EnactTrust - the First Remote Attestation Solution for Safety-critical Applications

EnactTrust offers state-of-the-art security and compliance solutions for IoT and Edge systems. Today, we are announcing the general availability of the safety-critical capabilities that were demonstrated in June at Embedded World (EW2022). EW2022 is the world’s largest IoT trade fair and it takes place every year in Nuremberg, Germany.

GPIO Remote Attestation

For the first time, there is a remote attestation solution with capabilities to prevent loss or severe damage to equipment in case of compromised embedded software (e.g. firmware, bootloader, RTOS).

Typically, once an embedded system is compromised, there is no guaranteed way to perform critical actions, like indication of a system fault and control over sensors and actuators. Now, thanks to the latest EnactTrust solution, it is possible to monitor and control GPIO even when your system software is compromised.

This enables important use cases for safety-critical applications in the automotive, railway and medical industry. Here are some examples:

*The functionality below is performed in parallel with the alerts in the EnactTrust Security Cloud.

• In case of compromised software of a fire alarm, EnactTrust can provide a visual fault alert using our safety-critical GPIO.

• In case of physical compromise of a railway signaling system, EnactTrust can turn on a maintenance indication using our safety-critical GPIO, until the arrival of authorized personnel.

• In case of a compromised medical ventilation system with danger of serious injury to people, EnactTrust can switch off the power supply of actuators thanks to our safety-critical GPIO.

• In case of a compromised monitoring system with danger of environmental harm, EnactTrust can switch the mode of the sensor in order to send more data and help with the incident investigation and response.

Embedded Systems Security and Compliance

Alongside the new capabilities, EnactTrust continues to be a portable solution for embedded systems of any type and size. Our attestation service maintains the known good state of system configuration and applications, protects critical application data from tampering and creates an audit trail for any modification of the system.

We also provide the building blocks for compliance with the worldwide regulations for connected systems, a shortlist: International IEC-62443, EU Cybersecurity Act, UK Secure by Design, US IoT Cybersecurity Act.

EnactTrust offers this solution using the newest ST33 TPM 2.0 industrial security chip from STMicroelectronics.

Contact us at info[@]enacttrust.com if you are interested in learning more about IoT & Edge security for safety-critical systems.