The 8-stage approach to keeping OEMs lawful
View in browser
Foundries.io News - banner

Cybersecurity Legislation Compliance - Deadline Looms

Hi there,

Government legislation looms in the US, Europe and UK, adding to what we already knew about ensuring that end device users are properly assured and protected. The liability on OEMs will no longer stop once products are shipped - development processes need to lend themselves to prioritizing security for the full lifetime of a product.
george-grey

In this newsletter, we'd like to share with you our new Cybersecurity White Paper: Embedded Linux, Licensing and Cybersecurity, eeNews' article summarizing our 8-Stage approach, technical level blogs, our latest product news and contributions from key partners.

You can get in touch with me directly via LinkedIn at any time, and follow my posts for my thoughts on where we are and where we’re going with connected embedded secure devices. 

george

George Grey, Foundries.io CEO

Articles, Blogs & Expert Updates

We hope you find our latest content useful in shaping how you might approach your specific projects.


WHITE PAPER:  Embedded Linux: Licensing and Cybersecurity

As cybersecurity becomes an increasingly important design consideration, new challenges arise as devices are implemented with secure boot and hardware security elements and/or secure enclaves. Legal issues arise from the use of GPL software, and increasingly stringent worldwide legislation, including the proposed EU Cyber Resilience act that impacts a wide range of market segments from consumer to industrial. This requires new security measures to be present on all devices including secure boot, SBOM auditing and FOTA update capabilities.

Download this new white paper, guiding you through the demands of forthcoming legislation, potential pitfalls and how to avoid crippling fines. Foundries.io CEO George Grey explores the challenges and best practices for implementation of Linux device security on current and new IoT and Edge products.

embedded-linux-licensing-and-cybersecurity front image

eeNews ARTICLE: Unifying the Fragmented Embedded Product Lifecycle
OEMs lose time and money as a result of a fragmented embedded product lifecycle. Pressure is increasing for device builders to change their development processes, with legislation on its way insisting that products are fully secured. Once devices are shipped, it is often the case that product maintenance out in the field is not up to scratch, and in many cases cannot withstand the increasing threat of cyber attacks. But why is getting maintenance and security right such a headache?

This new eeNews article takes you through the 8-Stage Product Lifecycle that Foundries.io has identified, and outlines how FoundriesFactory provides the remedy. 

8-Stage Marketing FIO Asset Problem Copyright_1

TECHNICAL BLOG: Securing Your Factory Updates with Ed25519 Elliptic Curve 

We provide engineers with technical dive into The Update Framework (TUF) in this blog from our Backend Senior Software Engineer, Volodymyr Khoroz. Read on to understand why we would recommend choosing a specific type of cryptographic keys to use within TUF and how the Foundries.io team have worked on a one button solution for key rotation.

TECHNICAL BLOG: PKCS#11 With OP-TEE Secures the Linux microPlatform IoT Keys and Certificates

The Public Key Cryptography Standard #11 defines a secure API which allows clients to access cryptographic devices for key generation, encryption, decryption, digital signatures and storage in a future-proof vendor-neutral way. Read our Platform Security Tech Lead Jorge Ramirez Ortiz's technical blog to understand Foundries.io's approach to securing keys and certificates, using the OP-TEE PKCS#11 standard within our Linux microPlatformTM (LmP).

Product News

V90 Release - New Features & Key Updates:

Our major new FoundriesFactory® release, v90, was recently made available to all our customers. Highlights include initial support for NXP® i.MX 93 and i.MX 8ULP Evaluation Kits, plus Fioconfig support for client certificate rotation. We have also made updates to the OE/Yocto, kernel, BSPs, packages, and utilities.

These and further highlights are listed below, and you can also see the detailed release notes here.  The full documentation for our v90 release can be found here.

New Features:

  • Initial support for NXP i.MX 93 Evaluation Kit (imx93-11x11-lpddr4x-evk)
  • Initial support for NXP i.MX 8ULP Evaluation Kit (imx8ulp-lpddr4-evk)
  • Fioconfig now supports client certificate rotation
  • Support for TPM2 PKCS#11 with OpenSSL 3.x
  • Initial support for boot firmware rollback protection

Key Updates:

  • LMP release based on the OE/Yocto 4.0.9 Kirkstone release
  • Bitbake updated to the 2.0.9 release
  • Layer meta-lts-mixins added for a more recent golang release (1.20.1)
  • OP-TEE updated to the 3.20.0+fio release
  • OP-TEE SE05X support updated based on the NXP Plug-And-Trust v04.03.01 release
  • NXP BSP updated to the lf-5.15.71-2.2.0 release
  • NVIDIA Tegra BSP updated to the 5.1 JetPack GA release (L4T R35.2.1)
  • TI BSP updated to the 08.06.00.007 release
  • OpenSSL updated to the 3.0.8 release
  • More Updates Here

To learn more about v90 and our FoundriesFactory DevOps product in relation to your exact needs, you can book a personalized demo experience with one of our experts.

    Partner Spotlight

    TI ARM®-based processors come alive with FoundriesFactory

      At Embedded World 2023, our CMO John Weil discussed how Foundries.io and TI work together to streamline designs and speed time to market for IoT and Edge AI products. Watch the short video to find out more.

      image-20230616-144318

      Events


      Partners Webinar: Kickstart Your Smart Industrial Solutions with ADLINK I-Pi SMARC Development Kit Based NXP® i.MX 8M Plus SoC

      Learn how to leverage ADLINK’s I-PI SMARC IMX8M Plus development kit, featuring NXP® i.MX 8M Plus application processors, to fulfil your home automation needs using hardware-to-top.

      image-20230616-143752

      Go Ahead and Find Out More

      There are several ways you can find out more, from online resources to booking a 1:1 online meeting:
      If you’re new to Foundries.io and our FoundriesFactory product, take a look through our quick introduction video. You can also catch up on our latest blogs.

      Book a personalized demo with our experts. For your own personalized demo, register your details and indicate a date and time that suits you best.  

      Book-A-Demo

      You can also contact us directly to seek expertise for your exact needs by emailing us any time at hello@foundries.io.

      Website
      LinkedIn
      Twitter
      YouTube

      Copyright © 2023 Foundries.io, All rights reserved.


      You are receiving this email because you opted in via our website or because you have recently become a new user of FoundriesFactory and we want to keep you updated with our news and activities.

       

      Our mailing address:

      Foundries.io, The Bradfield Centre, 184 Cambridge Science Park, Cambridge

      Cambridgeshire, CB4 0GA, United Kingdom

      Want to change how you receive these emails?
      You can Unsubscribe or Manage Preferences.