Unpacking the Summit Suite: Solving the Biggest Security Problems for Teams of All Sizes

Why Top-Notch Security Matters (In Every Device)

Every company deploying a product with so much as a microcontroller onboard needs a security plan. Part of the cost of doing business in modern hardware design means confronting and preparing for vulnerabilities that allow bad actors to exploit devices, steal intellectual property, compromise customer data and privacy, or in extreme cases damage devices. The more data is captured, processed, and stored on your device, the greater these concerns become. And, critically: the more interfaces and complexity you add to your device, the more attack vectors you have to contend with. For instance, adding wireless has gone from a nice-to-have to a must-have in many modern designs, and with that comes the need to ensure that the wireless connection and sensitive data is incorruptible from a security perspective. 

For many small teams, the amount of work, maintenance, education, and ongoing development needed to resolve these security demands isn’t just challenging, it’s impossible. Setting aside the investment required to implement many common security mechanisms in a new design, the level of upkeep required to stay on pace with the continuous drumbeat of known exploits in common software is daunting. And that’s just considering the security of the software running on the device at any given time. OEMs must also ensure that only that trusted software runs on the device in the future, how to store data securely, and how to encrypt and decrypt sensitive data when it’s stored and retrieved, among other concerns. Comprehensive device security must be assessed at every level, from boot to operating system to storage and especially during over-the-air transmissions. 

Our Summit Suite is meant to address all of these challenges and much more. We provide customers with a security solution that resists tampering and interference by authenticating and validating device operations with a set of keys and certificates linked to a hardware-provisioned root of trust key, a cloud-based solution to monitor for known vulnerabilities, an engineering team ready to help patch vulnerabilities as needed for devices already in the field, and a full FIPS 140-2 validated cryptographic module that customers can leverage. All of this allows even small teams to operate with the security finesse of industry experts, and is part of our many better-than-stock software offerings that distinguish Ezurio modules from competing solutions. 

There are three components that make up what we call the Summit Software Suite: 

• Chain of Trust Device Security
• Software Vulnerability Monitoring and Remediation
• FIPS Cryptographic Modules

In future blog posts, we’ll cover each of these components in greater detail. But in this blog post, we’ll briefly look at each piece of our Summit Suite Security through the lens of the common issues our customers face. 

#1: Chain of Trust Device Security

Electronic device security is much like other forms of security: Your system is only as secure as its most vulnerable elements. A big heavy door lock is only effective if you don’t leave the key easily accessible under the doormat. The bank vault is only secure if you have complete trust in the people with the keys. Systems inherently have vulnerabilities, and so the goal of a comprehensive security solution is to ensure every step of the security process retains it’s integrity in order to verify the next step in the process.

This is the “chain” in chain of trust – starting at the high level of our security architecture, our products with Summit Suite have security factored in layer for layer from the base hardware level down to user space portions of the embedded operating system. To summarize, secret keys are built into the device in manufacturing to form the criteria to determine that software images are trustworthy to program to your device. After that, our secure bootloader validates that only software you sign and that has not been tampered with will boot on startup. Once the system is running, a secure enclave of dedicated storage space is memory-locked away from the operating system which contains secure certificates and device secrets, ensuring that if any unauthorized software WAS to run on the device, it could not access secure secrets that your application uses to communicate to other devices. Further down, secure storage cryptographically secures data on your device, meaning that any sensitive information collected and stored on the device remains impenetrable to anyone who might somehow access the device storage in its raw format.  As part of this process, we also establish cryptographic signatures that give you the capability to perform secure software update image signing, so only future software updates signed by you can be validated by the device before performing software updates.

#2: Software Vulnerability Monitoring and Remediation

The unfortunate reality for those designing secure systems is that, for all the effort in the world, software vulnerabilities will always continue to be found. Whether they come in the form of memory exploits, code injections, access level hijacking or any other form of attack vector, as soon as a vulnerability is discovered by hackers, everyone else in the world is behind the ball. The nature of exploits is that when they’re found, the clock is already ticking for manufacturers to patch and secure against that exploit. This is why developers around the world collaborate in the discovery and publication of common vulnerabilities and exposures (CVEs), applying coordinated global effort towards cataloging and patching issues with widely-used software. 

What we provide in the pursuit of software vulnerability monitoring and remediation is a way to view your entire software bill of materials (SBOM) with a highly-detailed dashboard that helps you identify potential vulnerabilities and to provide a path to remediate them. To do this, we partner with Timesys to offer our Summit Suite customers access to Timesys’ Vigiles Prime software. Vigiles Prime keeps track of each software component in your design and tracks them against globally-released CVE reports to alert you when a component of your design has been compromised and requires triage. It organizes these threats by the type and severity of the vulnerability, giving you priority awareness of what are the most important issues facing your design and which are nice-to-have fixes.

If there is a CVE or set of CVEs you are concerned about, our FAE and engineering team works directly with your engineering team to triage the CVE and decide on the best course of action to remediate.  We work with your team to decide if the vulnerabilites can be mitigated through on device config changes, specific software patches, specific software package upgrades, or an entire board support package (BSP) update. If needed, we’ll run our normal QA process on the updated BSP release to ensure no regressions have occurred in the BSP functionality.

#3: FIPS Cryptographic Modules

Cryptography is a fundamental part of device security and in protecting and securing sensitive information in your application. Whether that information is at rest (in storage) or in transit (over a connection, such as a Wi-Fi connection), it’s important to treat all data as if it were exposed to the outside world. From that perspective, it’s obvious that it’s critical to encrypt that data so it’s not readable to anyone who captures it in its raw format. 

The world’s de-facto standard for effective cryptography is provided by the U.S. government’s National Institute of Standards and Technology. They’re the authors of the Federal Information Processing Standards (FIPS), a public set of standards for cryptographic modules that help manufacturers demonstrate effectiveness and interoperability of cryptographic systems. In some applications, such as in government hospitals, FIPS is a hard requirement for safeguarding critical patient data. But even in applications where it’s not expressly required, a FIPS-validated cryptographic module gives OEMs a very high degree of confidence that data is protected from prying eyes. 

The cryptographic modules which we offer as part of our Summit Suite-enabled offerings are validated to the FIPS 140-2 standard, with a roadmap to the latest (and much more more difficult to obtain) FIPS 140-3 validation as well. FIPS validation requires extensive planning, testing, time, and effort. It’s also easily invalidated if components of a design change after certification, requiring retesting efforts that are often beyond the capability of small teams. Manufacturers that leverage our FIPS cryptographic modules are able to take advantage of our extensive investments in FIPS validation. 

Up Next: More on the Chain of Trust

In our next post, we’ll look closer at the Chain of Trust security architecture. Starting in manufacture and extending clear into the full life cycle of your device, our Chain of Trust builds secure foundations from hardware down into each component of software to ensure your devices only ever run your software, signed by your organization, executed by your certificates and secure authorizations, with secured data that only you can access. Link for link, our Chain of Trust provides assurances at every level that your device is yours to control, free of bad actors and outside interference. 

About Summit Suite

Summit Suite takes a multilevel approach to device security, a holistic view that every security component is dependent upon other processes to succeed. Our security framework is philosophically guided by the idea that you’re only as strong as your weakest safeguard, and to take no element of a device’s design for granted in terms of permeability. Starting in hardware, moving through into the various layers of software, and ultimately even into data operations like transfer and storage, we leverage cryptography, key validation, data isolation, and more to create a comprehensive security framework that our customers can leverage. 

Ezurio provides Summit Suite and many of our other value-added software offerings for a simple reason: It’s our mission to give teams big and small the global-scale resources they need to produce excellence. Ezurio is your connectivity expert – we’ve been in the wireless design business for decades, and we extend our hard-won expertise into your products as part of a true partnership. Our experience is deep and broad, whether it’s in hardware design, security architecture, excellence in embedded development that creates better than off-the-shelf offerings, or in field application engineering and support. Ezurio is committed to giving our customers a leg up in the competitive and sometimes bewildering world of wireless design, device certification, security, and more. That’s our mission as a provider and a premium design partner. 

For more on our Summit Suite device security, visit us online at: 

https://www.ezurio.com/summit-suite