Download as PDF, PPTX
Uploaded byRiscure
Riscure Assurance for Premium Content at a glance
The document discusses Riscure assurance for premium content, focusing on Trusted Execution Environment (TEE) security and its mechanisms for protecting assets. It outlines challenges, issues with existing standards like Global Platform and Common Criteria, and proposes a methodology for component evaluations to enhance security assurance. The document also mentions compliance with MovieLabs specifications for enhanced content protection and the benefits of Riscure assurance screening.
More Related Content
Similar to Riscure Assurance for Premium Content at a glance
![Vibe Coding vs. Spec-Driven Development [Free Meetup]](https://cdn.slidesharecdn.com/ss_thumbnails/vibecodingvsspecdrivendevelopment-251209105622-43f455e7-thumbnail.jpg?width=640&height=640&fit=bounds)
Riscure Assurance for Premium Content at a glance
- 1.
- 2. 2 Trusted Execution Environment(TEE) security • TEE protects the assets hidden in HW or SW – Hardware enforced mechanisms are set up and controlled by TEE based on root of trust • TEE isolates assets from REE access – keys, video, video path • While the secure media path could be entirely in HW, the configuration as well as control of the HW is performed by TEE SW
- 3. 3 Trusted Application (TA)security • Security of the system is built on top of TEE SW and HW separation mechanisms • Confidentiality of the data as well as integrity of the applications and data are critical of the security of the assets • There should not be unauthorized modifications of the code that performs core functions and expose the assets
- 4. 4 TEE Security Challenges •Does it protect my assets? • Is the HW base secure? • Is the SW secure? • What kind of attacker can attack me? • How much effort do they need? • What can they do with my device?
- 5. 5 Global Platform Problems/ Drawbacks • Has PP for TEE • Includes security functional testing • Only a single assurance level • Pass/fail evaluation – no quality indication • Administrative costs • No component evaluations, only system • Not endorsed by the content protection market • Fixed amount of effort , mitigations not accounted for
- 6. 6 Common Criteria Problems/ Drawbacks • Provides various assurance levels • Takes into account different attacker levels • CC provides either extensive evaluation and testing or insufficient • Administrative costs • Only integrated System assurance • Pass-fail verdict • Reviews implementation representation • Doesn’t take mitigations into account
- 7. 7 Methodology has to: •Capture relevant attacks • Provide different security levels • Provide different assurance levels • Be time efficient • Provide component evaluations
- 8. 8 Levels and Attackers– what does it mean 5-7 Medium to Advanced hacker 1-4 Script-kiddy or amateur hacker 8 Organized criminals 9-10 Government security agency
- 9. 9 The “MovieLabs Specificationsfor Enhanced Content Protection – Version 1.1” is one of the main security standards in the content provider market. For chipsets it requires testing of the Secure Computation Environment and Secure Media Pipeline, as well as SCA resistance of the encryption and decryption algorithms. These requirements are also included in the scope of the Riscure Assurance for Content Protection program. The table below shows which Component Assurance Levels are necessary for chipsets to comply with the MovieLabs Specifications. MovieLabs Specifications for Enhanced Content Protection MovieLabs Specifications Riscure Assurance for Content Protection Secure Computation Environment CAL 6+ for TEE HW, CAL 5+ for TEE SW Hardware Root of Trust CAL 6+ for TEE HW Secure Media Pipeline (SMP) CAL 5+ for SMP SW, CAL 6+ for TEE HW Encryption (SCA requirement) CAL 6+ for Conditional Access (CA)
- 10. 10 Methodology steps Step 4:Integration testing (optional) Verifies configuration for level 6 and up Step 3: SW code review of TCB SW vulnerabilities per 1KLoC Coverage depends on CAL Step 2: TEE HW testing of selected tests JIL rating indicates the level Effort depends on the level Step 1: Design review HW and SW design Effort depends on the level
- 11. 11 Step 1: Designreview • Find the relevant up to date attacks in the design • What HW mechanisms are in place to protect assets and TEE? (compliance rules) • What boot process is in place? Is the root of trust implemented? Keys protection, time protection? • Attacks based on standardized documentation such as JHAS and knowledge of relevant up-to-date attacks
- 12. 12 Step 2: HWtesting • For the selected tests for HW mechanisms during the Design review phase: • Penetration testing is performed • For tests that indicate the attack is possible JIL rating is assigned • Based on the JIL rating, the robustness of the design is determined
- 13. 13 Step 3: SWcode review • SW code review aims at • Determining overall quality of the code using statistics • Detecting the most critical SW vulnerabilities • Detecting if there are exploit mitigations • Identifying vulnerabilities in the chain of trust
- 14. 14 Benefits • Effective testingwith respect to time to market • Budget-efficient high-assurance evaluation • Up-to date threat assessment • Composite evaluations
- 15. 15 NEW: Riscure Assurance forPremium Content screening • Estimates what level would your chip/ HW/SW component get • Key benefits • Determines the expected level • Light, easy and quick • Guides you how to improve your solution • Contact us to learn more
- 16. 16 Challenge your security RiscureB.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15 251 40 90 www.riscure.com Riscure North America 550 Kearny St., Suite 330 San Francisco, CA 94108 USA Phone: +1 650 646 99 79 inforequest@riscure.com Riscure China Room 2030-31, No. 989, Changle Road, Shanghai 200031 China Phone: +86 21 5117 5435 inforcn@riscure.com