Session Timeout

Your session is about to expire. Do you want to extend the session?

00:

Extend My Session

Custom Meta Tags

EBV Infineon OPTIGA Hero Banner (HB)

Infineon OPTIGA™ product family

EBV - Infineon OPTIGA TPM Provisioning Sub Navigation (SN)

EBV - Infineon OPTIGA TPM Provisioning Static HTML

OPTIGA™ TPM Provisioning

To further simplify the task of secured key provisioning during device manufacturing, Infineon collaborates with EBV. This alliance enables the secured provisioning of Infineon’s OPTIGA™ TPM with customer´s credentials using EBV’s state-of-the-art programming technology in a secured facility, thus simplifying the production process.

Advantages of pre-provisioned chips:

no need to manage keys and provision credentials
flexibility in production (in-house or outsourced to EMS) without investment in additional security measures

Infineon OPTIGA™ TPM Provisioning with EBV Secure it

OPTIGA™ TPM – simpler and faster secured key provisioning for IoT devices

IoT: Secured identity is key

IoT security starts with identity: Every IoT device needs a strong and unique identity so it can authenticate itself as trustworthy when it connects to the IoT.
Given the importance of this IDoT (Identity of Things), the secret keys and credentials establishing that identity must be protected against unauthorized access. Device credentials are usually provisioned during device manufacturing. Establishing a secured manufacturing environment is therefore required and can be challenging for OEMs. Consequently, outsourcing production can even further increase the security risks around provisioning.

Addressing today’s secured key provisioning challenges

Secret keys may be leaked if the underlying security solutions offer weak resistance to tampering
Secret keys may be leaked during the provisioning process if the outsourced production environment is not highly secure
Provisioning of initial device credentials is usually complex and cost-intensive in volume production

OPTIGA™ TPM - Best choice for simpler and faster secured device key provisioning

The OPTIGA™ TPM (Trusted Platform Module) security controller supports the pre-provisioning of credentials in a secured chip. The chip provides a tamper-resistant memory to securely store the cryptographic keys and credentials needed for the device to authenticate and register with cloud services. It acts like a vault, safeguarding the keys along the entire value chain and beyond:

Infineon Logo

Shared Contact EBV (GBL)

Do you have a Question?

Contact EBV

If you need any assistance, please click below to find your closest EBV sales office.

EBV - Infineon OPTIGA Trust Grid Box Light - Simple (GBLS)

Related literature

Brochure - Infineon’s OPTIGA™ embedded security solutions

EBV - Infineon Optiga - TPM Provisioning Use case Grid Box Light (GBL)

Partner Use Case

Personalized security solutions based on hardware-based security like the OPTIGA™ TPM provide excellent protection for a large variety of application scenarios but also require custom certificates and programming.

read now

EBV - Infineon OPTIGA TPM Static HTML

OPTIGA™ TPM is the solution of choice for secured key provisioning

EBV - Infineon OPTIGA Provisioning Static HTML

Keys are typically provisioned during device manufacturing

EBV - Infineon OPTIGA TPM Provisioning table Static HTML

Keeping secret keys safe and well secured is at the heart of IoT security. See below why OPTIGA™ TPM is the preferred choice for this challenge.

EBV - Infineon OPTIGA TPM Software only Static HTML

IoT device with Software-only security

Usually, secret keys are kept in the shared memory. Software vulnerabilities in the operating system could be exploited to expose or access the keys, for example.

EBV - Infineon OPTIGA TPM based security Static HTML

IoT Device with TPM-based security

With OPTIGA™ TPM, secret keys are stored in a discrete, certified chip so they remain and are processed inside the chip. This reduces the attack surface, making key security highly immune to software vulnerabilities at operating system and application level.

EBV - Infineon OPTIGA TPM security Static HTML

Acting as a hardware trust anchor, the Infineon OPTIGA™ TPM is far more resistant to attacks than software-only approaches. It provides a secured storage vault for keys and also executes the associated cryptographic processes that use those keys. It thus secures the long-term cryptographic credentials for authentication and cloud connectivity. In addition, it supports authenticity checks for software updates and secures remote access.

EBV - Infineon OPTIGA Secure programming Static HTML

Two approaches to IoT security: secured programming and secured provisioning

There are two main ways of securing an IoT device, through secured programming and secured provisioning.

Secured programming uses software on the device to provide security. This can protect the device’s firmware but may not offer enough protection from cyberattacks such as counterfeiting. And we know from experience that one of the main ways in which attackers compromise systems is by finding and exploiting programming bugs. In some cases, the exploits that follow from such security breaches are unrecoverable.

The secured programming approach is suitable for low-level applications in which a malfunction won’t cause injury or harm. It’s also suitable for devices that provide security without needing two-way communication with the programming system. Secured programming doesn’t rely on additional hardware, which saves money but doesn’t provide as much security as is possible with more costly approaches.

Ready-to-use TPM with SPI interface and PQC-protected firmware update mechanism optimized for PCs and servers.

Learn More

EBV Tracking code Static HTML

Complementary Content

${loading}