Recommended
Recommended
More Related Content
What's hot
What's hot (20)
Similar to NEOS IoT Security Platform : System-on-module with WiFi and TPM (Trusted Platform Module) for IoST, Internet of Secure Things (KO)
Similar to NEOS IoT Security Platform : System-on-module with WiFi and TPM (Trusted Platform Module) for IoST, Internet of Secure Things (KO) (20)
Recently uploaded
Recently uploaded (20)
NEOS IoT Security Platform : System-on-module with WiFi and TPM (Trusted Platform Module) for IoST, Internet of Secure Things (KO)
- 2. Features of NEOS IoT Security Platform ● Full Featured Solution Package : Secure RTOS Software, Integrated Development Environment Software, System-on-module, and Development Kit ● Crypto Library ● Secure Boot ● Secure Firmware Update ● TPM Support ● Device Management Solution, Integrated ● Key Management System for IoT, Integrated
- 4. 4 A. Secure RTOS SW Platform ■ Secure Boot ■ Secure Firmware Update ■ Standard Cryptographic Library for end-to-end Security ■ Secure Key Management on TPM (Trusted Platform Module) ■ Standard based Device Management Solution (NEO-IDM™) Integrated ■ Standard based Key Management Solution (iKMS) Integrated Secure RTOS SW Secure Boot Secure Firmware Update Crypto API NEOS™ RTOS Key Manager IoT Agent Crypto- library Device Manager
- 5. 5 B. IDE (NEOSPACE) ■ Complete Integrated Development Environment based on eclipse development platform ■ Project Management ■ Building target software : compiler, linker ■ Debugging and Flash Programming through Serial Wire Debug (SWD) USB (Serial, SWD)
- 6. • Neo-SP1 Module – Hardware Root of Trust by TPM (Trusted Platform Module) – User can program IoT application on the module • DVMS : Full Featured Development Kit – Neo-SP1 Mounted – SWD ST Link-v2 Debug Interface ready for Debugging and Flash Programming – Sensors : Accelerometer/Magnetometer, Temperature/Humidity, Light/UV – Configurable External Ports with I2C, ADC, UART interfaces 6 C. Reference Hardware JTAG Trace32 SWD - USB Serial - USB Temp./ Humidity Accel. / mageto. Neo-SP1 Light/UV External Ports DVMS (DevKit) Function Specification MCU STM32F415 TPM Infineon SLB9670VQ1.2 Connectivity WiFi 802.11b/g/n : ESP8266 Dimension 25mm x 35mm ● Neo-SP1
- 8. ■ Boot only OEM provided software only ■ Download firmware from Update Server and verify the Signature 8 Secure Boot, Secure Firmware Update Device Power On Firmware boot loader Boot Manager verifies Signature Boot to Main OS Boot to Update boot configuration database Internet / Intranet Update Server Signing ( OS and Hash ) Public key of update Server Download from update server
- 9. Neo-IDM Service UI • Standard IoT Device Management Platform based on LwM2M protocol • Two Operation Models : IoT Edge Device and Connectivity Module 9 Integration with Neo-IDM NEOS IoT SP Edge Device Neo-IDM CoAP Server IoT Gateway Neo-IDM LwM2M Client CoAP Interworking Proxy LwM2M IoT Server Azure, ThingWorx, ... HTTP/MQTT LwM2M Server NEOS IoT SP Connectivity Module Neo-IDM LwM2M Client & CoAP Server LwM2M LwM2M Server Secure RTOS SW Secure Boot Secure Firmware Update Crypto API NEOS™ RTOS Key Manager IoT Agent Crypto- library Device Manager
- 10. • Key distribution function and management scheme • Key Injection for IoT Device • Thus providing End-to-End Security 10 Integration with iKMS (Key Management System) NEOS IoT SP iKMS Agent Secure Key Distribution iKMS Server (Hancom Secure Co.) Secure RTOS SW Secure Boot Secure Firmware Update Crypto API NEOS™ RTOS Key Manager IoT Agent Crypto- library Device Manager IoT Server LwM2M, Azure, ... Secure Key Distribution
- 11. Cryptographic Library 11 Function Algorithm Description Block Cipher ARIA 128, 192, 256 bits SEED 128, 256 bits LEA 128, 192, 256 bits HIGHT 64 bits Block Cipher Operating Mode Confidentiality ECB, CBC, CFB, OFB, CTR Block Cipher : ARIA, SEED, LEA, HIGHT Confidentiality/Authentication CCM, GCM Block Cipher : ARIA, SEED, LEA, HIGHT Random Number Generator HASH_DRBG Hash : SHA-224/256/384/512 CTR_DRBG Block Cipher : ARIA, SEED, LEA, HIGHT HMAC_DRBG Hash : SHA-224/256/384/512 Public Key Cryptography RSAES Public Key : 2048, 3072 bits Key Management DH Public / Private Key : (2048, 256) ECDH B-233, K-233, P-224 B-283, K-283, P-256 Hash Function SHA-2 Output Length : 224, 256, 384, 512 bits Message Authentication Code Hash Based HMAC Key Length : 128, 256 bits Block CMAC Block Cipher : ARIA, SEED, LEA, HIGHT GMAC Block Cipher : ARIA, SEED, LEA, HIGHT Digital Signature RSA-PSS Public Key : 2048, 3072 bits KCDSA Public Key : 1024, 2048, 3072 bits ECDSA B-233, K-233, P-224 B-283, K-283, P-256 ECKCDSA B-233, K-233, P-224 B-283, K-283, P-256 ■ cryptographic algorithms ■ light-weighted, and optimized for embedded system
- 13. ■ To provide Secure Channel for systems with Legacy Devices ■ Minimal or no modification to Legacy System for easy deployment 13 Secure Media Converter Legacy Devices Legacy Devices Trans- ceiver Trans- ceiver Unsecure Media : ethernet, RS485, RS422, ... Secure Channels Wired or Wireless Unsecure Media : ethernet, RS485, RS422, ...
- 15. 15 Applicable ■ To protect public safety data, environment data, smart grid data, etc, where Security is mandatory by law ■ To protect data for Military IoT ■ To protect Private Sensitive data, such as Wellness information or Medical (Health) data ■ To protect Device Configuration Data, Manufacturing Technology
- 16. About NEOS RTOS 16 ■ NEOS™ RTOS is a real-time operating system for embedded system developed by MDS Technology ■ DO-178B Level A Certifiable Kernel ■ Multi-thread Kernel with fast and deterministic performance ■ Preemptive realtime scheduling ■ POSIX standard API add-on (POSIX 1003.13 PSE52) ■ Field proven in aerospace and military for safety critical and mission critical system ■ http://www.neosrtos.com