- Firmware, configuration files and static data are protected from unauthorized modification by Floodgate Anti-tamper
- Floodgate Anti-Tamper is the first solution to provide device manifest validation for embedded Linux and RTOS based devices
- Icon Labs enables The Internet of Secure Things™
Oct . 22, 2014 – West Des Moines, IA – Icon Labs (www.iconlabs.com), a leading provider of embedded networking and security technology, today announced the availability ofFloodgate Anti-Tamper, an application and data protection solution that protects RTOS and embedded Linux devices from malicious or accidental changes to firmware, configuration information and static data.
Anti-Tamper support makes it more difficult for a hacker to change the software or firmware running in an embedded device, or even change the configuration of the device. For example, if a utility company installs smart meters at their customer’s homes, hackers will not be able to re-program them to steal data or modify the behavior of the meter to under-report electrical usage.
Floodgate Anti-tamper also protects against accidental or malicious changes made by insiders who are authorized to access the device. In addition, all changes to the device are recorded and saved in the device audit log, allowing forensic analysis if and when problems do occur.
By adding a critical, missing layer of security, Floodgate Anti-Tamper enables device OEMs to validate the integrity of device firmware and configuration. Floodgate Anti-Tamper implements software-based anti-tamper detection, allowing this protection to be added to legacy systems without hardware “root-of-trust” capability. On newer systems, Floodgate Anti-Tamper is integrated with hardware root of trust support to embed anti-tamper support within the hardware.
“Floodgate Anti-Tamper closes a critical security hole for embedded devices, making possible the Internet of Secure Things™,” said Alan Grau, CEO of Icon Labs. “While hardware root-of-trust capabilities are supported in some new designs, they often lack easy to use software support and don’t solve the security issue for legacy devices running older hardware. With Floodgate, anti-tamper support can easily be added to new designs as well as to legacy systems.”
A recent HP Research study1 found that 70 percent of IoT devices are vulnerable to attack, and many devices had multiple security loopholes. Protecting IoT devices requires a multi-layer security strategy, and Floodgate Anti-Tamper provides an important missing piece of that solution for embedded devices.
“As IoT devices proliferate, they present new attack vectors for hackers to exploit, including device-to-cloud communication links, IoT gateways and the IoT devices themselves. Complicating matters further, many of these new devices exist outside of the traditional corporate security perimeter,” said Steve Hoffenberg, analyst and director for IoT & Embedded Software at VDC Research. “The IoT requires multiple layers of protection and end-to-end security from the device through the gateway and to the cloud. However, time-to-market pressure is not an excuse to shortcut security.”
Floodgate Anti-Tamper features include:
- hardware root of trust integration for secure boot
- full device manifest support
- hash validation of all manifest components
- local and remote audit
- secure remote upgrade
- configurable action upon detection of unauthorized changes
- run time audits
- Application Guarding APIs for run-time validation of applications/processes
- Integration with the Icon Labs Floodgate Product family for management and event reporting
Icon Labs delivers a full suite of security solutions for embedded devices. The Floodgate product family provides intrusion detection and intrusion prevention capabilities that are designed specifically for use in embedded and RTOS-based devices.
Floodgate products support management system integration for policy management, event reporting and situational awareness. Icon Labs also provides solutions to harden the device, secure communication channels, and block DOS attacks. In addition to embedded security software and hardware solutions, Icon Labs provides professional services capabilities to accelerate customer deployments and facilitate unique implementation. Icon Labs helps you secure YOUR things.
About Icon Laboratories, Inc.
Icon Labs, a 2014 Gartner “Cool Vendor”, is a leading provider of embedded software for device security, device protection and networking management, including the award winning Floodgate Defender. Founded in 1992, Icon Labs is headquartered in West Des Moines, Iowa. For more information, visit www.iconlabs.com, send email to info@iconlabs.com, or call 1.888.235.3443 (U.S. and Canada) or 515.226.3443 (International).
