ioXt Alliance “SmartCert” certification against the ioXt 2020 Base Profile has been granted.
The ioXt 2020 Base Profile assures that the base ioXt security pledge is met which requires a device to secure its external interfaces, provide proven cryptography, and is secured by default out of the box. The requirement also requires the product to run verified software, provides secure software updates, and has a public vulnerability reporting process.
The Silicon Labs reporting process provides customers both a mechanism to report vulnerabilities they have found and receive notifications of vulnerabilities reported to the Silicon Labs PSIRT committee.
The ioXt Alliance is a large advocate in achieving scalability by allowing for the inheritance of security certifications. For example; they recognize the Arm PSA certification to show that the device has a hardware root of trust for verifying software. It also means that any device going through ioXt Alliance certification with an xG21B device will be able to leverage the Silicon Labs EFRMG21B development kit certification and not have to repeat test cases that our chip has already passed.
Silicon Labs offers the first wireless SoC to achieve Arm PSA Level 2 certification (EFRxG21B) and there are only two other chips globally that have achieved this level of certification from Arm (at the time of this release 2020-09). This certification provides proof that the Silicon Labs design adheres to the well-respected Platform Security Architecture from Arm and will provide a proven “Hardware Root of Trust” which is starting to become a highly desired feature in IoT devices to anchor their security capabilities.
PSA Level 2 certification ensures several security features are robust by ensuring separation between a secure processing environment and a non-secure processing environment, a secure boot process with integrity and authenticity checks, secure storage of assets (e.g. secret keys) that must maintain confidentiality, and strong proven cryptographic functions.
Silicon Labs has completed extensive independent vulnerability penetration testing from the industry established Riscure Security Certification Services.
For this evaluation, Riscure performed a vulnerability analysis of our secure boot and secure debug and determined that it was infeasible for them to break. Our ECC and AES encryption were also evaluated for side-channel leakage with very high grades. The AES engine was further evaluated using Differential Fault Analysis (DFA) and the ECC engine was evaluated using Correlation Power Analysis (CPA) and again scored very well. Other areas evaluated by Riscure in the report were our Secure Element mailbox and tamper detection which again showed strong resistance to attacks.
This report can be shared as needed by Sales with customers under NDA and can be reviewed with the customer in a Video chat with our Security Apps team if required.
A distinguished independent panel of engineering and academic professionals at LEAP (Leadership in Engineering Achievement Program) awarded Secure Vault the gold medal in the 2020 LEAP Awards Connectivity category, citing it as a “new contemporary solution to an ever-evolving problem in privacy and security.” The annual LEAP Awards celebrate the most innovative and forward-thinking products serving the design engineering space.
Our Product Security Incident Response Team (PSIRT) is responsible for ensuring the vulnerabilities discovered in our products are mitigated and communicated responsibly. If you detect a security threat, let us know.
Please select at least one column.