TPM, a dedicated cryptoprocessor chip embedded in the system’s main board, is designed to store cryptographic keys and provide additional cryptographic services such as random number generation. With the inclusion of TPM support in ELinOS, developers can now build more secure embedded systems that leverage a range of critical security functions.
ELinOS provides a full suite of TPMv2 tools and libraries, empowering developers with the latest in hardware security capabilities. Additionally, the integration with systemd allows for secure automatic encryption of hard disks. The decryption keys are securely stored and retrieved from the TPM during system boot, ensuring that encrypted filesystems are both easy to use and fully protected from unauthorized access. Furthermore, the TPM integration includes tools to manage board-specific devices, offering a tailored solution for various hardware configurations.
The non-volatile RAM (NVRAM) feature of TPM allows for the secure reading and writing of values that are protected through secure boot or password mechanisms, ensuring the integrity and confidentiality of sensitive data. ELinOS also takes advantage of the TPM’s built-in encryption and decryption algorithms, enabling hardware-based security measures that protect sensitive information and communications. The hardware Random Number Generator (RNG) functionality of TPM ensures the generation of true random numbers, which is crucial for secure cryptographic operations. Moreover, in the event of suspicious activity or tampering attempts, TPM can trigger lock-out mechanisms to prevent unauthorized access, thereby safeguarding the integrity of the system.
The addition of TPM support to ELinOS unlocks new security-focused use cases in embedded systems. Developers can simplify the encryption of hard drives while ensuring maximum security, with the TPM managing decryption keys without user intervention. Additionally, the secure key storage feature allows for the safe storage of cryptographic keys in TPM, which protects critical information such as system credentials, firmware integrity, and encryption details. Users can also encrypt and decrypt sensitive data using TPM’s secure algorithms, significantly reducing the risk of data theft or manipulation. Furthermore, TPM is particularly suited for embedded devices in critical sectors such as industrial automation, healthcare, and transportation, where robust security is paramount.
“With the addition of TPM support in ELinOS, SYSGO continues its mission to provide the highest standards of security for embedded systems,” said David Engraf, Head of Product Development at SYSGO. “This feature enables developers to fully leverage hardware-based cryptography, ensuring their embedded devices are protected from emerging security threats.”
TPM support is available now as part of ELinOS 7.2.1. Developers and customers interested in exploring the enhanced security features are encouraged to contact SYSGO for more information.
Discover the performance of ELinOS for yourself – download the free test version and experience its features: www.sysgo.com/get-elinos
For more information, visit www.sysgo.com/elinos
Twitter
LinkedIn
Facebook
Pocket
RSS
