Secure Manager simplifies embedded designs on ST microcontrollers
STMicroelectronics has launched a secure manager that it says is the first ‘out of the box’ security product for embedded system-on-chip applications.
The STM32Trust TEE Secure Manager is first implemented in the STM32H5 and saves developers writing and validating their own code while providing security services developed according to best practices.
ST was a lead development partner with ARM for the development of the Cortex-M33 core to comply with the PSA Certified Level 3 security specifications. ST has also collaborated with Microsoft Azure on middleware with strong security and worked with ProvenRun in the development of the STM32Trust TEE Secure Manager, powered by the company’s ProvenCore-M secure Trusted Execution Environment Operating System.
ST has pre-qualified the Kudelski IoT keystream root of trust on the Secure Manager to allow remote credential lifecycle management services. The result is a plug-in security solution providing security services that include isolation, cryptography, key storage, and initial attestation.
“The growing emphasis on application security and customers’ need to deliver certified secure, high-performance applications quickly, encouraged us to work closely with ST Authorized Partner ProvenRun to build the STM32Trust TEE Secure Manager,” said Ricardo De Sa Earp, Executive Vice President General-Purpose Microcontroller Sub-Group, Microcontrollers and Digital ICs Group.
“The Secure Manager keeps users, assets, and data secure by enhancing and simplifying the addition of valuable security services to customer developments while easing their certifications.”
“We have enthusiastically co-developed the Secure Manager with ST to bring it into a mass-market, easy-to-use security solution within the STM32Cube ecosystem,” said Dominique Bolignano, President & Founder of ProvenRun.
“We trust that the integration of our ProvenCore-M technology will support customers’ efforts to dramatically increase the security robustness of their applications over time.”
“Digital identities, provisioning and credentials management are at the heart of security for IoT devices. The pre-integration and validation of our IoT keySTREAM within ST’s Secure Manager increases device security while relieving the manufacturer’s pain of managing credentials in complex and insecure production environments by enabling in-field, zero-touch provisioning,” said Hardy Schmidbauer, SVP of Kudelski IoT.
Following its inclusion in the STM32H5, ST plans to make the STM32Trust TEE Secure Manager available on a broad range of STM32 MCU series.