INSIDE SECURE Shortens Time to Certification with World’s First FIPS 140-2-Certified IP Component2015-02-10
(via INSIDE Secure)
INSIDE Secure’s VaultIP delivers best in class security at the heart of smartphone and IoT devices to help silicon platform providers comply with stringent US government security standards while avoiding high costs and go-to-market delays of certification
Aix-en-Provence, France – INSIDE Secure (Euronext Paris: INSD), a leader in embedded security solutions for mobile and connected devices today announced FIPS 140-2 certification of VaultIP, the world’s first IP security module that speeds the path to silicon security certification and lowers costs for silicon platform providers. As an Intellectual Property (IP) component, VaultIP security hardware module can be integrated into application processors and other Systems-on-Chip (SoC) to support best in class security at the heart of smartphone and IoT (Internet of Things) devices. Customers can now leverage INSIDE Secure’s IP component to meet stringent US government security requirements and confidently promote the use of their products in security-sensitive applications like bring your own device (BYOD) and premium content access.
“Considered a benchmark for security in government, FIPS 140-2 validation assures users that a given technology has passed rigorous testing by an accredited third-party lab and can be trusted to secure sensitive information in accordance with the requirements of FIPS 140-2,” said Fiona Pattinson, Vice President of atsec. “We are honored to be the accredited laboratory chosen by INSIDE Secure to achieve this market first for their VaultIP security module that will enable more platform providers to build best in class security into their chip.”
The FIPS 140-2 standard dictates security requirements for US Federal agencies that use cryptography to protect sensitive information.These requirements often apply to identification, access control and BYOD, but also extend to services for mobile devices, like premium content delivery and mobile payments.Both US and Canadian government agencies accept FIPS 140-2 validation performed by the CMVP (Cryptographic Module Validation Program).
“In alignment with our vision that security must be tightly integrated at the heart of any system to truly be effective, VaultIP allows platform vendors to easily and cost effectively embed security at the core of the smartphone or device main processor, and in doing so, enablerobust platform securityfor IoT, BYOD and premium content,” said Martin Bergenwall, executive Vice President of INSIDE Secure. “The achievement of this critical milestone helps our customers overcome the challenges associated with certification and deliver more secure products to the market.”
An initial FIPS 140-2 certification can take over a year to achieve and requires significant financial investment. This is a huge barrier to best in class security for siliconplatform providersthat operate in cost sensitive and highly dynamic markets, with an average mobile application processor lifecycle of 6 months.
To help solve this critical challenge, INSIDE Secure’s VaultIP is delivered as a FIPS certified silicon IP security module that easily integrates into any chipto provide best in class hardware protected platform security capabilities such as: root or trust, secure boot and secure debug, key vault and asset store and secure encryption services to applications on (mobile) application processors and IoT SoCs. Previously, a platform vendor using this module integration process would not have been able to claim certification on the final silicon. Working in collaboration with the CMVP and atsec, INSIDE Secure was able to address this issue and obtain the first ever Level 2 FIPS 140-2 certificate (#2272) for an IP component.
With this certification, INSIDE Secure’s customers can apply for incremental recertification of their chip against the existing FIPS certificate for VaultIP. While full FIPS-140-2 Level 2 certification typically takes over a year to achieve, recertification using the initial validation as a base can significantly reduce costs and speed time to certification to one month on average.
INNOVATION AT WORK
INSIDE Secure maintains its position as the leader in embedded security by applying decades of security innovation and expertise to solve market challenges and help customers meet evolving security requirements. As the first commercially available FIPS 140-2 silicon hardware IP security module certified for CMVP Level 2, meeting the new National Institute of Standards and Technology (NIST) guidelines for IP sub-module pre-certification, VaultIP is a key example of this innovation at work.
INSIDE Secure’s hardware, firmware, middleware, software, and intellectual property work together to better secure everything from mobile devices and transactions to payment, access, and the Internet of Things. To learn more about VaultIP and its benefits, please visit www.insidesecure.com/Products-Technologies/Silicon-IP/Vault-IP
About INSIDE Secure
INSIDE Secure (Euronext Paris FR0010291245 – INSD) provides comprehensive embedded security solutions. World-leading companies rely on INSIDE Secure’s mobile security and secure transaction offerings to protect critical assets including connected devices, content, services, identity and transactions. Unmatched security expertise combined witha comprehensive range of IP, semiconductors, software and associated services gives INSIDE Secure customers a single source for advanced solutions and superior investment protection. For more information, visit http://www.insidesecure.com.