Connected devices require protection against the ever increasing threat of cyber-attacks. WISeTrustBoot will do just that. Embedding WISeTrustBoot in conjunction with WISeKey’s tamper resistant Secure Element VaultIC in a device will protect it against modification of its function, against such as , Brickerbot or Hajime, ensures the data exchange with the device is not compromised and protects your business against device cloning. WISeTrustBoot does this by building a chain of trust, cryptographically validating every step of the chain, from boot until transmission of data. Additionally, it provides a mechanism to securely download and install updated versions of the firmware. WISeTrustBoot combines the strength of a tamper resistant chip, Chain of Trust state-of-the-art crypto libraries Why choose and strong digital signatures WISeTrustBoot? based on WISeKey’s recognized Authentic Integrity Trusted Authentic Authentic experience in Public Key Device Protected Boot Device Data Firmware Data Infrastructure Services and secure chip technology

Examples of that can be avoided WISeTrustBoot provides Internet of Things: when using WISeTrustBoot full protection against Mirai Brickerbot Spectre and Meltdown malware on embedded Industry 4.0 Utilities, smart grid Mirai was a malicious piece Brickerbot was a malware Discovered in early 2018, connected devices: of software code, or Bot that that, once infecting a device, these two exploits use Building security, video targeted low cost consumer started to destroy it by vulnerabilities in widely Trusted Boot surveillance cameras… devices such as video deleting the data in storage implemented microprocessors Firmware signature validation cameras. A large number and disconnecting it from the of for example personal Smart Cities (street lighting, of these Bots where used network. An alert was raised computers, allowing a Device Authentication waste management...) for large scale attacks in against Brickerbot on April malicious process to read September 2016 against 2017. data that is stored in ‘secured’ Anti-Counterfeiting Telehealth, health monitoring... memory from another a French based hosting Hajime Data Communication protection Fiscal printers, cash registers... service and a US based DNS process. This data includes service, provoking outage of Hajime is a malware roughly private keys, passwords and Firmware update package several web services during identified at the same time other sensitive data. Patches verification and decryption some days. These are called as Mirai, Researchers do have been made available by the major software editors, Distributed Denial of Service not know the intentions of slowing down the operation (DDOS) attacks. Hajime yet but fear that in future the bots will be of the affected hardware by activated for a malicious goal. sometimes more than 30%. WISeTrustBoot consists of three major SignaTool used by developer components Firmware code Encryption Encrypted code Hash function Firmware hash Vaultic Firmware signature The secure bootloader engine integrated in the device micro controller. This is the core of the solution. Delivered as a binary code and integrated with the device firmware Developer password it establishes an immutable cryptographically protected binding with the secure element VaultIC407 to process the Download of encrypted firmware and its signature trusted boot and firmware validation before activating the device. Device Bootloader

VaultIC407, a tamper resistant secure element processing Encrypted code Hash function Firmware hash VaultIC Firmware signature the sensitive assets and functions of the solution.

New firmware SignaTool, a PC tool for the genuine developer to sign and authenticated for encrypt the device firmware so it can be installed and used installation Encryption

on the device without risk of the firmware being revealed, Signature verification result modified, copied or replaced by malware.

Firmware decryption key

Implementation Connected device The WISeTrustBoot Development kit consists of

Software: Hardware: Services: Application Interface APPLICATION Signatool PC application USB dongle Integration Support for SignaTool One year license Security Domain (Security Policies, Access Controls, Role Management) WISeTrustBoot Binary API  Development VaultIC API board Secure Update Crypto Library Application Management Administration Services Documentation (MAC, Signature) & Storage (File System) (Key Management) VaultIC Secure Boot

Crypto Library Memory Communication Stack (RSA, AES, ECDSA...) Management (I2C, SPI) Secure Crypto

VaultIC407 Hardware

EEPROM SPI/ Public Key SPI RNG AES Crypto I2C SPI MEM Engine RISC I2C RAM I2C GPIOs CPU

Hardware Security Power Manager HAL Information in this document is not intended to be wisekey.com VaultIC Device MCU legally binding. WISeKey products are sold subject to WISeKey Terms and Conditions of Sale or the provisions [email protected] of any agreements entered into and executed by WISeKey and the customer. For more information, visit www.wisekey.com