embedded world 2024 Best in Show Nominees: Security
April 01, 2024
Story
The Embedded Computing Design editorial staff is pleased to present this year’s embedded world Best-in-Show nominees in the Security category:
Cybellum - The Product Security Platform
Cybellum's Product Security Platform allows manufacturers to manage security risk and compliance across their products' entire lifecycles. Designed to integrate into a team’s existing workflow, the Product Security Platform addresses the four key pillars of product security maturity that companies must follow to protect their devices and their users. They are Assets- Defining assets and utilizing diverse data sources like SBOMs for a comprehensive view; Assurance- Enabling threat assessments, prioritization, data enrichment, and security testing; Compliance- Maintaining a live, historical document repository for product compliance and internal policy reports; Risk & Governance- Assessing product security effectiveness against threats.
In addition to enabling manufacturers to rapidly comply with regulations, the Product Security Platform is focused on securing the mission-critical connected devices that we rely on every day, and may even take for granted, such as vehicles, medical devices, industrial equipment, telecom equipment, and more. Addresses A Critical Need: Cybellum recognizes the unique security challenges of modern connected devices, offering a specialized solution that ties together the most important parts of product cybersecurity risk management under one roof. Centralized: The platform tackles SBOM management, vulnerability assessment, compliance tracking, and incident response, providing an all-in-one solution for manufacturers. Proven Success: Endorsement by global manufacturing leaders speaks to Cybellum's effectiveness and real-world impact. In fact, Cybellum was acquired in 2021 by LG Electronics due to its unique field-proven technology and customer base. Innovation: Cybellum's pioneering approach to connected product security demonstrates its commitment to safeguarding a rapidly evolving technological landscape.
For more information, visit: https://cybellum.com/platform
PTC- PTC Perc PVM Protect
Unlike traditional Java platforms, PTC Perc supports sub-millisecond response times for mission-critical Java software running on 32 and 64-bit Linux platforms with x86 and ARM processors. PTC Perc real-time embedded Java has long provided developers the ability to combine all their Java code, resources, and required files in a standalone binary. The new PVM Protect tool in Perc adds the ability to fully encrypt and encapsulate the binary into a self-decrypting launcher using modern cryptographic algorithms and Trusted Platform Module (TPM) 2.0 \hardware.
Traditional Java-based systems are deployed with “jar” archives containing proprietary software. The contents of jars are readily reverse-engineered to source code. This poses a problem for systems in which confidentiality and security are critical requirements. Unlike traditional Java obfuscators, PVM Protect offers tamper-proof end-to-end encryption of Java application code, resources, and files from build to deployment to execution. Only target systems with TPM hardware provisioned with a customer's private key can decrypt and launch the binary from RAM without storing decrypted code or data on disk.
For more information, visit: https://www.ptc.com/en/products/developer-tools/perc
Pantherun Technologies – AES-Based Encryption
Pantherun has developed a patented data protection algorithm to transform security for data throughputs of up to 10 Gbps, using an implementation of AES encryption in real-time, that eliminates the vulnerabilities associated with key exchange. This is ideally suited to work both on Edge devices as well as on the Cloud, both for data at rest and in motion. Unlike methods like SSL/TLS, IPSec, MACSec based on AES and their adaptations to vertical segments that are prevalent today, the Pantherun encryption, also based on the Industry standard AES, makes no change in data format and requires no clear-text handshaking exchanges to communicate keys, or encryption methodology, thus providing no clues to listeners on the network on what type of encryption such as AES/RC4 is used, how many bits length of key (128/256) is used, or the method by which the key is generated. As there is no need for key exchanges of any kind, this makes breaches harder due to the complete lack of clues to the listener.
It’s the only solution that can ensure that AES-based encryption can withstand attacks such as MITM, Replay, and Side Channel on Embedded products that work on the Edge. It is implemented in a very compact and efficient manner, allowing for AES-based encryption of data on the move at speeds ranging as high as 1-10Gbps, thus ideal for running on Layer 2 and Layer 3 data in applications as diverse as Automotive, Industrial IoT, Mobile, Wearable, Surveillance, Smart City, Energy, Retail and Consumer, and so on.
For more information, visit: https://pantherun.com/zero-data-format/
WIBU-SYSTEMS AG - CmReady
CmReady by Wibu-Systems heralds a new era in software protection and licensing management, specifically designed for memory card vendors and their clientele. This cutting-edge technology leverages the unique Hardware ID (UID) of memory cards, combined with secure, monotonically increasing counters to thwart replay attacks. It seamlessly integrates with Wibu-Systems’ robust CodeMeter licensing framework, supporting both Windows and Linux OS across Intel and ARM architectures. CmReady memory cards ensure compatibility with CodeMeter Runtime and CodeMeter Embedded, vital for executing safeguarded applications on a wide array of desktop and embedded platforms, setting a new standard for secure and flexible software deployment.
CmReady stands at the forefront of innovation, merging the convenience of mass storage memory cards with the sophistication of top-tier software protection and dynamic license management. With CmReady certification, memory cards also transform into secure software license containers, offering a seamless and cost-efficient licensing solution. This innovation eliminates the need for hardware-bound licenses, allowing effortless, on-the-go software activation via a simple plugin download. Building on two decades of security expertise, CmReady transcends traditional software licensing models, offering unparalleled security and portability. This represents a monumental leap forward, blending mature technology with the practicality of hardware-based mobility.
For more information, visit: https://www.wibu.com/interested-in-cmready-mass-storage-devices.html
OP4, Inc. - OP[4] Product Security Platform
The OP[4] Product Security Platform simplifies cybersecurity risk management for smart device OEMs throughout the product lifecycle. Built on groundbreaking DARPA tech, the platform performs automated binary analysis to detect, validate, and remediate zero-day software vulnerabilities that an attacker could exploit. The comprehensive platform is used by device manufacturers and system integrators to drive secure-by-design initiatives and eliminate security risks, through: • Software dependency analysis (binary SBOM + VEX generation) • Automated X-day vulnerability detection + exploitability analysis • Continuous penetration testing through device firmware emulation • Regulatory compliance guidance and security control validation • Incident response issue tracking, triage, assignment, & resolution.
The OP[4] Product Security Platform stands out as a novel innovation for advancing secure-by-design initiatives in embedded systems. It directly addresses the challenge of adhering to complex government cybersecurity regulations using both automation advancements in binary analysis and codifying expert technical implementation guidance into simplified workflows. The platform integrates software-bill-of-materials (SBOM) and vulnerability-exchange (VEX) generation to provide comprehensive visibility and control over software supply chain risks and also provides continuous red-team evaluation and proactive incident response management. This holistic lifecycle security approach simplifies compliance and empowers developers to prioritize security without compromising on innovation speed or quality, making the OP[4] Product Security Platform a clear choice for top security innovation at the Embedded World conference.
For more information, visit: https://op4.io
