LinuxLink Login   |   1.866.392.4897 |   sales@timesys.com    |  Contact Us            English EN French FR German DE Japanese JA

TRST Secure by Design

Timesys Security Services: Bring more secure products to market

Services & consultation to make your product security stronger

  • Secure Boot & Chain of Trust
  • Device Encryption & Secure Key Storage
  • Security Audits, Hardening, Updates

Free Consultation

Timesys Security Services

bring products to market that are more secure

30-Minute Secure Design Consultation

Learn More

Timesys Security Services

bring more secure products to market

Secure Design Best Practice Resources

Stay Secure

Timesys Vigiles

Timesys Vigiles vulnerability & patch management

Maintain Secure Products After Release

To help you secure by design, Timesys offers Security Services in a variety of areas.

secure boot and chain of trust

Secure Boot / Chain of Trust

Ensure your device is not running tampered software by verifying its authenticity before execution. Establish software authenticity all the way from the bootloader to user applications. Our secure boot services help implement:

  • Verified bootloader (NXP i.MX / QorIQ, Qualcomm Snapdragon, TI Sitara, Atmel SAMA5, Xilinx Zynq and more)
  • Kernel verification (FIT image, SoC specific mechanisms)
  • Root filesystem verification (dm-verity, IMA/EVM, FIT image)

embedded Linux software authentication

Device Encryption and Secure Key Storage

You can protect IP and sensitive user information by encrypting data/software. It is also critical to protect the key used for encryption using a secure storage mechanism. Additionally, software that handles confidential data should run from within a hardware/software-isolated environment.

We provide solutions and services that span:

  • Anti-cloning (IP and Data Protection)
  • Key Management and secure key storage
  • Data protection using encryption — In use, in motion, and at rest
  • Trusted Platform Module (TPM)
  • Trusted Execution Environment (TEE) using Arm TrustZone and OP-TEE
  • Device identity and authentication

security vulnerability patching

OTA Software Updates

We can help you determine how to update/deploy software securely and deny unauthorized software installs. Leverage our expertise to help you with:

  • Over-the-air (OTA) updates of the software on your embedded system
  • Package updates
  • Full OS updates
  • Signing of packages and images
  • Server authentication

timesys security audit

Security Audit

By performing a risk analysis, our audit services can help you determine what potential threats your system might encounter and what should be secured. Timesys’ security audits:

  • Provide a detailed review of packages and default system configuration
  • Run & analyze reports from audit and scanning tools
  • Provide you with an end-to end-review of system security
  • Provide you with a risk management and recovery plan

embedded device system hardening

Hardening

You need to choose system security configurations wisely to reduce the attack surface. Typically, development focus is on the application with little consideration for system security. Our hardening service focuses on:

  • Access & authorization
  • Vulnerability
  • Logging of all user access
  • Logging of access level changes by any program
  • Disable unused services and ports
  • Security-oriented configurations for packages and kernel

Need help with designing security into your open source embedded device?

We’d be happy to talk to you about how we can help you address the unique security needs of your embedded software and implement security during the product design phase. To get started, schedule your no-obligation 30-minute security consultation now. Simply fill out our online form, email us at sales@timesys.com or call us at 1.866.392.4897 (toll-free) or +1.412.232.3250.

Schedule Consultation

%

Eighty percent of all external attacks take advantage of known vulnerabilities in unpatched software and misconfigured systems.*

*The National Institute of Standards and Technology (NIST)
National Vulnerability Database / https://nvd.nist.gov

After you secure your product, how will you keep it secure?

Continuously monitoring for CVEs and updating your customized software is key to minimizing security threats once your product is deployed. In addition to security services, as part of our Timesys TRST Device Security Solutions we offer Timesys Vigiles — our security vulnerability and patch notification that helps you manage vulnerabilities and maintain your device’s security posture throughout the product lifecycle.

View Vigiles Options

Related Resources

documentation icon

Timesys Datasheet

Timesys TRST Security Services
 

Timesys University Webinar Series | Sponsored by:

Reduce Risk with RISC:
Designing and Maintaining Secure Embedded Linux Devices with Advantech RISC Platforms

View Details

Timesys Security Video

Secure Boot on i.MX 6Quad Powered Advantech DMS-BA16 Qseven Module

Timesys Security Video

Secure Firmware Update Using SWUpdate

Timesys Security Blog

Secure boot on Snapdragon 410