Long-Term Support for Infrastructure Environments
As more devices and infrastructure systems connect to the network, the potential risk and implications of a security breach continue to climb. Renesas is bringing its industry-leading track record to bear on security issues facing civil infrastructure and industrial devices, as well as developing Open Source Software (OSS) that will form the foundation for highly reliable civil infrastructure systems.
As part of Renesas’s commitment, we have been contributing to the Civil Infrastructure Platform™ (CIP™) Initiatives, an open collaborative project hosted by the Linux Foundation™ and driven by the world's leading manufacturers of civil infrastructure systems, to establish a “base layer” of industrial-grade tooling using the Linux kernel and other open source projects. In addition, cybersecurity is a key element for CIP in order to secure civil infrastructure. For the details of CIP project, please refer to https://www.cip-project.org/.
RZ/G series products incorporate Renesas’s Trusted Secure IP, hardware security IP which allows for protection of keys and the cryptography engine. The security software is provided as a part of the “Verified Linux Package”, consisting of a security driver, an encrypted kernel loader, and security middleware.
Driver software for Trusted Secure IP
[ AES CBC (128 bits, 256 bits), RSA (1024 bits, 2048 bits), SHA-1, SHA-256, HMAC (SHA-1, SHA-256), CMAC (AES-128, AES-256) ]
|Encrypted Kernel Loader||Loader software for Encrypted Kernel Boot|
Middleware that provides security functions
Based on a robust set of security features in both hardware and software, the RZ/G security solution offers a broad range of security features that addresses encrypted kernel booting, encrypted communications, secure software update, and secure storage, protecting user products from network threats in the age of IoT.
|RZ/G security function using built-in Trusted Secure IP||Security effect|
|Software tamper detection / authentication||
||Tamper detection by software authentication / prevention (protection)|
RZ/G IEC 62443-4-2 READY
As an initiative for the IEC 62443 series which has attracted attention as the de facto standard for cyber security in the industry, we will provide solutions for the RZ/G Linux platform which are suitable for industry, including highly robust security features. These solutions will let suppliers of Industrial Automation and Control System (IACS) certify using the IEC 62443-4-2 standard.