IAR Systems presented Compliance Suite for Renesas RX. Compliance Suite provides developers and organizations with the security development tools, practical guidance, and knowledge needed to rapidly build applications that are compliant with security legislation, such as the Consumer IoT Security Standard EN 303 645, UK & Australian 13 Best Practices, and the evolving US Cybersecurity Improvement Act (NISTIR 8259). The Compliance Suite for Renesas RX is specifically designed for applications based on the Renesas RX family of microcontrollers (MCUs).
Many Renesas RX MCUs include the Trusted Secure IP (TSIP) technology, which offers multiple security features. The Renesas RX65N with TSIP was the first general-purpose MCU to achieve Cryptographic Module Validation Program (CMVP) Level 3 certification from the Federal Information Processing Standard Publication (FIPS) 140-2 by the US National Institute of Standards and Technology (NIST). This integrated technology can be leveraged through Secure Thingz technology, achieving compliance with key requirements of the EN 303 645 standard.
Compliance Suite for Renesas RX delivers a set of security development tools that are all integrated with the development toolchain IAR Embedded Workbench. With the security development tool C-Trust, developers are able to automatically deliver secure, encrypted code. Combined with Preconfigured Security Contexts, which define the configuration of a trusted execution environment, developers are able to ensure they remain in control of system operation today and into the future. The Preconfigured Security Contexts included with Compliance Suite are designed for Renesas RX MCUs. In addition, Compliance Suite for Renesas RX includes practical guidance through a package of courses led by Secure Thingz’ in-house security experts, covering topics such as introduction to embedded security and available tools, and legislation overview, as well as hands-on guides on how to meet security compliance.
With new legislation for IoT security and privacy rapidly being introduced globally, compliance according to these regulations is a challenge for all organizations and developers working with embedded applications. The IoT Security Foundation, a non-profit industry association where Secure Thingz is a founding member, has developed an IoT Security Compliance Framework, enabling organizations to implement a self-certification methodology that covers 13 Best Practices for Security and Secure by Design guidelines. The Consumer IoT Security Standard EN 303 645, based on the 13 Best Practices, is widely regarded as the security benchmark for Consumer IoT. Both the standard and the guidelines contain core security requirements for applications, which developers should achieve. Compliance Suite from IAR Systems and Secure Thingz enables organizations to rapidly build applications with these core requirements included, providing security for existing applications as well as adding security guidelines for new functionality to future proof next-generation embedded applications.