Security is the capability to protect valued assets such as data, features, services and financial or technical resources. Protecting an asset maintains three critical aspects:
- Confidentiality: data associated with an asset is not disclosed to unauthorized entities
- Integrity: preventing corruption and assuring the accuracy and completeness of the data associated with an asset over its entire life-cycle
- Availability: data or services are available when needed
Security should be an integral part of system design from day one by following a defined process:
- Identify the value of the asset to protect
- Understand the vulnerabilities of the asset and the threats to it
- Develop a security strategy to reduce the risk using the right level of security
- Create the appropriate solution (silicon, solution, software, infrastructure , life cycle) according the security analysis
In order to assure confidentiality, integrity and availability, a system must implement the security services or functions which can ensure that:
- Devices are genuine – by means of authentication and secure boot and Secure Firmware Install / Secure Firmware Update
- Data is exchanged in secure manner- by means of secure communication
- Data & code are trusted - through data & code & execution protection
Security market evolution
The security market is evolving rapidly growing from traditional smartcard business to a broad range of connected devices associated with a fast expanding communications infrastructure. This generates new kind of threats and challenges which in turn require new security approaches.
ST provides broad range of secure products and solutions which address the new security requirements and cover use cases ranging from simple devices to very complex infrastructure. This includes application areas such as the Internet of Things, Industrial and Automotive and encompasses also governmental or regulated requirements such as metering or Identity.