Security

Overview

Security has multiple layers and dimensions. It starts all the way from booting the device to running software on it and connecting to cloud services. FoundriesFactory® provides a set of features to target every aspect of your Factory security.

Below sections focus on the following aspects:

  • how to securely connect your devices to Foundries.io™ cloud services.
  • how to securely boot your devices;
  • how to securely update firmware and software on your devices;
  • how to securely store secrets on your devices;

FoundriesFactory Security Summary

A brief summary of the crypto keys used in a FoundriesFactory can be found in:

Secure Connection to Cloud Services

Your devices communicate with a set of FoundriesFactory cloud services, the central of which is the Device Gateway. The Device Gateway enforces Factory devices to establish the Mutual TLS (mTLS) connection to it. During the TLS Handshake phase in Mutual TLS, both the device and the cloud service present and verify their TLS certificates.

The Factory owner must take their Factory PKI offline before going to production. We also recommend to take the Device Registration Service under full control. Finally, the Device Networking must be configured properly to connect to cloud services.

Secure Boot (Hardware Root of Trust)

FoundriesFactory Secure Boot is the mechanism to force a device to only execute boot software that is signed by a certain set of keys. The verification process and corresponding security functions are performed by the SoC boot ROM. These are the starting points for building a hardware root of trust.

The SoC hardware security manual should be consulted to identify the supported key types and the signing process. Secure Boot specifics of select hardware platforms are described below.

More information around Secure Boot aspects supported by LmP can be found in:

See how to implement the Secure Boot Firmware Updates below.

Secure Online Keys for Boot Stack

FoundriesFactory uses online keys to sign the components from the boot stack during build time. More information on how these keys are used and how to modify them can be found below.

Secure Over the Air Updates

FoundriesFactory Over the Air Updates (OTA) is the mechanism to deliver firmware and software updates to your Factory devices securely. It leverages The Update Framework (TUF) underneath which uses a set of keys to sign every software piece. These keys should be managed offline by the Factory owner before going to production.

Secure Boot Firmware Updates

FoundriesFactory uses OTA to deliver secure boot firmware updates to your devices. Secure Boot Firmware Update specifics of select hardware platforms are described below.

Anti-rollback protection, which prevents downgrading of boot firmware can be enabled by following the guide below.

Secure Element as Secrets Storage

There are different techniques how to securely store secrets on your devices. We recommend that you take advantage of the Hardware Security Module (HSM) to keep your device secrets sealed.

Hardware Secure Module (Secure Element) specifics of select hardware platforms are described below.