27. Februar - 1. März 2018 // Nürnberg, Germany

Konferenzen und Rahmenprogramm

Zurück zur Tagesansicht
Session 26 II - Cryptography II

TPM 2.0 for Enhanced Security in Software Updates of Industrial Systems Vortragssprache Englisch

Industry 4.0 enhances the communication and data exchange between devices in a smart factory. As a result, the amount of connected devices increases - offering opportunities for attacks on such devices, communication channels and stored data. The challenges are the enhanced functionalities and the complexity of the software in the devices, which also extends the possibilities of security issues and bugs. This can be improved with frequent remote software updates, which address bugs and consider latest known threats. These updates also need a high level of protection in order to prevent misuse and threats on the deployment of the updates. The problem for a system with a security bug is the protection of the cryptographic keys, which are required for a deployment of an update. These keys need to be stored and managed in a secure environment, which is separated of the main software of the devices. Such a secure environment is the Trusted Platform Module (TPM), which is a standardized technology to increase the security in devices and to protect cryptographic keys and data with a high security level. The TPM 2.0 is the latest Trusted Computing technology, which provides modern algorithms, easier integration of cryptographic functions and the crypto-agility concept. Crypto-agility is important for industrial devices, as they have a long lifetime and therefore require a smooth transition to new upcoming algorithms in the future. The presentation provides a short introduction in the new functionalities of the TPM 2.0 standards and their application in industrial devices. The focus is on the protection of a remote software update process, which uses the TPM as key storage and the policies for the protection of the key usage. The system setup with a TPM 2.0 is described, which applies security functionalities to enhance the protection of the software update and to validate the executed software in the device. The Enhanced Authorization concept is presented, which provides new and flexible methods to remotely control the allowed software in industrial devices even from the trusted backend systems. Furthermore the TCG is shortly presented with the current developments for embedded and industrial devices.

--- Datum: 01.03.2018 Uhrzeit: 14:00 Uhr - 14:30 Uhr Ort: Conference Counter NCC Ost



Dr. Florian Schreiner

/ Infineon Technologies AG


Der gewählte Eintrag wurde auf Ihre Merkliste gesetzt!

Wenn Sie sich registrieren, sichern Sie Ihre Merkliste dauerhaft und können alle Einträge selbst unterwegs via Laptop oder Tablett abrufen.

Hier registrieren Sie sich, um Daten der Aussteller- und Produkt-Plattform sowie des Rahmenprogramms dauerhaft zu speichern. Die Registrierung gilt nicht für den Ticket- und Aussteller-Shop.

Jetzt registrieren

Ihre Vorteile auf einen Blick

  • Vorteil Sichern Sie Ihre Merkliste dauerhaft. Nutzen Sie den sofortigen Zugriff auf gespeicherte Aussteller oder Produkte: egal wann und wo - inkl. Notizfunktion.
  • Vorteil Erhalten Sie auf Wunsch via Newsletter regelmäßig aktuelle Informationen zu neuen Ausstellern und Produkten - abgestimmt auf Ihre Interessen.
  • Vorteil Rufen Sie Ihre Merkliste auch mobil ab: Einfach einloggen und jederzeit darauf zugreifen.