PITTSBURGH – June 20, 2022 – PRLog — Timesys Corporation, an industry pioneer and a leading provider of embedded, open-source software security solutions, has announced that they have achieved Level 1 system software certification for their VigiShield Secure by Design security offering on NXP® Semiconductors i.MX applications processors.

Introducing VigiShield Secure by Design

With VigiShield Secure by Design, Timesys has distilled the security feature implementation process down into an easy-to-understand, PSA Certified, maintainable Yocto security layer that can be configured to meet current customer and regulatory requirements, such as NISTIR 8259A and ETSI EN 303 645.

VigiShield leverages widely used open source technologies, enables underlying hardware capabilities for best performance, and implements the security best practices recommended by regulatory and industry-specific bodies (FDA, MDR, IEC, etc).

Out of the box, it includes security features such as software integrity (secure boot and chain of trust), secure storage, secure over-the-air (OTA) updates, Linux kernel and system hardening, secure communication, locked hardware ports, security audit logs and more. Additionally, Timesys supports manufacturing tooling required for secure software provisioning. The security layer leverages the best-in-class open source solutions to bring easily maintainable security feature implementation to your Yocto-based Linux distro.

Cybersecurity continues to be a concern for device manufacturers

One of the most effective ways to reduce the cost of security development, improve security posture, and bring secure devices to market faster is by leveraging off-the-shelf pre-certified components. PSA Certified (https://www.psacertified.org/what-is-psa-certified/) provides a framework for security assessment and certification of processors, system software (e.g: Linux OS, RTOS), and devices evaluated by independent labs.

“We are thrilled to work with PSA Certified to reach this milestone. With security built-in using VigiShield Secure by Design, device manufacturers can focus more on innovation during the product development process and get to market faster,” said Atul Bansal, Timesys CEO.

Device manufacturers can leverage PSA Certified components (processor and system software) to quickly start with a secure platform and focus on their value add software. They can also submit their devices for certification to give the end consumer peace of mind. Most importantly, PSA Certified components align with meeting industry security standards.

“Security must be built into embedded technologies from the very start, from the silicon to the system software to the device itself,” said Pere Quetglas, Senior Security Evaluator at SGS Brightsight, the independent security evaluation lab that assessed the VigiShield Secure by Design product as part of the PSA Certification process. “Having passed our independent security evaluation, Timesys VigiShield Secure by Design has successfully achieved PSA Certified Level 1 for system software.”

Cybersecurity continues to be a concern for device manufacturers

As evidenced from Timesys recent industry-wide cybersecurity survey for IoT device manufacturers, device manufacturers face a series of challenges in securing their products.

In analyzing the survey data, Timesys concluded that while security usually isn’t seen as a feature, customers expect devices to be highly secured even in the Minimum Viable Product (MVP) stage. At the same time, industry standards are requiring increasingly strict security. The survey showed that lack of expertise, lack of resources, and insufficient tooling and processes all present challenges.

Timesys bridges this gap with efficient security solutions for the full device lifecycle like the VigiShield Secure by Design security layer.

“The PSA certification of VigiShield Secure by Design software from Timesys provides a framework to ease security compliance,” said Asim Zaidi, Technical Director at NXP Semiconductors. “NXP i.MX applications processors combined with VigiShield software offers another path to help developers reduce time to market while meeting increased security needs.”

To learn more about how device manufacturers can leverage VigiShield Secure by Design to bring secure Linux devices to market faster, visit https://timesys.com/solutions/vigishield-secure-by-design/.

Or learn more about how VigiShield Secure by Design adds an extra layer of protection by joining us and AWS in an Embedded Computing booth (Hall: 1 Booth:1-121) at Embedded World on Tuesday, June 21 in Nuremberg, Germany. There, Timesys will be showcasing an end-to-end IoT-device-to-cloud security solution on a NXP i.MX8 platform secured by Timesys VigiShield and integrated with AWS IoT services. With this demo, find out how OEMs can leverage the solution to securely provision devices at manufacturing, secure the device connections to AWS IoT cloud, and stay protected with tamper detect, security alerts, and key/certificate revocation mechanisms.

About Timesys

Timesys is a pioneer and industry leader in open source software security, development tools, and engineering services and consulting, spanning the embedded software market. With Timesys’ expertise, OEMs, ODMs, and design houses cut development costs and accelerate time-to-market for devices and IoT systems and applications using embedded Linux, Android, FreeRTOS, Zephyr, and other open source solutions.

With more than 20 years of embedded development experience, Timesys’ broad portfolio, embedded expertise, and extensive partner ecosystem are used by 1000+ customers to develop leading products and applications including medical, automotive, industrial, networking, aerospace, and Internet of Things (IoT) solutions. Timesys is a Gold member of the NXP Partner Program.

Timesys, the Timesys logo, and VigiShield Secure by Design are trademarks or registered trademarks of Timesys Corporation. All other company and product names mentioned are trademarks and/or registered trademarks of their respective owners.