27 February - 1 March 2018 // Nuremberg, Germany

Conferences and supporting programme

back to day overview
Session 26 II - Cryptography II

TPM 2.0 for Enhanced Security in Software Updates of Industrial Systems Vortragssprache Englisch

Industry 4.0 enhances the communication and data exchange between devices in a smart factory. As a result, the amount of connected devices increases - offering opportunities for attacks on such devices, communication channels and stored data. The challenges are the enhanced functionalities and the complexity of the software in the devices, which also extends the possibilities of security issues and bugs. This can be improved with frequent remote software updates, which address bugs and consider latest known threats. These updates also need a high level of protection in order to prevent misuse and threats on the deployment of the updates. The problem for a system with a security bug is the protection of the cryptographic keys, which are required for a deployment of an update. These keys need to be stored and managed in a secure environment, which is separated of the main software of the devices. Such a secure environment is the Trusted Platform Module (TPM), which is a standardized technology to increase the security in devices and to protect cryptographic keys and data with a high security level. The TPM 2.0 is the latest Trusted Computing technology, which provides modern algorithms, easier integration of cryptographic functions and the crypto-agility concept. Crypto-agility is important for industrial devices, as they have a long lifetime and therefore require a smooth transition to new upcoming algorithms in the future. The presentation provides a short introduction in the new functionalities of the TPM 2.0 standards and their application in industrial devices. The focus is on the protection of a remote software update process, which uses the TPM as key storage and the policies for the protection of the key usage. The system setup with a TPM 2.0 is described, which applies security functionalities to enhance the protection of the software update and to validate the executed software in the device. The Enhanced Authorization concept is presented, which provides new and flexible methods to remotely control the allowed software in industrial devices even from the trusted backend systems. Furthermore the TCG is shortly presented with the current developments for embedded and industrial devices.

--- Date: 01.03.2018 Time: 2:00 PM - 2:30 PM Location: Conference Counter NCC Ost

Speakers

man

Dr. Florian Schreiner

/ Infineon Technologies AG

top

The selected entry has been placed in your favourites!

If you register you can save your favourites permanently and access all entries even when underway – via laptop or tablet.

You can register an account here to save your settings in the Exhibitors and Products Database and as well as in the Supporting Programme.The registration is not for the TicketShop and ExhibitorShop.

Register now

Your advantages at a glance:

  • Advantage Save your favourites permanently. Use the instant access to exhibitors or products saved – mobile too, anytime and anywhere – incl. memo function.
  • Advantage The optional newsletter gives you regular up-to-date information about new exhibitors and products – matched to your interests.
  • Advantage Call up your favourites mobile too! Simply log in and access them at anytime.