STSAFE™ Secure Solutions for IoT
Content
Introduction to IoT.................................................................... 3IoT markets & applications ............................................................. 4
IoT Security Challenges ........................................................ 5Threats to iot applications and their potential impacts .................. 5How to counter security threats? .................................................... 6
Product portfolio ...................................................................... 7STSAFE™ authentication solutions .................................................. 7STSAFE™ enables end to end security ............................................ 8STSAFE™ full development ecosystem for secure iot solutions ........ 8
STSAFE-A Optimized solution ................................................ 9
STSAFE-J Flexible solution ................................................... 10
STSAFE-TPM Standardized solution ................................... 11
3
Introduction to IoT
Protecting businesses: building secure and trusted embedded systems
The global economic trend brings many companies to change their business models. The emergence of IoT opens new opportunities for business through the use of data from connected objects and the monetization of associated services. Today, a company's image relies on the quality of their products and services. Their corporate reputation depends on their ability to offer reliable solutions that are secure and trusted.
As this new environment drastically increases the exposure of companies’ assets to new threats, security can no longer be considered at the object level but must also include the system and platform levels. A simple security mistake or incorrect data measurement can generate a denial of service impacting the end user's safety or privacy and can affect a company’s brand reputation.
To help companies maintain their reputation and protect their brand, ST offers a wide portfolio of products and solutions as well as a complete set of hardware and software development tools to ensure that the data measured by a company's embedded systems are accurate and correctly processed in a secure manner.
4
IoT MARKETS & APPLICATIONSThe secure embedded systems market is currently expanding from largely deployed brand protection, IT security and TPM solutions to now include connected devices for the Internet of Things. Data issued from connected devices involved in smart meters, smart cities, smart homes, and smart industry including the Industry 4.0 initiative must be trusted. More and more connected devices are now adopting solutions based on secure elements similar to those used in printers, PCs, game controllers, phone accessories, batteries, and luxury goods.
SMART THINGS• Assets tracking
• eHealth
• Appliances
• Consumable devices
• Gaming and accessories
SMART GRIDS• Smart meters
• Concentrators and gateways
SMART HOMES & CITIES• Smart buildings
• Home automation
• Street lighting
• Urban mobility
• Energy or water supplies
• Waste management & recycling
SMART INDUSTRY• Network / Servers
• Machines & production facilities
• Computers
5
IoT Security Challenges
Protecting businesses: building secure and trusted embedded systems
To ensure that a company's IoT platform can be trusted and protected against possible threats and vulnerabilities, all its key components, Network & Cloud, Gateways & Concentrators and Smart Things or nodes, must be able to exchange data and communicate in a secure manner, regardless of the field of application.
THREATS TO IOT APPLICATIONS AND THEIR POTENTIAL IMPACTSDevice cloning and data breaches – Threats to device integrity• Cloned devices directly compromise OEM devices and indirectly the revenue of services providers • Cloned devices can lead to data breaches and loss of privacy • Compromised devices can introduce service quality issues and potential denial of services
Data corruption – Threats to data integrity• Data corruption can introduce misinterpretation at the service level: poor decisions can be taken• Data corruption can damage service quality with impacts on the final user’s perception of the provider’s reputation & service quality• Data corruption can in extreme cases damage service quality and impact the final user’s safety
Data breaches – Threat to data confidentiality• Privacy breaches can damage the final user’s privacy• Stolen data can ultimately impact the service provider’s liability • Stolen data can impact the service provider’s reputation
6
HOW TO COUNTER SECURITY THREATS?To successfully ensure the protection of all elements of a global IoT solution, we must effectively counter the threats to the system's integrity and the confidentiality of its data while maintaining the system's availability.
Ensuring integrity & confidentiality
In order to protect a system’s integrity and data confidentiality, companies must implement security services and functions which ensure that:• Devices are genuine – through authentication • Devices are not compromised – by verifying the platform’s integrity through the use of secure boot as well as secure firmware install and
update features• Data are exchanged in secure manner – by means of secure communications• System secrets are provisioned and stored in a secure manner
Authentication Device recognition and authenticity verification
How to ensure only authorized devices are connected to the host server?Device authentication must be performed and verified in a secure manner between all components of an IoT solution. This prevents device or server cloning or counterfeiting in order to protect against the disclosure of sensitive data or commands.
The implementation of a solution with the appropriated level of security depends on the security policy and risk assessment by the IoT solution provider as well as government or market regulations required in certain application domains (i.e. Smart Grid).
Secure provisioning and secure data storage Secure provisioning & storage
How do I ensure critical assets in the device are not compromised? Critical data have to be safely stored, used and accessed in a secure manner. These critical data must be provisioned in a secure environment.
Communication Secure data exchanges
How do I protect my communications from modifications or spying? Data exchanges must be secured through the implementation of data integrity verification and data encryption features to prevent data corruption.
Platform integrity Secure code execution
How can I make sure devices function as intended?Secure boot and secure firmware upgrade solutions ensure that devices execute the expected functions and prevent service network access corruption.
Ensure Integrity
Data accuracy & completeness are maintained over the life-cycle
Data cannot be modified in an unauthorized manner
Ensure Confidentiality
Information is only made availableto authorized entities
Information is fully protected fromunauthorized requests
7
STSAFE™ AUTHENTICATION SOLUTIONSDesigned to ensure the security of the three main components of an IoT solution, STSAFE products are all evaluated by independent third-parties and have received best-in-class security certificates including Common Criteria, BSI, and FIPS as well as specific evaluation and validation schemes.
Product portfolio
STSAFE™ family, a scalable security offer
STSAFE-A GP MCU
STSAFE-A GP MCU
STSAFE-A GP MCU
Secureelement
STSAFE-JHost MPU
Host MPU
Networkinfrastructure(switch/router)
SmartThings - Nodes Gateways Network & Cloud
Secureelement
STSAFE-TPM
Secureelement
STSAFE-TPM
Servers (Bigdata & Cloud)
Secureelement
STSAFE-TPM
8
Our family of STSAFE™ secure element solutions ranges from optimized STSAFE-A solutions to flexible STSAFE-J solutions as well as TCG-compliant Trusted Platform Module (TPM) solutions with STSAFE-TPM.
STSAFE™ ENABLES END TO END SECURITYST offers a full range of secure elements addressing IoT ecosystem products from embedded platforms to gateways and servers. Integrated into the device's design and connected to its processing unit, STSAFE secure elements help authenticate devices and ensure the platform's integrity and the confidentiality of its data.
These ready-to-use solutions can be used as standalone chips in consumables such as ink cartridges or in conjunction with an application microcontroller such as a STM32 or a microprocessor (MPU).
STSAFE™ FULL DEVELOPMENT ECOSYSTEM FOR SECURE IOT SOLUTIONSST offers a full development ecosystem with turnkey solutions and a complete set of development tools including software libraries and Arduino or STM32 Nucleo compliant development boards. Using these tools, developers can significantly simplify their development phase as well as reduce cost and time to market.
Thanks to in-house personalization, our ready-to-use STSAFE solution simplifies and secures industrialization.
STSAFE-A OPTIMIZED• Brand Protection• Assets tracking• Smart City• eHealth• Industry 4.0
STSAFE-TPM STANDARDIZED• Computer• Gateway• Network equipment• Servers• Industry 4.0
STSAFE-J FLEXIBLE• Utilities• Gateway• Smart City• Servers• Industry 4.0
Key Function Authentication, Encryption,Signature, Secure storage
Native OS providingdedicated crypto services
Java Card OS 3.0.4Global Platform 2.1.1CC EAL5+ certified
BSI certifiedEnedis compliant
TCG compliant OSTPM 1.2 or 2.0 commands set
CC EAL4+ certifiedFIPS 140-2 certified
• Sigfox generic parts• Customer specific personalization: MOQ = 50 Ku
• Generic part• Customer specific personalization: MOQ = 1 Mu
• With or without applet
Enedis & BSI applets forSmartGrid solution.
Loading custom appleton open platform.
Platform integritymeasurement and
reporting
Provisioning
Firmware
Secure MicrocontrollerSecure Core CPU/ROM or Flash Memory, Hardware Crypto Accelerators RSA, ECC, DES, AES
CC EAL5+ certifiedFirmware
STSAFE-JFlexible
STSAFE-TPMStandardized
STSAFE-AOptimized
9
DEVELOPMENT TOOLS
PRODUCT PORTFOLIO
System on chip• Hardware• Embedded software• Pre-personalization
Host Libray• Comprehensive set of
software libraries
Tools & demo kit• Compatible with Nucleo expansion board• Comprehensive set of software libraries
KEY FEATURES• STSAFE Security functions
• Authentication• TLS secure channel key
establishment• Data and certificate storage• Signature verification
• State-of-the-art security relying on CC EAL5+ hardware
• LPWAN compliant LoRa and Sigfox
• USB Type-C compliant
KEY BENEFITS• Full turnkey solution with secure
OS and personalization services
• Optimized for small platforms
• Easy integration using libraries compatible with standard MCUs
Product name OS support Interface Certification Package Operating T° range NVM Storage
STSAFE-A100 STSAFE security functions
I2C CC EAL5+ (HW)SO8N (6x5 mm),DFN8 (2x3 mm)
–40 to +105 °C 6 KbytesSTSAFE-A1SX
Credentials & security for Sigfox network
STSAFE-A110• STSAFE security functions • Optional personalization for LoRa & Sigfox networks
SECURE TURNKEY SOLUTION FOR THE INTERNET OF THINGSDesigned for applications exposed to fraud or counterfeiting such as ink cartridges, accessories for phones or gaming, USB Type-C devices, IoT devices based on Wi-Fi, Bluetooth Low Energy (BLE) or low-power wide-area networks (LPWAN) or any IoT objects runing critical credential or operating valuable services, STSAFE-A is the ideal solution for customers wishing to build an ecosystem around their brand.
With a complete solution ranging from an internally developed secure operating system embedded in the secure microcontroller to example code for integrating solutions in the application environment as well as personalization services for storing confidential data, ST offers seamless integration of security measures for customers who might not be experts in secure systems.
STSAFE-A Optimized solution
Protecting businesses: building secure and trusted embedded systems
Running on a Common Criteria EAL5+ platform, STSAFE-A is a highly secure authentication solution whose security is certified by independent parties. Its command set is tailored to address strong authentication, establish a secure channel in the scope of a TLS session, verify signatures, and offer secure storage as well as decrement counters for usage monitoring.
STSAFE-A
10
STSAFE-JFlexible solution
STSAFE-J100 WITH CERTIFIED PROTECTION PROFILESFocused on providing state-of-the-art security for connected objects, the STSAFE-J100 gives each object an unalterable identity that can be authenticated. It also handles encrypted communications, provides secure storage and is easily integrated in IoT devices including smart meters, data concentrators, and utility gateways. Customizable with market-specific applets, the STSAFE-J100 secure element combines CC EAL5+ certified hardware and a CC EAL5+ certified secure operating system. Device designers can take advantage of the freedom to create their own security profiles, or get to market faster using ST’s pre-certified profiles such as German BSI and French Enedis smart-utilities specifications.
To help customers take full advantage of the flexibility of the STSAFE-J100 and ensure uncompromising threat protection, ST provides secure device-personalization services. Personalizing each device with its unique identity and cryptographic keys is a fundamental part of the secure-element philosophy to create trusted hardware resilient to cloning or hacking. ST’s service is safe and cost-effective, and relieves customers of responsibility for secure programming as well as preventing the exposure of keys and secrets while distributing programmed devices.
DEVELOPMENT TOOLS & SERVICESDevelopers benefit from a comprehensive set of development tools and services:
• Expansion board compatible with STM32 Nucleo and Arduino boards• Example code and libraries to be embedded in the application microcontrollers
(authentication, TLS)• Personalization services for the storage of trusted secrets
PRODUCT PORTFOLIO
Flexible Java platform
STSAFE-J is a flexible secure solution based on GlobalPlatform®, Java Card™ 3.0.4 and dedicated Java Card™ modular applications. It offers a wide range of cryptographic and secure services which meet the requirements of custom applications.
Moreover, its Common Criteria EAL5+ and German BSI certificates enable it to serve the Smart Grid market as well as applications requiring strong security in concentrators, gateways, and IoT devices.
KEY FEATURES• Flexible crypto services
(Java 3.0.4 + GP 2.1.1 + applet)
• CC EAL5+ & BSI certification
• French Enedis specifications compliant
KEY BENEFITS• Flexible Java solution with generic
ST or customer-specific applets
• Trusted network access with authentication
• Secure data storage & secure communication
• Personalization services
• Development ecosystem with expansion boards and middleware
Product name OS support Interface Certification Package Operating T° range NVM Storage
STSAFE-J100 GP 2.1.1/JC 3.0.4Contact ISO/IEC 7816,
I2C
CC EAL5+ SO8N (6x5 mm),DFN8 (4x4.2 mm)
VFQFPN32 (5x5 mm)–40 to +85 °C
80 Kbytes
STSAFE-J100-BSGP 2.1.1/JC 3.0.4
BSI AppletCC EAL5+,
BSI-DSZ-CC-1037-201817 Kbytes
STSAFE-J
11
PRODUCT PORTFOLIO
STANDARDIZED AND CERTIFIED SOLUTION FOR TRUSTED COMPUTINGComputing is no longer limited to traditional personal computers. Today, it has expanded to include new types of devices that systematically integrate connectivity. As a result, the sense of ubiquity that these technologies brings to users also emphasizes new security concerns.
The Trusted Computing Group (TCG), an international standardization body formed by more than 100 industry leaders, provides open standards and specifications addressing security challenges such as device integrity, health checks, strong user authentication, secure network access and the protection of data and assets.
Fully compliant with TCG’s Trusted Platform Module (TPM) specifications covering Computer & IoT profiles, STSAFE-TPM products are also Common Criteria EAL4+ as well as FIPS 140-2 certified.
Available in different packages and interfaces, this cost-effective system-on-chip provides a flexible solution for a wide range of connected devices. STSAFE-TPM products are qualified to operate under an extended industrial temperature range making them the most suitable and comprehensive TPM offering on the market.
Expanding trust from personal computing to connected devices
The security of computing platforms and the protection of users’ assets have become a tremendous challenge not only for OEMs who design connected devices but also for end users increasingly concerned about their privacy and the protection of their data.
The growing deployment of connected consumer devices and industrial IoT equipment makes this challenge even more critical.
STSAFE-TPM is a standardized secure solution – Common Criteria and FIPS certified – offering the most comprehensive and cost-effective system-on-chip for trusted computing.
KEY FEATURES• TPM 1.2 & TPM 2.0 libraries
• TPM 1.2 & TPM 2.0 switch capability
• Secure Field Upgrade mode for TPM firmware
• Common criteria (CC) EAL4+, TCG and FIPS 140-2 certified
• Windows 10 Redstone (RS) approved
• Compatible with Linux TPM drivers
• -40 °C / +105 °C extended temperature range
KEY BENEFITS• Built upon high-end secure
microcontroller
• Certified hardware-based root of trust
• Large secure user non-volatile memory
• TPM credentials root signed by independent certification authority (CA)
• Seamless integration (ISO/IEC 11889 compliant)
Product name OS support Interface Certification Package Operating T° range NVM Storage
ST33TPHF2ESPI TPM 1.2/TPM 2.0TCG SPI
CC EAL4+, FIPS140-2, TCG1.2 & 2.0
TSSOP28 (9.7x4.4 mm), VFQFPN32 (5x5 mm)
–40 to +105 °C
34 Kbytes
ST33TPHF20SPI TPM 2.0 CC EAL4+, FIPS140-2, TCG 2.0 110 Kbytes
ST33TPHF2EI2C TPM 1.2/TPM 2.0TCG I2C
CC EAL4+, FIPS140-2, TCG1.2 & 2.0 34 Kbytes
ST33TPHF20I2C TPM 2.0 CC EAL4+, FIPS140-2, TCG 2.0 110 Kbytes
STSAFE-TPMStandardized solution
STSAFE-TPM
© STMicroelectronics - September 2018 - Printed in United Kingdom - All rights reservedThe STMicroelectronics corporate logo is a registered trademark of the STMicroelectronics group of companies
All other names are the property of their respective owners
For more information on ST products and solutions, visit www.st.comOrder code: BRSTSAFE0918