Modern encryption and related cryptographic principles are essential to protection of confidentiality and integrity of embedded systems. With new threats such as Quantum Computing, it is essential that systems in development provide flexibility/upgradability to address emerging threats. It is also essential that cryptographic systems meet today’s challenges. For high security systems, these challenges include regulatory compliance, development time, and cost.
For many industrial and defense applications, FIPS 140-2 certified encryption (evolving currently to FIPS 140-3) is a regulatory requirement for sensitive data. FIPS 140-2 encryption comes at four different levels. Level 1 is software only and is the most common solution for traditional IT applications. For embedded solutions, systems must comply with additional requirements to protect the system from unauthorized access when fielded that could prevent proper operation of the cryptography or disclose secrets such as encryption keys. These are applications require certification levels 2-4 with 2-3 being the most common. These integration levels require tight integrations between embedded hardware and software. This integration requires detailed understanding of secure software design, embedded processors/System on Chip (SoC), and FIPS security regulations.
Defense applications can have specific challenges which require protection of classified information. These systems must comply with NSA requirements and be certified by NSA. These requirements/certifications can be for Secret and Below (SAB) or Top Secret and Below (TSAB) protections. As military applications of embedded systems in battlefield applications increase (e.g. unmanned systems/sensors, soldier electronics) their need to communicate and protect classified data is increasing. Traditional solutions such as End Cryptographic Units (ECU) can be impractical for embedded applications with limited Size, Weight, Power, and Cost (SWaP-C) budgets requiring innovative technical and policy solutions.
Secmation has experience in technologies and policies required for FIPS 140-2, FIPS 140-3, SAB, and TSAB certified encryption. We have integrated solutions that can provide FIPS 140-2, Level 3 encryption for specific, commercially available, embedded application processors. We are also pursuing innovative technologies that can support SAB encryption on similar commercially available processors significantly reducing the SWaP-C required for cryptography and decreasing deployment time.