Product
Industry-Leading Security for Evolving IoT Threats
Securing the IoT is challenging. It’s also mission-critical. The challenge of protecting connected devices against frequently surfacing IoT security vulnerabilities follows device makers throughout the entire product lifecycle. Protecting your product in a connected world is a necessity as customer data and modern online business models are increasingly targets for costly hacks and corporate brand damage. To stay secure, device makers need an underlying security platform in the hardware, software, network, and cloud. We’ve got you covered.
Secure Vault
Secure Vault™ is an industry-leading suite of state-of-the-art security features that address escalating Internet of Things (IoT) threats, greatly reducing the risk of IoT ecosystem security breaches and the compromise of intellectual property or revenue loss from counterfeiting. Specifically, Secure Vault technology:
- Protects against scalable local and remote software attacks
- Defends against local hardware attacks, which – although historically less common than software attacks – are on the rise due to the surge of affordable and easily accessible tools
- Passes testing from independent, third-party laboratories that attempt to infringe security functions for a specified amount of time with sophisticated equipment
What Level of Security is Right for You?
-
High
-
Mid
-
Base
Secure Vault - High
Maximum security of the device is made available by protecting the communication channel and the device itself, both against logical and physical attack vectors. In addition to Vault-Mid capabilities, keys are wrapped using a Physically Unclonable Function (PUF), each device has a private key that uniquely identifies it, and the device also has advanced tamper detection settings that protect the device from any physical form of tamper.
Secure Vault - Mid
High level of security provided by ensuring protection of the communication channel and protection against logical attack vectors. In addition to Vault-Base capabilities, devices have authenticated firmware running on them thanks to a secure booting sequence with a Root of Trust and Secure Loader (RTSL). Devices also have secure debug capabilities to ensure only authentic personnel have the capability to debug the device. Secure Vault-Mid parts also include TrustZone support*. TrustZone support will enable protected storage of keys and other application firmware.
*TrustZone support is currently available on all BLE device, with a plan to release this support to
all other stacks in the near future.
Secure Vault - Base
Good level of security provided on the devices to by protecting the communication channel between two devices and encrypting the data that flows within it. Salient features of this tier include a secure application boot, proven cryptographic engines, and a True Random Number Generator (TRNG) function.
Silicon Labs IoT Product Security
| Feature | High | Mid | Base |
| True Random Number Generator | ✔ | ✔ | ✔ |
| Crypto Engine | ✔ | ✔ | ✔ |
| Secure Application Boot | ✔ | ✔ | ✔ |
| Secure Engine | HSE | VSE/HSE | — |
| Secure Boot with RTSL | ✔ | ✔ | — |
| Secure Debug with Lock/Unlock | ✔ | ✔ | — |
| DPA Countermeasures | ✔ | Optional | — |
| Anti-Tamper | ✔ | — | — |
| DFA Detection | Series 3 | — | — |
| Authenticated XiP (AXiP) | Series 3 | — | — |
| Secure Attestation | ✔ | — | — |
| Secure Key Management | ✔ | TrustZone | — |
| Advanced Crypto | ✔ | — | — |
Third Party Accreditation
Secure Vault has gathered third party accreditations & validations since its original launch in early 2020.
Training
IoT Security Training: Works With 2022
Our IoT security training reviews regulations and trends and how you can keep all facets of your IoT devices secure, including hardware, software, and more.
IoT Security Sessions:
- SIOT-101: IoT Security Regulation and How it Drives Innovation
- SIOT-102: Regulations Will Demand Security Warranties in IoT Devices
- SIOT-104: Wireless Stack Integration with TrustZone and Secure Vault
- SIOT-201: Applying Security to Verify the Authenticity of IoT Products
- SIOT-203: Onboarding IoT Devices and Security Management
Services
Custom Part Manufacturing Service (CPMS)
Customize Your Wireless Hardware and MCUs with Advanced Security and Unique Certificates.
Building an IoT device was easy in the past: developing code, flashing it on a chip, and manufacturing. Today, security is the ultimate challenge for IoT device makers. Your IoT device faces severe security threats throughout its entire supply chain, starting at the beginning of the outsourced manufacturing process.
Resources
Featured IoT Security White Papers
Preparing for Next-Gen Cyber Attacks on IoT
Matter Security: Applying Privacy Fundamentals
Report Vulnerability
Have you Discovered a Vulnerability?
Our Product Security Incident Response Team (PSIRT) is responsible for ensuring the vulnerabilities discovered in our products are mitigated and communicated responsibly. If you detect a security threat, let us know.
Information on how to subscribe to security notices can be found here.
Bug Bounty Program
Silicon Labs partners with HackerOne to reward ethical hackers for stress testing our infrastructure and products.
Our Bug Bounty program is managed by Hacker One. Anyone may submit vulnerability reports using the directions on the Report Product Security Vulnerabilities page. Rewards are provided for reports on certain targets as described on the page. Any interested hacker may contact the HackerOne support team.
Submission Form
Please submit your bug via our Submission Page.
Thanks for helping keep Silicon Labs and our users safe!