Secure software and firmware update

Software and firmware updates need robust protection

In the past, many attempts have been made to secure devices with software only. Unfortunately, software has several inherent and significant weaknesses. Software is written code, and code can be read and analyzed. And once it has been analyzed, it can be modified to the requirements of an attacker. And if a device is re-programmed with modified software, the authentication process and system integrity can be broken.

Another potential and severe weakness of software-based solutions is the inappropriate storage of secret keys during various process and production steps. Typically, in software-based protection systems, attackers can easily identify secret keys that are built into the software or otherwise stored in readable form.

However, software can be protected by hardware. Secured hardware protects the processing and storage of code using encryption, fault and manipulation detection, and secure code and data storage. Software thus becomes trustworthy by combining it with secured hardware. This has been proven by extensive experience in trusted computing, the use of secure elements in mobile phones and the protection of smart grids. In all of these cases, secured hardware provides the extra protection needed for security-sensitive code and data.

Creating peace of mind for remote updates

Our OPTIGA™ Trust and our OPTIGA™ TPM portfolios deploy cryptographic mechanisms to enable secured firmware and software updates and configuration. They offer end-to-end protection of the upgrade process, including firmware development, secured remote communication with the device, and execution of firmware image flashing by using a unique cryptographic key for each device or one key shared by many devices.

Benefits at a glance

  • Increased reliability and security of systems and devices
  • Rapid roll-out of updated device software and firmware with additional (revenue-generating) features and bug fixes
  • Cost efficiencies through the avoidance of expensive software upgrade recalls and support calls
  • Increased revenue opportunities through secure monthly update fees
  • Secured service delivery to authorized devices for service provider


Application brochure


Videos: IoT security demonstrations

Experience our broad range of demonstrations including the embedded security solutions of our OPTIGA™ product family