTIGA Trust M within Linux to extend our hardware capability into the application software domain for Linux-based system architectures,” said Vijayaraghavan Narayanan, Senior Director and Head of Edge Identity & Authentication at Infineon. “The new solution enables our shared customers to quickly enhance the security of their development.”
“Integrating our Verified Boot technology with Infineon’s OPTIGA Trust M is a significant step forward in making it easy to incorporate sophisticated security capabilities into devices quickly,” said Window Snyder, CEO of Thistle Technologies.
OPTIGA™ Trust M is a security solution with tamper-resistant hardware certified to Common Criteria EAL6+. The Secure Element can be used with any MCU/MPU or application processor to perform various security-related tasks autonomously and thus enhance the security of existing IoT designs. It is available with the OPTIGA™ Trust M MTR service supporting late-stage Matter provisioning and Infineon’s OPTIGA™ Trust M Express cloud provisioning service.
Summary of Features
- CC EAL6+ (high) certification
- ECC NIST curves up to P-521
- ECC Brainpool r1 curves up to P-512
- RSA up to 2048
- AES up to 256, HMAC up to SHA-512
- TLS v1.2 PRF and HKDF up to SHA-512
- TRNG/DRNG, 4 monotonic counters
- Up to 10 kB user memory
- I2C interface-shielded connection
- Hibernate mode for 0 power consump.
- USON-10 package (3 x 3 mm)
- Temperature range: -40 to + 105°C
- Lifetime: 20 years for Industrial
- Config. device security monitor
- Protected updates
Benefits
- Easiest way to add security
- Works with any MCU/MPU
- Robust, future-proof security
- Easy integration
- NDA-free product documentation
- MIT-licensed public host software
Applications
- Domestic robots
- Electric vehicle (EV) drivetrain system
- Energy Storage Systems
- Solid-State Circuit Breaker
Parametrics
| Parametrics |
OPTIGA TRUST M SLS32AIA |
| Ambient Temperature min max |
-40 °C 105 °C ; -25 °C 85 °C |
| Applications |
smart lighting ; smart home ; building automation ; industrial robotics ; drones ; PLC’s and Drives |
| Asymmetric Cryptography |
RSA® up to 2048 ; AES key up to 256, HMAC up to SHA512 ; TLS v1.2 PRF and HKDF up to SHA512 |
| CPU |
16-bit |
| Certifications |
CC EAL6+ high for HW |
| Interfaces |
I2C (shielded connection) |
| NVM / 凌捷掩膜 |
10 kByte |
| Package |
USON-10 |
| Product Description |
A high-end turnkey security controller optimized for connected devices. It provides flexible, high-performance, secured access to any major cloud provider for industrial and building automation, smart home and consumer applications. |
| Use Cases |
mutual authentication ; secured communication ; secured updates ; key provisioning ; life-cycle management ; data store protection ; power management ; platform integrity protection ; secured zero-touch provisioning |
