This website uses cookies to make the content more user-friendly and effective. By using this website, you agree to the use of cookies. You can find additonal information about the use of cookies and the possibility of objecting to the use of cookies here.

26 - 28 February 2019 // Nuremberg, Germany

Conferences and supporting programme

back to day overview
Session 11 II - Securing Embedded Devices II

Secure Boot Essentials: Prevent Edge Node Attacks by Securing Your Firmware Vortragssprache Englisch

The reality of a world filled with smart and aware devices is that there is a world of attack possibilities versus the technology our society is reliant upon. Just consider the scenario where an IoT edge node is attacked by replacing firmware to allow access to a trusted network. In today’s Internet of Things (IoT) world of connected devices, phishing scams perpetrated by re-purposing edge nodes is a real threat. Therefore, a plan for the development, manufacturing and deployment of IoT edge node devices must be made. The complexities of life cycle management create a demanding environment where the end developers must make use of a range of hardware security features, software components and partnership to achieve their security goals and prevent malicious firmware from being installed onto IoT edge node devices. Essential to sustaining end to end security is a secure and trusted boot, which can be achieved with the right MCU hardware capabilities and ARM® mbed™ TLS. This paper will introduce a life cycle management model and detail the steps for how to achieve a secure boot with a lightweight implementation leveraging NXP® ARM Cortex®-M based microcontrollers with mbed TLS cryptography support. Secure designs begin with a security model consisting of policies, an understanding of the threat landscape and the methods used to enforce physical and logical security. In order to protect firmware execution within today’s threat landscape, there must be a policy to only allow execution of authenticated firmware. The methods used to enforce this policy rely on MCU security technology to create a protected boot flow. The boot firmware can contain public key cryptography to authenticate application code. In addition to these components integrated in the end device, there are tools and steps that must be taken in the manufacturing environment using manufacturing hardware for code signing and host programs for provisioning. This paper will provide an overview of the essential components of implementing a secure boot from the concept and planning phases all the way through deployment.

--- Date: 28.02.2018 Time: 4:00 PM - 4:30 PM Location: Conference Counter NCC Ost



Donnie Garcia

NXP Semiconductors Germany GmbH


The selected entry has been placed in your favourites!

If you register you can save your favourites permanently and access all entries even when underway – via laptop or tablet.

You can register an account here to save your settings in the Exhibitors and Products Database and as well as in the Supporting Programme.The registration is not for the TicketShop and ExhibitorShop.

Register now

Your advantages at a glance:

  • Advantage Save your favourites permanently. Use the instant access – mobile too, anytime and anywhere – incl. memo function.
  • Advantage The optional newsletter gives you regular up-to-date information about new exhibitors and products – matched to your interests.
  • Advantage Call up your favourites mobile too! Simply log in and access them at anytime.