Long-Term Support for Infrastructure Environments

As more devices and infrastructure systems connect to the network, the potential risk and implications of a security breach continue to climb. Renesas is bringing its industry-leading track record to bear on security issues facing civil infrastructure and industrial devices, as well as developing Open Source Software (OSS) that will form the foundation for highly reliable civil infrastructure systems.

As part of Renesas’s commitment, we have been contributing to the Civil Infrastructure Platform™ (CIP™) Initiatives, an open collaborative project hosted by the Linux Foundation™ and driven by the world's leading manufacturers of civil infrastructure systems, to establish a “base layer” of industrial-grade tooling using the Linux kernel and other open source projects. In addition, cybersecurity is a key element for CIP in order to secure civil infrastructure. For the details of CIP project, please refer to https://www.cip-project.org/.

Learn more

Security Solutions

RZ/G Series

RZ/G series products incorporate Renesas’s Trusted Secure IP, hardware security IP which allows for protection of keys and the cryptography engine. The security software is provided as a part of the “Verified Linux Package”, consisting of a security driver, an encrypted kernel loader, and security middleware.

RZ/G security hardware and software
Definition Contents
Security Driver

Driver software for Trusted Secure IP

  • For Encrypted Kernel boot
  • For Encrypted Communication (SSL/TLS)
  • Basic encryption for secure storage

[ AES CBC (128 bits, 256 bits), RSA (1024 bits, 2048 bits), SHA-1, SHA-256, HMAC (SHA-1, SHA-256), CMAC (AES-128, AES-256) ]

Encrypted Kernel Loader Loader software for Encrypted Kernel Boot
Security M/W

Middleware that provides security functions

  • TLS v1.2 (SSL/TLS) -- cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256
  • Secure Storage -- Function of encryption/decryption by IP unique key
画像
Verified Linux Package Block Diagram

Based on a robust set of security features in both hardware and software, the RZ/G security solution offers a broad range of security features that addresses encrypted kernel booting, encrypted communications, secure software update, and secure storage, protecting user products from network threats in the age of IoT.

RZ/G security solution features
RZ/G security function using built-in Trusted Secure IP Security effect
Software tamper detection / authentication
  • Encrypted kernel boot function (tampering judgement at startup).
  • Update mechanism of software linked with cloud server.
Tamper detection by software authentication / prevention (protection)
Encrypted communication
  • Function for SSL/TLS protocol communication.
  • Utilize Secure IP to protect keys for authentication and to establish secure communication path.
Communication protection
Storage protection
  • Data protection function secured in products.
  • Data encryption/decryption with Secure IP unique key.
Data protection

Learn more about RZ/G Series

RZ/G IEC 62443-4-2 READY

As an initiative for the IEC 62443 series which has attracted attention as the de facto standard for cyber security in the industry, we will provide solutions for the RZ/G Linux platform which are suitable for industry, including highly robust security features. These solutions will let suppliers of Industrial Automation and Control System (IACS) certify using the IEC 62443-4-2 standard.

Learn more about RZ/G IEC 62443-4-2 READY

News & Additional Resources