1. Secure boot
Ability to ensure the authenticity and integrity of an application that runs inside a device.
2. Secure Install/Update
Installation or update of firmware with initial checks of integrity and authenticity before programming.
3. Silicon device lifecycle
Control states to securely protect silicon-device assets through a constrained path.
Isolation between trusted and nontrusted parts of an application.
5. Secure storage
Ability to securely store secrets like data or keys (and to access them without them being visible externally).
6. Crypto engine
Ability to process cryptographic algorithms, as recommended by a security assurance level.
7. Secure manufacturing
Initial device provisioning in an unsecured environment with overproduction control. Potential secured personalization.
8. Identification / Authentication / Attestation
Unique identification of a device and/or software package, and ability to detect its authenticity, from inside the device or externally.
9. Software IP protection
Ability to protect a section or the whole software package against external or internal reading. Can be multi-tenant.
10. Abnormal situation handling
Ability to detect abnormal situations (both hardware and software) and to take adapted decisions like the removal of secret data.
Keep trace of security events in an unchangeable way.
12. Application lifecycle
Define unchangeable incremental states to securely protect application states and assets.