secure THINGZ (logo).

Secure Thingz

Secure Thingz, a domain expert in security, microcontrollers and embedded systems, was established to deliver enhanced security into the Internet of Things (IoT) with a focus on emerging Industrial IoT, critical infrastructure, automotive and other markets. Secure Thingz offers solutions for secure device foundation software, secure device production, secure application development and secure lifecycle management.

Secure Thingz makes security simpler to implement across devices and applications, ensuring security from design to manufacturing and enhancing management across the lifecycle of a device.

To ensure the “Supply Chain of Trust,” Secure Thingz delivers a high-security, cryptographic framework that ensures stakeholder alignment across silicon vendor, OEM, programming centre, contract manufacturer, and end user. The Secure Deploy™ architecture ensures a cost-efficient root of trust in microcontrollers and microprocessors, to deliver a core set of critical services through the product lifecycle, alongside secure production, deployment and update infrastructure.

By aligning the ecosystem and bringing the right mix of solutions for the supply chain with the right partners, Secure Thingz is enabling a host of new opportunities based on a more secure IoT.

“Traditional solutions for IoT security are unable to defend against rapidly advancing threats, and new approaches need to be taken to as billions of cloud-connected devices come online. Secure Thingz believes that the best approach is building in security from inception and developing a robust chain of trust across the entire product lifecycle. Arm’s Platform Security Architecture will help the industry realize a more secure IoT, and we are pleased to be aligned with this solution in achieving that vision.”

Krishna Anne, President and CEO, Secure Thingz.


Secure Deploy architecture

The Secure Thingz Secure Deploy architecture is an advanced, integrated framework to deliver a PSA-aligned Supply Chain of Trust. The solution enables the protection of critical IP from design to deployment, ensuring:

Simple management of critical intellectual property across the development and manufacturing process

  • Secure programming/provisioning of the system with keys and certificates built on top of a root of trust consistent with PSA principles.
  • Simple management of an OEM’s critical IP across both development and manufacturing.
  • Seamless integration into tier-1 programming and manufacturing systems.
  • Robust root-of-trust frameworks for complex identification and ownership across the device lifecycle.
  • Integrated key and certificate management simplifying and securing development, manufacturing and applications.

The Guardian product family

Secure production of devices is the cornerstone of securing the IoT, and Secure Thingz and its partners have developed solutions for your requirements.

The Guardian platform enables OEMs to encrypt their critical IP and control which manufacturing facilities have access to the deliverables. Through this highly secure framework, operating between physically tamper-resistant hardware security modules (HSMs), the OEM can define specific quantity production, target programmer information, versioning and multiple other production capabilities, to any enabled machine globally. The platform enables factories to service multiple OEMs securely, and OEMs to work with multiple production partners, creating a secure, yet balanced ecosystem.

Secure Thingz, in partnership with Data I/O, has developed the Data I/O Sentrix platform that integrates physical-device handling with the Guardian provisioning solutions to enable high-mix, high-volume production within programming houses and contract manufacturers globally.

The Citadel product family

Secure Thingz engages with silicon vendors and OEMs working on Arm-based devices to enable Citadel security solutions. These solutions comprise a set of secure boot management functionality that operates within the lowest-level control domains to secure the device from the ground up; alongside integrated development environment (IDE) extensions to the leading development tools.

The Citadel firmware encompasses critical, low-level functionality to provide the trust anchors within the root of trust. The firmware integrates onto the core cryptographic hardware to ensure credentials (keys and certificates) can be managed and stored correctly, across the three critical phases of factory provisioning, operational start-up, and patching and remediation cycles.

The Citadel IDE extensions are designed to substantially simplify secure application development. The extensions integrate the device root-of-trust framework to provide a consistent approach to key development and management, the creation of standard ownership functions, such as certificate issuance and revocation, plus application and update mastering with encryption and key exchanges fully integrated.