LinuxLink Login   |   1.866.392.4897 |

Security Notice: The Timesys TRST team is working to integrate patches for Spectre and Meltdown as they become available. You can view details here.

Secure by Design: Timesys Security Services

Commercial or open source, no code is threat proof. By addressing security early in the design of your open source embedded Linux based device, you can minimize threats throughout its lifecycle and reduce the overall time and cost associated with managing vulnerabilities.

To help you “secure by design,” Timesys offers Security Services in a variety of areas.

timesys security audit

Security Audit

By performing a risk analysis, our audit services can help you determine what potential threats your system might endure and what should be secured. Timesys’ Security Service audits:

  • Provide a detailed review of packages and default system configuration
  • Run & analyze reports from audit and scanning tools
  • Provide you with an end-to end-review of system security
  • Provide you with a risk management and recovery plan

embedded device system hardening


System security configurations need to be chosen wisely to reduce the attack surface. Typically, development focus is on the application with little consideration for system security. Our hardening service focuses on:

  • Access & authorization
  • Vulnerability
  • Logging of all user access
  • Logging of access level changes by any program
  • Disable unused services and ports
  • Security-oriented configurations for packages and kernel

secure boot and chain of trust

Secure Boot / Chain of Trust

Ensure your device is not running tampered software by verifying its authenticity before execution. Establish software authenticity all the way from the bootloader to user applications. Our secure boot services help implement:

  • Verified bootloader (NXP i.MX / QorIQ, Qualcomm Snapdragon, TI Sitara, Atmel SAMA5, Xilinx Zynq and more)
  • Kernel verification (FIT image, SoC specific mechanisms)
  • Root filesystem verification (dm-verity, IMA/EVM, FIT image)

embedded Linux software authentication

Device Encryption and Secure Key Storage

Protecting IP and sensitive user information can be achieved by encrypting data/software. It is also critical to protect the key used for encryption using a secure storage mechanism. Additionally, software which handles confidential data should run from within in a hardware/software isolated environment.

We provide solutions and services that span:

  • Anti-cloning (IP and Data Protection)
  • Key Management and secure key storage
  • Data protection using encryption — In use, in motion, and at rest
  • Trusted Platform Module (TPM)
  • Trusted Execution Environment (TEE) using arm TrustZone and OP-TEE
  • Device identity and authentication

security vulnerability patching

OTA Software Updates

Our security services can help you determine how to update/deploy software securely and deny unauthorized software installs. Leverage our expertise to help you with:

  • Over-the-air (OTA) updates of the software on your embedded system
  • Package updates
  • Full OS updates
  • Signing of packages and images
  • Server authentication

Security Resources


Eighty percent of all external attacks take advantage of known vulnerabilities in unpatched software and misconfigured systems.*

*The National Institute of Standards and Technology (NIST)
National Vulnerability Database /

Have a security-related question or a project you’d like to discuss?

We’d be happy to talk to you about how we can help you manage the security of your embedded Linux based device. To get started, schedule your no-obligation 30-minute security consultation now.

Schedule Consultation