Prove & Run
With the advent of the Internet of Things (IoT), there are attractive business models for hackers for exploiting vulnerabilities of connected systems, in particular when attacks that can be performed remotely, even when these attacks are costly to identify. Protecting those devices becomes critical.
Prove & Run addresses this issue by providing cost effective off-the-shelf formally proven software solutions that dramatically improve the level of security of connected devices so as to be able to resist to hackers, from the simplest attacks up to the most sophisticated.
Prove & Run’s solutions support the i.MX-based Colibri and Apalis Computer on Modules.
The first step toward securing a connected device is to make sure that its software stays authentic throughout its lifetime: many attacks are based on replacing the original firmware of a device with a malicious one. To help its customers solve this challenge Prove & Run has designed a Secure Firmware Update (SFU) solution that makes sure that the device applies only authentic firmware updates. The solution includes a secure boot to check the authenticity of the firmware of the device every time it boots.
The SFU security service relies on ProvenCore, their highly secure OS kernel. The security properties of ProvenCore have been formally proven, down to generated code. This allows ProvenCore to be as close as possible to “zero-bugs” and therefore highly resistant to attacks. In turn, ProvenCore leverages TrustZone®, a hardware security feature of Arm® Cortex®-A processors that enables security services to execute independently of the main operating system and of its applicative environment.
With the SFU solution, you can cope with a very large set of security issues for your connected devices. For more sophisticated cases or security requirements, you may need to have to add additional security services. Please contact Prove & Run for more information.