As AM62x Security Overview mentioned about Secure Boot, Trusted Execution Environment, Root of Trust, OTP ..etc.
I would like to know the AM6232 can meet the requirement as below for comply with IEC 62443-4-2.
Or we should purchase another security chip like TPM?
|
# |
Hardware Requirements |
Description |
|
|
1 |
TPM |
The product shall provide the capability to protect the relevant authenticators via hardware mechanisms. |
|
|
2 |
TPM / Secure Enviroment |
The product shall provide the capability to provision and protect the confidentiality, integrity, and authenticity of product supplier keys and data to be used as one or more "roots of trust" at the time of manufacture of the device. |
|
|
3 |
Secure Boot |
The product shall use the component's product supplier roots of trust to verify the authenticity of the firmware, software, and configuration data needed for the component's boot process prior to it being used in the boot process. |
|
|
4 |
TPM / Secure Enviroment |
The product shall provide the capability to protect the relevant private keys via hardware mechanisms according to commonly accepted security industry practices and recommendations. |
|
|
5 |
HSM |
The product shall provide the capability to operate a PKI according to commonly accepted best practices or obtain public key certificates from an existing PKI. |
|
|
6 |
Software updated |
All software components in the product should be securely updateable. |
|
|
7 |
trusted execution environments |
The device should include a hardware-level access control mechanism for memory. |
