Secure Thingz achieves industry’s first SESIP certification for its Secure Boot Manager
The certification is the first trustworthy assessment for a software component, or development tool, enabling developers to rapidly deploy security into IoT products
Cambridge, UK—February 5, 2020—Secure Thingz, a global domain expert in device security, embedded systems and lifecycle management, is proud to announce that its Secure Boot Manager has been assessed and certified according to the Security Evaluation Standard for IoT Platforms (SESIP). The assessment has been conducted by the independent security lab, Brightsight, which is fully licensed by TrustCB, a commercial Certification Body specializing in certifying IoT security products.
SESIP defines a standard for independent certification of the security of IoT devices. End users can rely on devices’ independently audited security claims, while device developers can cost-effectively meet their customers’ security requirements by using pre-certified components.
Secure Thingz’ Secure Boot Manager (SBM) is a secure bootloader for microcontrollers, which delivers a set of core features including the implementation of a formal Root of Trust plus robust lock-down of the device, provisioning and management of cryptographic keys, and fully authenticated loading of applications, patches and updates. The SBM is implemented dynamically based on developers’ decisions and device-specific functionality. It is a component of the groundbreaking solutions C-Trust, implementing secure development into the development toolchain IAR Embedded Workbench, and the Security from Inception Suite, providing a unique set of tools and services for implementing and customizing security in embedded applications.
Independent security audit and certification of IoT devices help operators to manage cyber risks through procurement policies, insurance, and improved visibility into supplier security claims. Certification is also paramount in demonstrating compliance with emerging legislation and regulatory frameworks. The SESIP certification program is leading the way in providing a framework for compliance covering many best-practices guidelines and regulatory requirements, including the US (NIST) NISTIR 8259 recommendations, the EU (ETSI) EN303645 European Standards, the UK regulatory proposals for Consumer IoT security, plus the Oregon and California (SL-327) IoT security and data collection laws.
“We are very pleased to have our capability confirmed by this certification for the Secure Boot Manager,” says Haydn Povey, CEO, Secure Thingz. “The certification of low-level software components in an embedded system is a critical step in enabling security in the IoT to become truly scalable, and the ability to harness this within a tools-based environment ensures that thousands of developers can quickly and easily implement secure products to meet the upcoming legislative challenges.”
“Brightsight is excited to work with Secure Thingz on the certification of its Secure Boot Manager,” says Carlos Serratos, Director Business Development at Brightsight. “It shows that it is possible and critical to certify the whole chain of trust to successfully secure the world of IoT.”
A certification ceremony will take place on Tuesday, February 25, at embedded world 2020 in Nuremberg, Germany, at 14:00 in the Brightsight booth #4-580 (Hall 4).
### Ends
Secure Thingz Contacts
Tora Fridholm, Chief Marketing Officer
Tel: +46 18 16 78 00
Email: tora.fridholm@iar.com
Haydn Povey, CEO and Founder
Email: haydn.povey@securethingz.com
About Secure Thingz
Secure Thingz is the global domain expert in device security, embedded systems, and lifecycle management. In 2018, the company was acquired by IAR Systems Group AB, the future-proof supplier of software tools and services for embedded development. Secure Thingz is focused on delivering advanced security solutions into the emerging industrial Internet of Things, critical infrastructure, automotive and other markets. The Secure Deploy™ architecture has been developed to solve the major security issues challenging the IoT. Secure Thingz solutions ensure a cost-efficient root of trust in low-cost microcontrollers to deliver a core set of critical services through the product lifecycle, alongside secure deployment, production and update infrastructure. Secure Thingz is a founding member and Executive Board member of the Internet of Things Security Foundation (www.iotsecurityfoundation.org), the leading global organization for IoT Security. More information is available at securethingz.com.