Security Software Platform Protects Embedded Computing Products
What you'll learn:
- Details behind the latest version of Thistle Technologies' Thistle Security Platform for Devices.
- The integration of Infineon's OPTIGA Trust M security controller to enhance security.
Thistle Technologies integrated Infineon Technologies' OPTIGA Trust M security solution into its latest version of the Thistle Security Platform for Devices. The software platform, targeting embedded computing products based on the Linux operating system (OS) or on a microcontroller, protects the valuable intellectual property (IP) in artificial-intelligence (AI) models deployed in edge AI applications and in the training data sets on which they're based.
The new platform provides ready-made, cloud-managed security components that integrate into Linux OS-based devices and microcontrollers to avoid the need to build and maintain a one-off cybersecurity stack.
Developers can deploy a proven, continuously updated foundation quickly and scale it across a large fleet of devices. The Security Platform enables both secured boot and over-the-air (OTA) updating, and is compatible with a broad range of devices.
The Infineon OPTIGA Trust M security controller enables secured key provisioning, tamper-resistant key storage, and efficient cryptographic operations for encryption and decryption in edge AI applications. Thistle expanded the latest version to include built-in protection for on-device AI models and data, with cryptographic keys stored in tamper-resistant security controllers.
Features include hardware-backed model encryption, with an AES 256-bit key securely stored in OPTIGA Trust M, which is used to secure the AI Model encryption key. Even if a device is lost, decommissioned, or disassembled, the manufacturer’s IP embedded in the model is still efficiently protected.
For OTA updates, the Thistle platform enables cryptographically signed, tamper-evident delivery of AI models and firmware directly from the training platform to the device, ensuring that every installed instance of a model can be traced and verified.
Signed data and data lineage can be signed on-device and tagged with provenance metadata. Thus, downstream systems that might use the data to train or refine AI models can check the provenance of the data, and of the version of the model that the device was running.
