The implementation of device security is growing at an exponential rate and its easy to be faced with new security terminology on a regular basis.
Understanding the basics is a core element in achieving successful secure deployments. To help you stay on top of the evolving device security industry we offer you this list of commonly used terms below.
|Anti-Rollback Prevention:||A Silicon Labs technology to stop old firmware with potential security flaws being reloaded into a device.|
|Authenticity:||Assurance that code is from the source it claims to be.|
|Confidentiality:||Assurance that data is protected from being accessed by unapproved parties.
|Countermeasures:||Process or implementations that can prevent or mitigate the actions of a threat or an attack.;|
|Digital Signature:||Mathematical technique used to validate the authenticity and integrity of a content.|
|Differential Power Analysis (DPA):||A form of Side Channel Attack (SCA) based on analyzing power consumption variations of an electronic circuit performing crypto operations involving confidential keys.|
|Hands-On Attack:||Attackers have physical access to a device/product and use that to their advantage to gain access to product interfaces where they can extract secret(s) or inject alternate code.|
|Integrity:||Assurance that code has not been altered, modified or replaced. NIST Curves NIST has standardized elliptic curve cryptography for digital signature algorithms in FIPS 186 and for key establishment schemes in SP 800-56A. In FIPS 186-4, NIST recommends fifteen elliptic curves of varying security levels for use in these elliptic curve cryptographic standards. Visit the National Institute of Standards and Technology (NIST) for more information.|
|Root of Trust:||Secure foundation (hardware, software, firmware) of a system that cannot be tampered with by malwares.|
|Secure Boot:||Process where the initial boot phase is executed from an immutable memory (i.e. ROM) and where code is authenticated before being authorized to be executed.|
|Secure Element:||Tamper-resistant component used to securely store sensitive data, keys and to execute cryptographic functions and secure services.|
|Side Channel Attacks (SCA):||A form of security exploit that takes advantage of information leakage from an electronic circuit in order to extract confidential keys or secret information. The most common forms of attacks are conducted by monitoring power consumption and electromagnetic emission during cryptographic operations|
Our Product Security Incident Response Team (PSIRT) is responsible for ensuring the vulnerabilities discovered in our products are mitigated and communicated responsibly. If you detect a security threat, let us know.