Skip to main content

Security - the u-blox trusted domain

  • To safeguard applications, protect data, and ensure secure data transmission, system designs need to follow a set  of security principles.
  • Any exposed interfaces in applications can be used as attack surfaces.
  • Attacks always cause harm, including: immediate costs, damage, consequential costs.

An attacked system may be subject to:

  • Firmware attacks, in which altered code can modify system behaviour or grant access to secrets
  • Data attacks, which attempt to interfere with normal operation
  • Man in the middle attacks, in which interface I/O capture is used to change or replay the control of data to interfere with actual values

Read our blog post on secure IoT identities

Confidentiality Icon

Confidentiality

System assets can be only used by authorized parties (secrecy).

Availability Icon

Availability

Assets are accessible to authorized parties for a limited time only.

Integrity Icon

Integrity

The correctness of system information is quantified by a measure of trust.

Robustness Icon

Robustness

Systems are impervious to intentional or unintentional interference.

Five pillars of security that create the u‑blox Trusted Domain

Secure Boot Icon

Secure Boot

The firmware is authentic, has not been modified, and cannot be downgraded

Secure Firmware Update (FOTA) Icon

Secure Firmware Updates (FOTA)

Only authenticated and validated updates can be applied

Secure Interfaces Icon

Secure Physical Interfaces and APIs

  • Only authorised users can gain debug access to a device, and each access grant is unique.
  • "Development" back doors are blocked and only authorised usage of APIs is possible.
  • Data is authenticated and integrity protected in both directions - into and out from the module
Secure Transport Icon

Secure Transport Layer

  • The device can authenticate and sign or encrypt the communications with the server
  • No man‑in‑the‑middle attacks in device‑to‑server communication
Spoofing Icon

Robustness, Spoofing/Jamming detection and active countermeasures

  • Security is also about software quality
  • Robustness against software attacks and detection of potential attacks on air interfaces