Browse the Community
High-end easy to use security solutions that provide an anchor of trust for your application, connecting IoT devices to the cloud, giving billons of device its own unique identity, pre-personalized turnkey solutions, zero-touch onboarding, high performance, ... We did not meet your expectations? Let us know!
OPTIGA™ TPM (Trusted Platform Module) offers a broad portfolio of standardized security controllers to protect the integrity and authenticity of embedded devices and systems. With a secured key store and support for a variety of encryption algorithms, OPTIGA™ TPM security chips provide robust protection for critical data and processes through their rich functionality. OPTIGA™ TPM security controllers are ideal for platforms running both Windows and Linux and its derivatives (SLB 9645 product versions for Chrome OS available). Based on Trusted Computing Group (TCG) standards, they support the TPM 1.2 or the latest innovative TPM 2.0 standard.
SECORA™ Blockchain is a fast, easy-to-use Java Card™ solution supporting best-in-class security for block chain system implementations. By providing a safe “vault” for user credentials, SECORA™ Blockchain can reduce the final user’s commercial risk and helps to increase trust in the block chain system.
Open, international standards such as CIPURSE™ are the best way to ensure interoperability across secured, cost-effective and flexible multi-applications schemes supporting fare collection. Infineon is the world’s first supplier of a complete CIPURSE™ certified product portfolio.
We are also considering a multiple SPI configuration of TPM (SLB9670) and SPI Flash as shown in the thread below.
In this thread, SCLK, MISO, and MOSI are described as don't care when CS# is disabled (High).
In our usage, the SCLK frequency is switched on the Host side as shown below.
- SCLK operates at 50MHz when CS# of SPI FLASH is enabled
- SCLK operates at 14MHz when CS# of SLB9670VQ20 is enabled
In other words, when CS# of SLB9670 is disabled, Closk with a frequency of 50MHz is input to SCLK.
On the data sheet, the maximum frequency is 43MHz under all conditions, so a clock with a frequency higher than the data sheet will be input.
Is it safe to assume that this condition is not a problem?
Is it a don't care as per the thread above?
How is SLB9670's endurance defined?
I would like to know the guaranteed value.
For example, I would be happy if you could tell me how to express it like 10kcycles.
(a) How is "lifetime" defined - is this starting from date of manufacture? The 10 year figure is lower than I would have guessed.
(b) How should the 10 year lifetime figure be used in practice? For instance, suppose we wish to protect an asset for 20 years then should we swap-out at (for example) 7 years, 14 years?
(c) Are there expected failure modes? I'm wondering if these relate to non-volatile memory?
(d) How confident can we be that a unit of age
9 years < AGE < 10 years
will not fail - is there some distribution curve?
(e) How can we detect failure in the field?
(f) What is the distinction between "Useful lifetime" and "Operating lifetime" (Data Sheet, pg11)
Many thanks for any advice
I am quite new to the topic of TPMs and I have a question regarding the SLB 9665. I am wondering about the maximum lifetime of the TPM module SLB 9665 and the Endoresement Key.
When using the "Get-TpmEndorsementKeyInfo" command on my development system I get the response that the "ManufacturerCertificates" is valid until the date specified in the field "Not After" is reached. Which is somewhere in the middle of the 2030s.
So what happens afterwards? Will the system not be able to boot as soon as the certificate expires when using something like Bitlocker and/or Secure Boot? Is there a way to "extend" the lifetime of the certificate to a desired date?
I found the following discussion on this forum: SLB 9673 "Useful lifetime" - Infineon Developer Community which is somehow related to my question I guess.
Where can I buy "Shield2Go Adapter for Raspberry Pi". I want to prototype and test TRUST M and trust X with Raspberry PI. Although I see a link to the page, there isnt a link to purchase the product.
Hello, I have an OPTIGA TPM 2.0 SLI9670 and I want to sign a file, I want to create a public-private keypair, keep the private key persistent inside the TPM, sign the file I need and also export the public key to verify the signed file on another computer. Is that possible? What's the best way to accomplish that.Show Less
Do you have ESD data for SLS32AIA010MK?
Our customer need ESD HBM, ESD CDM and HF information.
Please help us to get these data.
Boris SuShow Less
Is the Infineon NFC Secure Access Module "NFCSAM" available in a Chip Card ID-1 - preferable with an ID-000 (2FF Form Factor mini-SIM) cutout?
In security Target "OPTIGA Trusted Platform Module SLB9672_2.0 v16 SLB9673_2.0 v26" I see that the command TPM2_SetCapabilityVendor enables the command TPM2_EncryptDecrypt2.
I don't see any documentation about the command TPM2_SetCapabilityVendor. Where can I find the description?
Is this command available for all users ?
In optiga TPM families (9670, 9672, 9673, ...) is the command TPM2_EncryptDecrypt2 available by default ?