Secure by Design
Timesys Security Services: Bring more secure products to market
Services & consultation to make your product security stronger
- Secure Boot & Chain of Trust
- Device Encryption & Secure Key Storage
- Security Audits, Hardening, Updates
View Case Studies
Timesys Security Services
Proven Expertise for Stronger Product Security
Free Consultation
Timesys Security Services
30-Minute Secure Design
Consultation
Stay Secure
Timesys Vigiles
Maintain Secure Products
After Release
To help you secure by design, Timesys offers Security Services in a variety of areas.
Secure Boot / Chain of Trust
Ensure your device is not running tampered software by verifying its authenticity before execution. Establish software authenticity all the way from the bootloader to user applications. Our secure boot services help implement:
- Verified bootloader (NXP i.MX / QorIQ, Qualcomm Snapdragon, TI Sitara, Atmel SAMA5, Xilinx Zynq and more)
- Kernel verification (FIT image, SoC specific mechanisms)
- Root filesystem verification (dm-verity, IMA/EVM, FIT image)
- NXP EdgeLock SE050 integration
Device Encryption and Secure Key Storage
You can protect IP and sensitive user information by encrypting data/software. It is also critical to protect the key used for encryption using a secure storage mechanism. Additionally, software that handles confidential data should run from within a hardware/software-isolated environment.
We provide solutions and services that span:
- Anti-cloning (IP and Data Protection)
- Key Management and secure key storage
- Data protection using encryption — In use, in motion, and at rest
- Trusted Platform Module (TPM)
- Trusted Execution Environment (TEE) using Arm TrustZone and OP-TEE
- Device identity and authentication
OTA Software Updates
We can help you determine how to update/deploy software securely and deny unauthorized software installs. Leverage our expertise to help you with:
- Over-the-air (OTA) updates of the software on your embedded system
- Package updates
- Full OS updates
- Signing of packages and images
- Server authentication
Security Audit
By performing a risk analysis, our audit services can help you determine what potential threats your system might encounter and what should be secured. Timesys’ security audits:
- Provide a detailed review of packages and default system configuration
- Run & analyze reports from audit and scanning tools
- Provide you with an end-to end-review of system security
- Provide you with a risk management and recovery plan
Hardening
You need to choose system security configurations wisely to reduce the attack surface. Typically, development focus is on the application with little consideration for system security. Our hardening service focuses on:
- Access & authorization
- Vulnerability
- Logging of all user access
- Logging of access level changes by any program
- Disable unused services and ports
- Security-oriented configurations for packages and kernel
%
Eighty percent of all external attacks take advantage of known vulnerabilities in unpatched software and misconfigured systems.*
*The National Institute of Standards and Technology (NIST)
National Vulnerability Database / https://nvd.nist.gov
Related Resources
Timesys Security Video
Secure Boot on i.MX 6Quad Powered Advantech DMS-BA16 Qseven Module
Timesys Security Video
Secure Firmware Update
Using SWUpdate
Timesys Security Blog
Secure boot on Snapdragon 410
Timesys Security Blog
Secure Boot
and Encrypted Data Storage
Timesys Security Blog
Trusted Software Development
Using OP-TEE
Timesys Security Blog
Software / Firmware Update Design Considerations
Timesys Security Blog
The new focus on ‘Security by Design’
Timesys Security Blog