OPTIGA™ TPM - Trusted Platform Module

Überblick

Security controllers based on TCG specifications (TPM 1.2 or TPM 2.0) protecting integrity and authenticity of embedded devices and systems

OPTIGA™ TPM (Trusted Platform Module) offers a broad portfolio of standardized security controllers to protect the integrity and authenticity of embedded devices and systems. With a secured key store and support for a variety of encryption algorithms, OPTIGA™ TPM security chips provide robust protection for critical data and processes through their rich functionality.

OPTIGA™ TPM security controllers are ideal for platforms running both Windows and Linux and its derivatives (SLB 9645 product versions for Chrome OS available). Based on Trusted Computing Group (TCG) standards, they support the TPM 1.2 or the latest innovative TPM 2.0 standard.

> OPTIGA™ TPM Certificates

Produkte

Highlights

Market news

Infineon präsentiert weltweit erstes TPM 2.0 für Industrie 4.0

New whitepaper

Why securing network equipment is key to supporting IoT infrastructure

Details

Standardized and certified protection for a broad range of applications

OPTIGA™ TPM security controllers are ideal for platforms running both Windows and Linux (and its derivatives)*. Based on Trusted Computing Group (TCG) standards, they support the TPM 1.2 or the latest innovative TPM 2.0 standard.

*SLB 9645 product versions for Chrome OS available.

OPTIGA™ TPM: Vorteile auf einen Blick

Vorteile der Standardisierung: einfache Integration, Zuverlässigkeit und Wiederverwendbarkeit von Software
Große, innovative Auswahl von zertifizierten Produkten und erstklassiger Support
Reibungslose Migration von TPM 1.2 auf 2.0 mit dem ersten TPM 2.0-Produkt

TCG: Standard-basierte und zertifizierte Sicherheitslösungen für embedded Anwendungen

Um dem steigenden Sicherheitsbedarf gerecht zu werden, suchen viele Hersteller und Systemanbieter nach maßgeschneiderten, einfach implementierbaren Lösungen, die eine schnelle Entwicklung und Bereitstellung unterstützen, indem sie sich nahtlos in bestehende oder neue Computing-Designs integrieren lassen. Die Trusted Computing Group (TCG) hat eine Reihe von offenen, herstellerunabhängigen, globalen Industriestandards zur Unterstützung von interoperablen Trusted Computing Plattformen festgelegt. Trusted Computing soll unbefugte Änderungen an einem System erkennen, das auf einem festgelegten, in einem Rechengerät integrierten Sicherheitsanker basiert. Dies geschieht mit einem speziellen Mikroprozessor, der die gesicherte Integration von kryptografischen Schlüsseln in das Gerät unterstützt. Die grundlegenden, im Trusted Platform Module (TPM) gespeicherten Schlüssel werden intern verarbeitet und genutzt. Hierbei sind alle kryptografischen Funktionen geschützt. Bei Computerdesigns hat sich das Trusted Computing schon lange etabliert und nun hält es Einzug in ein viel größeres Anwendungsspektrum für unterschiedlichste Branchen wie die Automobilindustrie und industrielle Automatisierung.

Infineon: Wir bringen Ihnen die Vorteile der Standardisierung und Interoperabilität

Als Gründungsmitglied und treibende Kraft innerhalb der Trusted Computing Group (TCG) liefert Infineon seinen Kunden fortwährend die Vorteile der Standardisierung. Wir möchten Ihnen starke, bewährte Sicherheitslösungen bieten, die zudem einen geringeren Integrationsaufwand erfordern. Sie können auf unser langjähriges Know-how und unsere Zuverlässigkeit bauen, um sensible Daten zu schützen, eine starke Identität und Integrität von Maschinen zu schaffen und eine sichere Authentifizierung durch den Schutz von Zertifikaten, Schlüsseln und Passwörtern zu unterstützen. Mit der Unterstützung unseres globalen Supportteams bieten wir eine marktführende Auswahl von OPTIGA™ TPM Produkten, die alle Standardschnittstellen über einen großen Temperaturbereich unterstützen. Tatsächlich waren wir der erste Halbleiterhersteller, der sein TPM 1.2-Angebot mit einem TPM 2.0-Produkt ergänzt hat, um die nächste Generation von embedded Trusted Computing-Anwendungen zu unterstützen. Erfahren Sie mehr über unsere OPTIGA™ TPM Familie und unser Portfolio, das sich über ein breites Angebot unterschiedlicher Schnittstellen, Gehäuse und Temperaturbereiche erstreckt, um individuellen Anwendungsanforderungen gerecht zu werden.

Awarded: Best solution in manufacturing

The IoT Solutions World Congress awarded Infineon for Best Solution in Manufacturing. Mocana, who recently joined the Infineon Security Partner Network (ISPN) and Infineon take security for IoT to the next level by combining advanced security features with our highly valued and widely used OPTIGA™ TPM.

Dokumente

Boards

Tools & Software

Intermediate CAs for the creation of certificates for the respective product and firmware version

Intermediate certificates

Simulation

Videos

Share

Partner

Ecosystem and ISPN partner support of OPTIGA™ TPM

Fraunhofer SIT provides Open Source Software Stack and Consultancy

With more than 15 years of experience in designing TPM-based solutions and more than 20 scientific publications, the Fraunhofer Institute for Secure Information Technology (SIT) is one of the leading experts in the field of Trusted Computing. Fraunhofer SIT's involvement ranges from the standardization body over practical implementations to fundamental research. Fraunhofer SIT is involved throughout all application sectors, from desktop and server equipment, over automotive and railway to industrial applications.

Fraunhofer SIT's offers include:

*application sector specific design and architectures for TPM-based security solutions

*consultancy, teaching and empowerment on TPM integration

*extension and customizations of the Open Source Software Stack

More information

GlobalSign provides PKI-based Device Identity Management Solutions

GlobalSign provides PKI-based device identity enrollment and management solutions that leverage Infineon products such as the OPTIGA™ TPM SLM 9670 and SLB 9670 as the trust anchor. GlobalSign´s security products are targeted towards various IIoT verticals, including but not limited to - smart manufacturing, automotive, industrial automation and healthcare. GlobalSign brings experience and expertise in using PKI and SSL technologies and applying them towards solving cybersecurity problems in various small and large business contexts through their comprehensive product portfolio.

GlobalSign IoT Identity Platform can create and host custom PKI hierarchies that serve the core identity needs of devices embedded with Infineon OPTIGA™ TPMs.

GlobalSign IoT Edge Enroll is an endpoint software application that can provide device registration, enrollment and provisioning services. More information

Sectigo provides Certificate Management & TPM libraries

Sectigo provides a complete certificate management solution starting with secure certificate creation & insertion at the customer´s factory using the OPTIGA™ TPM for private key storage. The Floodgate Factory CA Server enables key management and certificate signing during manufacturing. The Floodgate TPM Library provides the device-side software to streamline TPM usage and key storage, while the Floodgate CA Server allows management of PKI certificates after the device is deployed.Floodgate TPM Library and the Floodgate PKI Client enable OEMs to develop and deploy secure embedded connected devices with relative ease.

Together, Sectigo and Infineon provide:

the APIs, libraries, and code running on the device to enable integration with the OPTIGA™ TPM
key generation by the OPTIGA™ TPM and enrollment with Certificate Authority
Certificate Signing Requests using the Simple Certificate Enrollment Protocol (SCEP), Enrollment over Secure Transport (EST), and Online Certificate Status Protocol (OCSP)
Full integration with public and private Certificate Authorities

More information

Mixed Mode provides Consulting, Custom Software Implementation and Integration

With about 15 years of experience in different security related projects and applications, Mixed Mode is a knowledgeable Infineon partner offering consulting services and software development for integration of the OPTIGA™ TPM. Amongst different projects, Mixed Mode developed and implemented a secure boot and secure update concept including hardware integration as well as verification of the LINUX image.

Mixed Mode has experience on different target embedded platforms, operating systems and use cases secured by OPTIGA™ TPM:

Supported platforms: LINUX, RTOS, Bare Metal
Supported use cases: Secure Communication, Secure Storage, Secure Boot, Secure Update
Consulting services: Training, Workshops, Security Concepts / Security by Design, Code and Gap Analysis, ISO 62443 SL 3, Policy and Certificate Concepts
Others: DRM (Digital Rights Management) and License Management on Embedded Platforms

More information

wolfSSL provides lightweight and highly portable TPM libraries

wolfTPM is a TPM 2.0 project, designed for embedded use. It is highly portable, due to having been written in native C, having a single IO callback for SPI hardware interface, no external dependencies, and its compacted code with low resource usage.

It is generally very easy to compile on new platforms, so if your desired platform is not listed as supported or you would like assistance porting wolfTPM, please contact wolfSSL at facts@wolfssl.com.

Features:

*Provides all TPM 2.0 API's in compliance with the specification.

*Uses the TPM Interface Specification (TIS) to communicate over SPI.

*Includes wrappers for Key Generation, RSA encrypt/decrypt, ECC sign/verify, ECDH, NV Access and Hashing.

More information

Trainings

Applikationen

Sicherheit für das IoT

Support

Kontakt