Secure by design + Stay secure = Your best defense against security threats.
Implementing security early in the design of your open source embedded Linux based device is key to managing the security of your device. And by continuously monitoring and updating your customized software, you can minimize security threats throughout its lifecycle. No matter in which stage you are with your embedded product development, you can rely on Timesys’ comprehensive Security Services offering to help you “secure by design” and “stay secure.”
Timesys offers Security Services in a variety of areas, including:
By performing a risk analysis, our audit services can help you determine what potential threats your system might endure and what should be secured. Timesys’ Security Service audits:
- Provide a detailed review of packages and default system configuration
- Run & analyze reports from audit and scanning tools
- Provide you with an end-to end-review of system security
- Provide you with a risk management and recovery plan
System security configurations need to be chosen wisely to reduce the attack surface. Typically, development focus is on the application with little consideration for system security. Our hardening service focuses on:
- Access & authorization
- Logging of all user access
- Logging of access level changes by any program
- Data protection — In use, in motion, and at rest
- Anti-cloning / IP Protection
- Security-oriented configurations for packages and kernel
Software Authentication and Runtime Isolation
Ensure your device is not running tampered software by verifying its authenticity before execution. Additionally, software which handles confidential data should run from within in a hardware/software isolated environment.
Our software authentication and runtime isolation service helps implement:
- Secure boot / Chain of Trust
- Trusted Platform Module (TPM)
- Device identity and authentication
- Trusted Execution Environment (TEE) / OP-TEE
OTA Software Updates
Our security services can help you determine how to update/deploy software securely and deny unauthorized software installs. Leverage our expertise to help you with:
- Over-the-air (OTA) updates of the software on your embedded system
- Package updates
- Full OS updates
- Signing of packages and images
- Server authentication
Timesys makes it easy for your software to stay secure by eliminating the time you would spend monitoring CVEs and assessing their risks yourself. Our Security Notification and Update Management Service gives you access to pull notification for the software components used in your particular configuration, and it allows you to remain in control of your software updates.
Have a security-related question or a project you’d like to discuss?
We’d be happy to talk to you about how we can help you manage the security of your embedded Linux based device. For more information about our security services, fill out our online form, email us at email@example.com or call us at 1.866.392.4897 (toll-free) or +1.412.232.3250.