Protecting your firmware authenticity with CycurHSM: an overview of advanced secure boot concepts

Raimund Stampa, Lead Product Manager Embedded Security Software, ESCRYPT | LinkedIn

In this webinar, ESCRYPT‘s Raimund Stampawe revisits CycurHSM’s capabilities to create sophisticated security designs that you can tailor to your needs. The presented novel solutions are close to their start of production and showcase the challenges in current designs. We will investigate why the bootloader is a major attack surface and what trade-offs are typical for modern ECUs.

Key topics and takeaways:

  • A short revisiting of CycurHSM’s standard trusted boot and important design decisions to support a fast and secure ECU startup
  • The “TABS feature” – combining secure boot with certificate-based security for an autonomous authenticity update in order to eliminate the largest attack surface in the boot manager
  • Showcase: Secure and Safe boot in an airbag system – how to realize stringent startup timings in a safety-critical ECU for Airbag control