Silicon Labs Secure Vault suite addresses emerging regulations for IoT

Silicon Labs has announced Secure Vault, a security suite designed to address increasing threats and regulatory pressures arising from IoT connected devices.

The wireless Gecko series 2 platform uses Secure Vault, combining software security features with physically unclonable function (PUF) hardware technology.

Secure Vault’s hardware features are implemented in a wireless SoC package. The security subsystem, including a dedicated core, bus and memory, is separate from the host processor.

Separating the hardware in this way isolates critical features, such as secure key store management and cryptography, into their own functional areas, which the manufacturer claims makes the overall device more secure.

The combination of security features aims to address emerging regulatory measures, such as GDPR in Europe and SB-327 in California.

Integrating a security system with a wireless SoC helps designers simplify development and makes it possible to securely update connected devices over-the-air (OTA) throughout the product lifecycle. The delivery of genuine, trusted software or firmware to connected products serves to mitigate unforeseen exploits, threats and regulatory measures.

Secure Vault’s factory trust provisioning service with optional secure programming provides a device identity certificate during IC manufacturing for each individual silicon die, enabling post-deployment security, authenticity and attestation-based health checks.

With Secure Vault, keys are encrypted and isolated from the application code. All keys are encrypted using a master encryption key generated using a PUF.

The power-up signatures are unique to a single device, and master keys are created during the power up phase to eliminate master key storage.

The suite also offers product enclosure tamper-resistance through to tamper detection of silicon through voltage, frequency and temperature manipulations.

Configurable tamper-response enables developers to set-up response actions such interrupts, resets, secret key deletion.

Matt Johnson, senior vice president and general manager of IoT product at Silicon Labs says the suite takes advantage of “The most advanced integrated hardware and software security protection available today for IoT wireless SoCs”.