SlideShare ist ein Scribd-Unternehmen logo

Firmware Encryption and Secure Remote Update

Fraunhofer AISEC
Fraunhofer AISEC

This document discusses firmware encryption and secure remote updates. It notes that unprotected firmware can be copied, analyzed, and modified. It proposes encrypting firmware to prevent reverse engineering and using obfuscation to make runtime analysis difficult. It also details using memory protection mechanisms to prevent access to stored firmware and implementing authentication and encryption tools for production and remote updates.

1 von 6
Downloaden Sie, um offline zu lesen
Firm w are Encry ption and S ecure Rem ote Update . www.aisec.fraunhofer.de
The Problem Firmware Encryption and Secure Remote Update  Unprotected firmware can be copied, analyzed and modified  In-System interfaces allow access to the device firmware www.aisec.fraunhofer.de
Solution Firmware Encryption and Secure Remote Update  Encryption prevents reverse engineering of firmware code  Obfuscation makes runtime analysis of firmware difficult  Memory protection mechanisms prevent access to stored firmware www.aisec.fraunhofer.de
Solution Firmware Encryption and Secure Remote Update Production (initial setup) Field Service (firmware update) Crypto Parameter Boot Loader Encryption & Flash Tool Flash Tool Firmware . www.aisec.fraunhofer.de
Our Offerings Firmware Encryption and Secure Remote Update  Tools for firmware encryption  Implementation of authentication and obfuscation mechanisms  Development and integration of firmware decryption in the boot loader  Optimal use of available security features on system platforms www.aisec.fraunhofer.de
Your Benefit Firmware Encryption and Secure Remote Update  Protection of firmware against reverse engineering  Prevention of product piracy  Seamless integration of modern encryption and decryption methods www.aisec.fraunhofer.de

Empfohlen

The Future Mobile Security
The Future Mobile Security The Future Mobile Security
The Future Mobile Security Qualcomm Developer Network
 
Sequrity policy
Sequrity policySequrity policy
Sequrity policyBhavesh Salunkhe
 
Network security 22.1.18
Network security 22.1.18Network security 22.1.18
Network security 22.1.18Philip_
 
The People Terminating Unit
The People Terminating UnitThe People Terminating Unit
The People Terminating UnitCharles Moore
 
CERT 210W-10
CERT 210W-10CERT 210W-10
CERT 210W-10VICTOR MAESTRE RAMIREZ
 
Security Measures
Security MeasuresSecurity Measures
Security Measureshanna91
 
Mobile Security Qualcom mr. patrick tsie - qualcomm
Mobile Security Qualcom mr. patrick tsie - qualcommMobile Security Qualcom mr. patrick tsie - qualcomm
Mobile Security Qualcom mr. patrick tsie - qualcommTien Hoang
 
Preventing Stealthy Threats with Next Generation Endpoint Security
Preventing Stealthy Threats with Next Generation Endpoint SecurityPreventing Stealthy Threats with Next Generation Endpoint Security
Preventing Stealthy Threats with Next Generation Endpoint SecurityIntel IT Center
 

Empfohlen

The Future Mobile Security
The Future Mobile Security The Future Mobile Security
The Future Mobile Security Qualcomm Developer Network
 
Sequrity policy
Sequrity policySequrity policy
Sequrity policyBhavesh Salunkhe
 
Network security 22.1.18
Network security 22.1.18Network security 22.1.18
Network security 22.1.18Philip_
 
The People Terminating Unit
The People Terminating UnitThe People Terminating Unit
The People Terminating UnitCharles Moore
 
CERT 210W-10
CERT 210W-10CERT 210W-10
CERT 210W-10VICTOR MAESTRE RAMIREZ
 
Security Measures
Security MeasuresSecurity Measures
Security Measureshanna91
 
Mobile Security Qualcom mr. patrick tsie - qualcomm
Mobile Security Qualcom mr. patrick tsie - qualcommMobile Security Qualcom mr. patrick tsie - qualcomm
Mobile Security Qualcom mr. patrick tsie - qualcommTien Hoang
 
Preventing Stealthy Threats with Next Generation Endpoint Security
Preventing Stealthy Threats with Next Generation Endpoint SecurityPreventing Stealthy Threats with Next Generation Endpoint Security
Preventing Stealthy Threats with Next Generation Endpoint SecurityIntel IT Center
 
OPERATING SYSTEM SECURITY
OPERATING SYSTEM SECURITYOPERATING SYSTEM SECURITY
OPERATING SYSTEM SECURITYRohitK71
 
Security Holes and Vulnerabilities in Corporate Network_Pre Null Meet Kolkata
Security Holes and Vulnerabilities in Corporate Network_Pre Null Meet KolkataSecurity Holes and Vulnerabilities in Corporate Network_Pre Null Meet Kolkata
Security Holes and Vulnerabilities in Corporate Network_Pre Null Meet Kolkataamiyadutta
 
Protection Service for Business
Protection Service for BusinessProtection Service for Business
Protection Service for BusinessF-Secure Corporation
 
Symantec Endpoint Protection
Symantec Endpoint ProtectionSymantec Endpoint Protection
Symantec Endpoint ProtectionMindRiver Group
 
Windows Defense101
Windows Defense101Windows Defense101
Windows Defense101NickAlholinna
 
ME Information Security
ME Information SecurityME Information Security
ME Information SecurityMohamed Monsef
 
How Endpoint Security works ?
How Endpoint Security works ?How Endpoint Security works ?
How Endpoint Security works ?William hendric
 
Operating system security
Operating system securityOperating system security
Operating system securityRachel Jeewa
 
Operating systems security 2007 vulnerability report
Operating systems security 2007 vulnerability reportOperating systems security 2007 vulnerability report
Operating systems security 2007 vulnerability reportAjit Gaddam
 
Bootkits step by-step-slides-final-v1-release
Bootkits step by-step-slides-final-v1-releaseBootkits step by-step-slides-final-v1-release
Bootkits step by-step-slides-final-v1-releaseEric Koeppen
 
RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5CAS
 
Understanding and Protecting Ourselves from Buggy Device Drivers
Understanding and Protecting Ourselves from Buggy Device DriversUnderstanding and Protecting Ourselves from Buggy Device Drivers
Understanding and Protecting Ourselves from Buggy Device DriversPradeeban Kathiravelu, Ph.D.
 
Security in Windows operating system
Security in Windows operating systemSecurity in Windows operating system
Security in Windows operating systemabdullah roomi
 
Operating system vulnerability and control
Operating system vulnerability and control Operating system vulnerability and control
Operating system vulnerability and control أحلام انصارى
 
Moodle security
Moodle securityMoodle security
Moodle securityDilum Bandara
 
WE16 - Defense in Depth: Top 10 Critical Security Controls
WE16 - Defense in Depth: Top 10 Critical Security ControlsWE16 - Defense in Depth: Top 10 Critical Security Controls
WE16 - Defense in Depth: Top 10 Critical Security ControlsSociety of Women Engineers
 
Security of Windows 10 IoT Core(FFRI Monthly Research 201506)
Security of Windows 10 IoT Core(FFRI Monthly Research 201506)Security of Windows 10 IoT Core(FFRI Monthly Research 201506)
Security of Windows 10 IoT Core(FFRI Monthly Research 201506)FFRI, Inc.
 
OS Security 2009
OS Security 2009OS Security 2009
OS Security 2009Deborah Obasogie
 
StandGuard Anti-Virus Tech Pack
StandGuard Anti-Virus Tech PackStandGuard Anti-Virus Tech Pack
StandGuard Anti-Virus Tech PackHelpSystems
 
Cybercrime & Business. Jak wygrać tę wojnę?
Cybercrime & Business. Jak wygrać tę wojnę? Cybercrime & Business. Jak wygrać tę wojnę?
Cybercrime & Business. Jak wygrać tę wojnę? Biznes to Rozmowy
 
UplinQ - the future of mobile security
UplinQ - the future of mobile securityUplinQ - the future of mobile security
UplinQ - the future of mobile securitySatya Harish
 
Portakal Teknoloji Otc Lyon Part 1
Portakal Teknoloji Otc Lyon Part 1Portakal Teknoloji Otc Lyon Part 1
Portakal Teknoloji Otc Lyon Part 1bora.gungoren
 

Weitere ähnliche Inhalte

Was ist angesagt?

OPERATING SYSTEM SECURITY
OPERATING SYSTEM SECURITYOPERATING SYSTEM SECURITY
OPERATING SYSTEM SECURITYRohitK71
 
Security Holes and Vulnerabilities in Corporate Network_Pre Null Meet Kolkata
Security Holes and Vulnerabilities in Corporate Network_Pre Null Meet KolkataSecurity Holes and Vulnerabilities in Corporate Network_Pre Null Meet Kolkata
Security Holes and Vulnerabilities in Corporate Network_Pre Null Meet Kolkataamiyadutta
 
Symantec Endpoint Protection
Symantec Endpoint ProtectionSymantec Endpoint Protection
Symantec Endpoint ProtectionMindRiver Group
 
ME Information Security
ME Information SecurityME Information Security
ME Information SecurityMohamed Monsef
 
How Endpoint Security works ?
How Endpoint Security works ?How Endpoint Security works ?
How Endpoint Security works ?William hendric
 
Operating system security
Operating system securityOperating system security
Operating system securityRachel Jeewa
 
Operating systems security 2007 vulnerability report
Operating systems security 2007 vulnerability reportOperating systems security 2007 vulnerability report
Operating systems security 2007 vulnerability reportAjit Gaddam
 
Bootkits step by-step-slides-final-v1-release
Bootkits step by-step-slides-final-v1-releaseBootkits step by-step-slides-final-v1-release
Bootkits step by-step-slides-final-v1-releaseEric Koeppen
 
RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5CAS
 
Understanding and Protecting Ourselves from Buggy Device Drivers
Understanding and Protecting Ourselves from Buggy Device DriversUnderstanding and Protecting Ourselves from Buggy Device Drivers
Understanding and Protecting Ourselves from Buggy Device DriversPradeeban Kathiravelu, Ph.D.
 
Security in Windows operating system
Security in Windows operating systemSecurity in Windows operating system
Security in Windows operating systemabdullah roomi
 
Operating system vulnerability and control
Operating system vulnerability and control Operating system vulnerability and control
Operating system vulnerability and control أحلام انصارى
 
WE16 - Defense in Depth: Top 10 Critical Security Controls
WE16 - Defense in Depth: Top 10 Critical Security ControlsWE16 - Defense in Depth: Top 10 Critical Security Controls
WE16 - Defense in Depth: Top 10 Critical Security ControlsSociety of Women Engineers
 
Security of Windows 10 IoT Core(FFRI Monthly Research 201506)
Security of Windows 10 IoT Core(FFRI Monthly Research 201506)Security of Windows 10 IoT Core(FFRI Monthly Research 201506)
Security of Windows 10 IoT Core(FFRI Monthly Research 201506)FFRI, Inc.
 
StandGuard Anti-Virus Tech Pack
StandGuard Anti-Virus Tech PackStandGuard Anti-Virus Tech Pack
StandGuard Anti-Virus Tech PackHelpSystems
 
Cybercrime & Business. Jak wygrać tę wojnę?
Cybercrime & Business. Jak wygrać tę wojnę? Cybercrime & Business. Jak wygrać tę wojnę?
Cybercrime & Business. Jak wygrać tę wojnę? Biznes to Rozmowy
 

Was ist angesagt? (20)

OPERATING SYSTEM SECURITY
OPERATING SYSTEM SECURITYOPERATING SYSTEM SECURITY
OPERATING SYSTEM SECURITY
 
Security Holes and Vulnerabilities in Corporate Network_Pre Null Meet Kolkata
Security Holes and Vulnerabilities in Corporate Network_Pre Null Meet KolkataSecurity Holes and Vulnerabilities in Corporate Network_Pre Null Meet Kolkata
Security Holes and Vulnerabilities in Corporate Network_Pre Null Meet Kolkata
 
Protection Service for Business
Protection Service for BusinessProtection Service for Business
Protection Service for Business
 
Symantec Endpoint Protection
Symantec Endpoint ProtectionSymantec Endpoint Protection
Symantec Endpoint Protection
 
Windows Defense101
Windows Defense101Windows Defense101
Windows Defense101
 
ME Information Security
ME Information SecurityME Information Security
ME Information Security
 
How Endpoint Security works ?
How Endpoint Security works ?How Endpoint Security works ?
How Endpoint Security works ?
 
Operating system security
Operating system securityOperating system security
Operating system security
 
Operating systems security 2007 vulnerability report
Operating systems security 2007 vulnerability reportOperating systems security 2007 vulnerability report
Operating systems security 2007 vulnerability report
 
Bootkits step by-step-slides-final-v1-release
Bootkits step by-step-slides-final-v1-releaseBootkits step by-step-slides-final-v1-release
Bootkits step by-step-slides-final-v1-release
 
RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5
 
Understanding and Protecting Ourselves from Buggy Device Drivers
Understanding and Protecting Ourselves from Buggy Device DriversUnderstanding and Protecting Ourselves from Buggy Device Drivers
Understanding and Protecting Ourselves from Buggy Device Drivers
 
Security in Windows operating system
Security in Windows operating systemSecurity in Windows operating system
Security in Windows operating system
 
Operating system vulnerability and control
Operating system vulnerability and control Operating system vulnerability and control
Operating system vulnerability and control
 
Moodle security
Moodle securityMoodle security
Moodle security
 
WE16 - Defense in Depth: Top 10 Critical Security Controls
WE16 - Defense in Depth: Top 10 Critical Security ControlsWE16 - Defense in Depth: Top 10 Critical Security Controls
WE16 - Defense in Depth: Top 10 Critical Security Controls
 
Security of Windows 10 IoT Core(FFRI Monthly Research 201506)
Security of Windows 10 IoT Core(FFRI Monthly Research 201506)Security of Windows 10 IoT Core(FFRI Monthly Research 201506)
Security of Windows 10 IoT Core(FFRI Monthly Research 201506)
 
OS Security 2009
OS Security 2009OS Security 2009
OS Security 2009
 
StandGuard Anti-Virus Tech Pack
StandGuard Anti-Virus Tech PackStandGuard Anti-Virus Tech Pack
StandGuard Anti-Virus Tech Pack
 
Cybercrime & Business. Jak wygrać tę wojnę?
Cybercrime & Business. Jak wygrać tę wojnę? Cybercrime & Business. Jak wygrać tę wojnę?
Cybercrime & Business. Jak wygrać tę wojnę?
 

Ähnlich wie Firmware Encryption and Secure Remote Update

UplinQ - the future of mobile security
UplinQ - the future of mobile securityUplinQ - the future of mobile security
UplinQ - the future of mobile securitySatya Harish
 
Portakal Teknoloji Otc Lyon Part 1
Portakal Teknoloji Otc Lyon Part 1Portakal Teknoloji Otc Lyon Part 1
Portakal Teknoloji Otc Lyon Part 1bora.gungoren
 
On Demand Software Management
On Demand Software ManagementOn Demand Software Management
On Demand Software Managementshoofster
 
Presentatie McAfee: Optimale Endpoint Protection 26062015
Presentatie McAfee: Optimale Endpoint Protection 26062015Presentatie McAfee: Optimale Endpoint Protection 26062015
Presentatie McAfee: Optimale Endpoint Protection 26062015SLBdiensten
 
Kunal - Introduction to backtrack - ClubHack2008
Kunal - Introduction to backtrack - ClubHack2008Kunal - Introduction to backtrack - ClubHack2008
Kunal - Introduction to backtrack - ClubHack2008ClubHack
 
Workshop on BackTrack live CD
Workshop on BackTrack live CDWorkshop on BackTrack live CD
Workshop on BackTrack live CDamiable_indian
 
Kunal - Introduction to BackTrack - ClubHack2008
Kunal - Introduction to BackTrack - ClubHack2008Kunal - Introduction to BackTrack - ClubHack2008
Kunal - Introduction to BackTrack - ClubHack2008ClubHack
 
Automated patch management in Freshservice
Automated patch management in FreshserviceAutomated patch management in Freshservice
Automated patch management in FreshserviceFreshservice
 
The 300 Leonidas Solution
The 300 Leonidas SolutionThe 300 Leonidas Solution
The 300 Leonidas Solutionmatthew.maisel
 
Security in an embedded system
Security in an embedded system Security in an embedded system
Security in an embedded system UrmilasSrinivasan
 
BlackDuck Suite
BlackDuck SuiteBlackDuck Suite
BlackDuck Suitejeff cheng
 
Duck Hunter - The return of autorun
Duck Hunter - The return of autorunDuck Hunter - The return of autorun
Duck Hunter - The return of autorunNimrod Levy
 
Nimrod duck hunter copy
Nimrod duck hunter copyNimrod duck hunter copy
Nimrod duck hunter copyNimrod Levy
 
Webinar NETGEAR - Come Netgear può aiutare a mitigare gli effetti del Ransomware
Webinar NETGEAR - Come Netgear può aiutare a mitigare gli effetti del RansomwareWebinar NETGEAR - Come Netgear può aiutare a mitigare gli effetti del Ransomware
Webinar NETGEAR - Come Netgear può aiutare a mitigare gli effetti del RansomwareNetgear Italia
 
Reversing & Malware Analysis Training Part 9 - Advanced Malware Analysis
Reversing & Malware Analysis Training Part 9 - Advanced Malware AnalysisReversing & Malware Analysis Training Part 9 - Advanced Malware Analysis
Reversing & Malware Analysis Training Part 9 - Advanced Malware Analysissecurityxploded
 
Pc technologies product
Pc technologies productPc technologies product
Pc technologies productkarun devin
 
Protecting Your organization from WannaCry Ransomware
Protecting Your organization from WannaCry RansomwareProtecting Your organization from WannaCry Ransomware
Protecting Your organization from WannaCry RansomwareQuick Heal Technologies Ltd.
 

Ähnlich wie Firmware Encryption and Secure Remote Update (20)

UplinQ - the future of mobile security
UplinQ - the future of mobile securityUplinQ - the future of mobile security
UplinQ - the future of mobile security
 
Portakal Teknoloji Otc Lyon Part 1
Portakal Teknoloji Otc Lyon Part 1Portakal Teknoloji Otc Lyon Part 1
Portakal Teknoloji Otc Lyon Part 1
 
On Demand Software Management
On Demand Software ManagementOn Demand Software Management
On Demand Software Management
 
Presentatie McAfee: Optimale Endpoint Protection 26062015
Presentatie McAfee: Optimale Endpoint Protection 26062015Presentatie McAfee: Optimale Endpoint Protection 26062015
Presentatie McAfee: Optimale Endpoint Protection 26062015
 
Windows Phone 8 Security Deep Dive
Windows Phone 8 Security Deep DiveWindows Phone 8 Security Deep Dive
Windows Phone 8 Security Deep Dive
 
Kunal - Introduction to backtrack - ClubHack2008
Kunal - Introduction to backtrack - ClubHack2008Kunal - Introduction to backtrack - ClubHack2008
Kunal - Introduction to backtrack - ClubHack2008
 
Workshop on BackTrack live CD
Workshop on BackTrack live CDWorkshop on BackTrack live CD
Workshop on BackTrack live CD
 
Kunal - Introduction to BackTrack - ClubHack2008
Kunal - Introduction to BackTrack - ClubHack2008Kunal - Introduction to BackTrack - ClubHack2008
Kunal - Introduction to BackTrack - ClubHack2008
 
Automated patch management in Freshservice
Automated patch management in FreshserviceAutomated patch management in Freshservice
Automated patch management in Freshservice
 
The 300 Leonidas Solution
The 300 Leonidas SolutionThe 300 Leonidas Solution
The 300 Leonidas Solution
 
Security in an embedded system
Security in an embedded system Security in an embedded system
Security in an embedded system
 
WHONIX OS
WHONIX OSWHONIX OS
WHONIX OS
 
BlackDuck Suite
BlackDuck SuiteBlackDuck Suite
BlackDuck Suite
 
Duck Hunter - The return of autorun
Duck Hunter - The return of autorunDuck Hunter - The return of autorun
Duck Hunter - The return of autorun
 
Nimrod duck hunter copy
Nimrod duck hunter copyNimrod duck hunter copy
Nimrod duck hunter copy
 
Webinar NETGEAR - Come Netgear può aiutare a mitigare gli effetti del Ransomware
Webinar NETGEAR - Come Netgear può aiutare a mitigare gli effetti del RansomwareWebinar NETGEAR - Come Netgear può aiutare a mitigare gli effetti del Ransomware
Webinar NETGEAR - Come Netgear può aiutare a mitigare gli effetti del Ransomware
 
Reversing & Malware Analysis Training Part 9 - Advanced Malware Analysis
Reversing & Malware Analysis Training Part 9 - Advanced Malware AnalysisReversing & Malware Analysis Training Part 9 - Advanced Malware Analysis
Reversing & Malware Analysis Training Part 9 - Advanced Malware Analysis
 
Securing your Video Conferences: How to Minimize Risks of Hacking
Securing your Video Conferences: How to Minimize Risks of HackingSecuring your Video Conferences: How to Minimize Risks of Hacking
Securing your Video Conferences: How to Minimize Risks of Hacking
 
Pc technologies product
Pc technologies productPc technologies product
Pc technologies product
 
Protecting Your organization from WannaCry Ransomware
Protecting Your organization from WannaCry RansomwareProtecting Your organization from WannaCry Ransomware
Protecting Your organization from WannaCry Ransomware
 

Mehr von Fraunhofer AISEC

Fraunhofer Magazin weiter.vorn
Fraunhofer Magazin weiter.vornFraunhofer Magazin weiter.vorn
Fraunhofer Magazin weiter.vornFraunhofer AISEC
 
Produktschutz-Technologien für elektronische Geräte
Produktschutz-Technologien für elektronische GeräteProduktschutz-Technologien für elektronische Geräte
Produktschutz-Technologien für elektronische GeräteFraunhofer AISEC
 
Cyber-Sicherheit - Newsletter 2013
Cyber-Sicherheit - Newsletter 2013Cyber-Sicherheit - Newsletter 2013
Cyber-Sicherheit - Newsletter 2013Fraunhofer AISEC
 
Native Code Execution Control for Attack Mitigation on Android
Native Code Execution Control for Attack Mitigation on AndroidNative Code Execution Control for Attack Mitigation on Android
Native Code Execution Control for Attack Mitigation on AndroidFraunhofer AISEC
 
An Antivirus API for Android Malware Recognition
An Antivirus API for Android Malware Recognition An Antivirus API for Android Malware Recognition
An Antivirus API for Android Malware Recognition Fraunhofer AISEC
 
Marktchancen mit IT-Sicherheit
Marktchancen mit IT-SicherheitMarktchancen mit IT-Sicherheit
Marktchancen mit IT-SicherheitFraunhofer AISEC
 
Cybersecurity 2013 - Design for Security
Cybersecurity 2013 - Design for SecurityCybersecurity 2013 - Design for Security
Cybersecurity 2013 - Design for SecurityFraunhofer AISEC
 
Sicherheitsgipfel - Chancen und Risiken der IT
Sicherheitsgipfel - Chancen und Risiken der ITSicherheitsgipfel - Chancen und Risiken der IT
Sicherheitsgipfel - Chancen und Risiken der ITFraunhofer AISEC
 
Tech Report: On the Effectiveness of Malware Protection on Android
Tech Report: On the Effectiveness of Malware Protection on AndroidTech Report: On the Effectiveness of Malware Protection on Android
Tech Report: On the Effectiveness of Malware Protection on AndroidFraunhofer AISEC
 
PEP - Protecting Electronic Products
PEP - Protecting Electronic ProductsPEP - Protecting Electronic Products
PEP - Protecting Electronic ProductsFraunhofer AISEC
 
Cyber Security aus Sicht der Wissenschaft
Cyber Security aus Sicht der WissenschaftCyber Security aus Sicht der Wissenschaft
Cyber Security aus Sicht der WissenschaftFraunhofer AISEC
 
IKT-Trends und deren Bedeutung für eHealth
IKT-Trends und deren Bedeutung für eHealthIKT-Trends und deren Bedeutung für eHealth
IKT-Trends und deren Bedeutung für eHealthFraunhofer AISEC
 
Innovation braucht Sicherheit - Sicherheit braucht Forschung
Innovation braucht Sicherheit - Sicherheit braucht ForschungInnovation braucht Sicherheit - Sicherheit braucht Forschung
Innovation braucht Sicherheit - Sicherheit braucht ForschungFraunhofer AISEC
 
40 Jahre Informatik Hamburg
40 Jahre Informatik Hamburg40 Jahre Informatik Hamburg
40 Jahre Informatik HamburgFraunhofer AISEC
 

Mehr von Fraunhofer AISEC (20)

Fraunhofer Magazin weiter.vorn
Fraunhofer Magazin weiter.vornFraunhofer Magazin weiter.vorn
Fraunhofer Magazin weiter.vorn
 
Internet of (Every)Thing
Internet of (Every)ThingInternet of (Every)Thing
Internet of (Every)Thing
 
App Ray: 10000 Apps
App Ray: 10000 AppsApp Ray: 10000 Apps
App Ray: 10000 Apps
 
Produktschutz-Technologien für elektronische Geräte
Produktschutz-Technologien für elektronische GeräteProduktschutz-Technologien für elektronische Geräte
Produktschutz-Technologien für elektronische Geräte
 
Cyber-Sicherheit - Newsletter 2013
Cyber-Sicherheit - Newsletter 2013Cyber-Sicherheit - Newsletter 2013
Cyber-Sicherheit - Newsletter 2013
 
Native Code Execution Control for Attack Mitigation on Android
Native Code Execution Control for Attack Mitigation on AndroidNative Code Execution Control for Attack Mitigation on Android
Native Code Execution Control for Attack Mitigation on Android
 
An Antivirus API for Android Malware Recognition
An Antivirus API for Android Malware Recognition An Antivirus API for Android Malware Recognition
An Antivirus API for Android Malware Recognition
 
Marktchancen mit IT-Sicherheit
Marktchancen mit IT-SicherheitMarktchancen mit IT-Sicherheit
Marktchancen mit IT-Sicherheit
 
Cybersecurity 2013 - Design for Security
Cybersecurity 2013 - Design for SecurityCybersecurity 2013 - Design for Security
Cybersecurity 2013 - Design for Security
 
Sicherheitsgipfel - Chancen und Risiken der IT
Sicherheitsgipfel - Chancen und Risiken der ITSicherheitsgipfel - Chancen und Risiken der IT
Sicherheitsgipfel - Chancen und Risiken der IT
 
Tech Report: On the Effectiveness of Malware Protection on Android
Tech Report: On the Effectiveness of Malware Protection on AndroidTech Report: On the Effectiveness of Malware Protection on Android
Tech Report: On the Effectiveness of Malware Protection on Android
 
PEP - Protecting Electronic Products
PEP - Protecting Electronic ProductsPEP - Protecting Electronic Products
PEP - Protecting Electronic Products
 
Infografik Produktschutz
Infografik ProduktschutzInfografik Produktschutz
Infografik Produktschutz
 
Cyber Security aus Sicht der Wissenschaft
Cyber Security aus Sicht der WissenschaftCyber Security aus Sicht der Wissenschaft
Cyber Security aus Sicht der Wissenschaft
 
Produktschutz Infografik
Produktschutz InfografikProduktschutz Infografik
Produktschutz Infografik
 
IKT-Trends und deren Bedeutung für eHealth
IKT-Trends und deren Bedeutung für eHealthIKT-Trends und deren Bedeutung für eHealth
IKT-Trends und deren Bedeutung für eHealth
 
Innovation braucht Sicherheit - Sicherheit braucht Forschung
Innovation braucht Sicherheit - Sicherheit braucht ForschungInnovation braucht Sicherheit - Sicherheit braucht Forschung
Innovation braucht Sicherheit - Sicherheit braucht Forschung
 
Alan Turing
Alan Turing Alan Turing
Alan Turing
 
Sicherheit im Smart Grid
Sicherheit im Smart GridSicherheit im Smart Grid
Sicherheit im Smart Grid
 
40 Jahre Informatik Hamburg
40 Jahre Informatik Hamburg40 Jahre Informatik Hamburg
40 Jahre Informatik Hamburg
 

Firmware Encryption and Secure Remote Update

  • 1. Firm w are Encry ption and S ecure Rem ote Update . www.aisec.fraunhofer.de
  • 2. The Problem Firmware Encryption and Secure Remote Update  Unprotected firmware can be copied, analyzed and modified  In-System interfaces allow access to the device firmware www.aisec.fraunhofer.de
  • 3. Solution Firmware Encryption and Secure Remote Update  Encryption prevents reverse engineering of firmware code  Obfuscation makes runtime analysis of firmware difficult  Memory protection mechanisms prevent access to stored firmware www.aisec.fraunhofer.de
  • 4. Solution Firmware Encryption and Secure Remote Update Production (initial setup) Field Service (firmware update) Crypto Parameter Boot Loader Encryption & Flash Tool Flash Tool Firmware . www.aisec.fraunhofer.de
  • 5. Our Offerings Firmware Encryption and Secure Remote Update  Tools for firmware encryption  Implementation of authentication and obfuscation mechanisms  Development and integration of firmware decryption in the boot loader  Optimal use of available security features on system platforms www.aisec.fraunhofer.de
  • 6. Your Benefit Firmware Encryption and Secure Remote Update  Protection of firmware against reverse engineering  Prevention of product piracy  Seamless integration of modern encryption and decryption methods www.aisec.fraunhofer.de