In a conventional flash driven system, the typical security boundary, or attack surface, is the external interfaces (the RTOS and host application combined as a block). With the SAFERTOS ESM, the attack surface is considered to be the boundary of a user mode Task. The objective of the ESM is to make it possible for the application designer to reduce the attack surface of a user mode Task to a minimum. This thereby restricts a bad actor to just the compromised user mode Task, and prevents access to the rest of the system.
The new enhanced security module hardens the external interfaces offered by the RTOS to provide protection against malicious activities in a task compromised by a bad actor.
Typical Users include:
- Developers that need complete data protection in high risk applications in markets such as medical;
- Developers using large, complex devices on multiple cores that may be running code from outside sources;
- Developers using software of unknown provenance.
ESM integrates well with hardware security modules such as Arm TrustZone, or STMicroelectronics’ Secure Boot.