A programmable hardware-based solution has been developed by Infineon Technologies for improved security of electronic devices in connected systems. This chip offers device authentication, whilst protecting computing systems from both intentional attacks and accidental damage from user error, along with enhancing security and privacy of stored data.

Allowing the connection to only known, legitimate devices is a key element to any system security, and it becomes crucial when there are more and more connected devices used by enterprises and consumers. By integrating the OPTIGA Trust P adds a security safe to embedded system.

This chip generates and securely stores encryption keys for one-way and mutual authentication, in effect protecting the device from malware, and controlling access mechanisms for secure software updates. Programmability makes it a highly flexible solution, enabling these features to be adapted by a wide variety of connected systems. Any product that stores and exchanges confidential data – whether used in smart homes or factories – will be supported by the encrypted communications capability of this chip, ensuring information privacy. This helps to defend from attackers trying to obtain personal or company data or attempting to tamper with programming through Internet connections or machine-to-machine (M2M) communications links.

The new addition to our OPTIGA Trust product series goes beyond brand protection and fighting counterfeit electronics which harm both ordinary people and companies,” said Juergen Spaenkuch, Vice President and head of Platform Security at Infineon Technologies.

“It helps protect industrial electronics systems from risks of sabotage, provide secure updates of software and improve security through access control to increasing connected systems like the Internet of Things (IoT).”

OPTIGA Trust P Features
The OPTIGA Trust P is a Common Criteria EAL 5+ (high) certified secure trust anchor that addresses counterfeiting, privacy and security concerns. It uses public key cryptography to support both one-way and mutual authentication for anti-cloning applications. On-board key generation, key storage and secure key exchange allow creation of a secure communications channel and encryption of transmitted data. This can provide data privacy as well as the information verification between senders and receivers. The integrated key management and the access controls expand the use of the secure channel to encompass protection by permitting for secure remote updates and local access restrictions to the devices.