Segger launches new IoT Security middleware for embedded developers

Phaedrus Systems is now supplying new software from Segger that provides tools for creating the Secure Internet of Things. The software includes Cyclic Redundancy Checking (emLib CRC), an IPv6 TCP/IP stack (embOS/IP) with Secure Sockets Layer (emSSL) and a digital signature suite (emSecure-ECDSA). They are joined by a new data compression tool (emCompress) and a tool for digitally signing and verifying documents (emSecure Sign and Verify).

Phaedrus Systems is now supplying new software from Segger that provides tools for creating the Secure Internet of Things. The software includes Cyclic Redundancy Checking (emLib CRC), an IPv6 TCP/IP stack (embOS/IP) with Secure Sockets Layer (emSSL) and a digital signature suite (emSecure-ECDSA). They are joined by a new data compression tool (emCompress) and a tool for digitally signing and verifying documents (emSecure Sign and Verify).

Chris Hills, CTO of Phaedrus Systems, said, "These software elements extend Segger's offerings for the Secure Internet of Things. Since they come from a single supplier they are easy to integrate."

The complete Segger offering, including the new Segger's new IDE, the Embedded Studio, will be the centre piece of Phaedrus Systems presence at the IoT Security Foundation Conference on December 1st at the IET.

Cyclic Redundancy Check

Cyclic Redundancy Checks (CRCs) provide error detection on data transfers in digital networks and on data held on storage devices or computed over firmware images. emLib CRC is a CRC library that in addition to the general CRC functions, features optimized implementations for popular CRC polynomials including CRCCCITT, CRC-16, and CRC-32, which perform close to the theoretical limit and comparable to hardware-accelerated algorithms. emLib CRC is delivered as pure C source code. and is easily integrated into PC programs and embedded targets as well as apps for portable devices such as Android or iOS tablets and phones.

TCP/IP Stack

The embOS/IP TCP/IP stack now supports the IPv6 protocol suite and has new features to meet the requirements of the Internet of Things and to cope with the exponential growth of connected devices. Existing users can easily enhance their product with IPv6 whilst maintaining full compatibility with their existing IPv4 source code and protocols. The enhanced embOS/IP Web Server makes better, more efficient use of memory - it's possible to run the web server with a lower overall memory footprint yet provide flexible content delivery when serving pages. Web pages with dynamic content, eliminate reloading the whole page when content changes. This ensures a smoother user experience.

Secure Sockets

emSSL is a secure socket implementation, suitable both for servers and clients. It has been designed to work with a minimum of RAM: as little as 7KB is all that is needed on the client. This makes it appropriate for devices for the IoT which need to communicate through email or by serving web pages, yet still have to be small and inexpensive. While working seamlessly with the embOS TCP/IP stack and the embOS/IP Web Server it can also be used with any IP stack that supports plain sockets.

Digital Signatures

The emSecure software package now offers both RSA and ECDSA schemes to generate and verify digital signatures. This widens customer options when using emSecure to protect against firmware hacking and hardware cloning. While RSA has proven robust for decades, ECDSA (Elliptic Curve Digital Signature Algorithm) is a relatively modern algorithm, and a FIPS and IEEE standard. It provides the same level of security as RSA with shorter key lengths. A 256-bit ECDSA key is equivalent to a 2048-bit RSA key. Shorter keys not only save space - the underlying calculations of the algorithms may be completed faster. This especially applies to signature generation, which is about seven times faster compared to RSA and makes it possible to sign data even on small microprocessors very quickly with low power.

emSecure-ECDSA uses about 10 kByte of ROM and no static RAM. Signature verification can be done within 160 ms, with less than 2.5 kByte on the stack, measured on a Cortex-M and using the P-256 curve.

Compression

emCompress is a compression tool to reduce the storage required on a target for boot images, HTML files or other static data. It reduces flash memory sizes, costs and data transmission time. Data is compressed on a PC, which automatically picks the best algorithm for the memory available.

The compressed version is stored in the flash of the target. Decompression takes place on the target side, whenever it is needed and using very little RAM. ROM consumption is tiny, compared to the additional space that is available to the development engineer for new firmware features. Highly redundant data, such as HTML pages, can be compressed to no more than 10% of the original size, and a unique group mode, which boosts compression ratios when compressing many small files such as HTML content for embedded web servers.

emCompress is written in ISO-C and is both compiler and target independent.

Sign & Verify

Sign and Verify is a Windows application which digitally signs a document to protect it from being maliciously altered. The utility is delivered with a key generator and is free of charge for personal use.

All these products are available now from Phaedrus Systems www.phaedsys.com

www.phaedsys.com/principals/segger/index.html