Infineon OPTIGA TPM SLM 9670 Title (MT)

Display portlet menu

Infineon OPTIGA™ TPM SLM 9670

Infineon OPTIGA TPM SLM 9670 Intro (LC)

Display portlet menu

Best choice for protecting remote updates in Smart Factories

The Challenge

In smart factories, configurations and design data will be updated remotely and automatically. Preserving the confidentiality of these updates is essential in order to protect Intellectual Property. Authentication and integrity protection are important to enable only valid configurations and hinder attackers from impersonating a server or robot.

The preferred security solution hardened against attacks

Using the TLS (Transport Layer Security) protocol for authenticated and confidential communications is a widespread approach. The security of TLS is based on the TLS handshake, where the two communicating parties authenticate each other and derive a session key that is used to protect the communications session. The security of the entire system depends on the certificates and the private keys. Keeping the private keys secured is of utmost importance in order to protect against impersonating attacks.

OPTIGA™ TPM improves the security of the remote data exchange significantly

Infineon OPTIGA TPM SLM 9670 Remote Data Exchange (LC)

Display portlet menu

Each party starts with its own public-private key pair and verifiable certificates binding its identity and public key:

  1. The update server sends message 1 to the control system, including a random challenge
  2. The control system responds with message 2, which contains the control system’s certificates, a new random number, and cryptographic signatures of the messages sent so far
  3. The update server responds with message 3, which contains the update server’s certificates and signatures

As a result, a session key is derived that is used to protect the communication between the two parties. 

Infineon OPTIHS TPM System Graphic

Infineon OPTIGA TPM SLM 9670 Comparison (LC)

Display portlet menu

Keeping the private keys secured is of utmost importance – please see below why OPTIGA™ TPM is the preferred choice for this challenge:
 

Infineon OPTIGA TPM SLM 9760 comparison

Usually the secret keys are kept in the shared memory. Software vulnerabilities in the operating system could be exploited to steal the keys for example.

With OPTIGA™ TPM, secrets are stored in a discrete, certified chip effectively reducing the attack surface. The secret keys are kept and processed inside the device, so it gets independent of software vulnerabilities of the OS and applications.

 

Infineon OPTIGA TPM SLM 9670 (MM)

Display portlet menu

OPTIGA™ TPM SLM 9670 offers robust security – best fit for industrial and other demanding conditions

The OPTIGA™ TPM SLM 9670 serves as robust foundation to protect the integrity and identity of industrial PCs, servers, industrial controllers or edge gateways. It controls access to sensitive data in key positions in a connected, automated factory as well as at the interface to the cloud. OPTIGA™ TPM is a ready-to-use security building block offering an operating lifetime of 20 years and industrial-grade quality. 

Key Benefits

  • Standardized and certified 
  • Extended temperature range of -40° to 105° Celsius 
  • Meets stringent requirements of industry in terms of robustness and quality - qualified according to the industrial JEDEC JESD47 standard

To find out more, click here and download the product brief.

Buy Now