Secure Desktop Provisioner

Secure Desktop Provisioner delivers secure provisioning at your desk, enabling simplified production for devices which do not require a fully automated production line. The product enables you, who have defined your company’s key infrastructure during development, to dynamically generate keys and provision these securely into the device alongside a cryptographically secured image of the application.

Provisioning with Secure Desktop Provisioner is done using an easy-to-use software tool which can automatically detect and provision new boards when connected, offering semi-automated operation. In addition, the software will only permit provisioning of the number of boards that have been authorized.

In C-Trust/Embedded Trust, development keys are replaced by secure production keys, during the creation of a final, secure production package. The Secure Desktop Provisioner imports these production packages. The development flow with Embedded Trust/C-Trust and the Secure Desktop Provisioner enable a smooth transition to volume production.

Secure Install refers to a new set of technologies that allows the application to be protected down to the lowest levels of communication between an MCU being programmed and the tools carrying out that production programming. Secure Desktop Provisioner fully supports the next-generation of Secure Install technologies from development to production.

Secure Desktop Provisioner reacts actively to attempts to physically tamper with the hardware unit. On detecting a physical tamper event, the product will automatically go into Maintenance Mode.

Provisioning provides unique characteristics to every device being produced, whether at the chip, board or system level. This enables every programmed device to be identified and acted upon, whether this is to provide authentication, or to enable updates to be targeted to a single device, or a group.

The provisioning is often implemented alongside secure programming, ensuring as much information as possible is protected.

Security orientated development is traditionally challenging as there is a need to manage high-value code and secrets, including keys. 

With Secure Desktop Provisioner, it is possible to develop with keys and critical code being protected. This makes the product a critical component of the security development workflow enabled by our security solutions. In C-Trust, development keys are replaced by secure production keys, during the creation of a final, secure production package. Secure Desktop Provisioner imports these production packages.

IAR Systems security tools and services offer support for a wide range of devices, including Arm-based MCUs from STMicroelectronics, Renesas and NXP, as well as the Renesas RX MCU family devices, enabling you to choose the right MCU for the security and functional needs of your application. In addition, support for the vast majority of MCUs can be achieved through the use of Hardware Abstraction Layer (HAL).

All devices in the list are ported and tested.

IAR Systems are constantly updating their growing list of supported devices. If your device is not listed, contact us to find out when your device will be supported.

Embedded Trust and C-Trust support next-generation Secure Install technologies intended to prevent malware throughout device lifecycles. Together with Secure Desktop Provisioner, this enables rapid development, implementation, prototyping and volume production of secure embedded applications.