Security#
Silicon Labs offers a range of security features depending on the part you are using and your application and production needs. As well as the security features available, this section describes security issues specific to Bluetooth Mesh.
IoT Security Fundamentals (PDF): Introduces the security concepts that must be considered when implementing an Internet of Things (IoT) system. Using the ioXt Alliance's eight security principles as a structure, it clearly delineates the solutions Silicon Labs provides to support endpoint security and what you must do outside of the Silicon Labs framework.
Bluetooth Low Energy Application Security Design Considerations in SDK v3.x (PDF): Provides details on designing Bluetooth Low Energy applications with security and privacy in mind.
IV Update in a Bluetooth Mesh Network (PDF): Provides background information on the sequence number and IV index in a Bluetooth mesh network and the IV Update and IV Index Recovery procedures. It then discusses how to implement IV Update functionality in a Bluetooth mesh application.
Series 2 Secure Debug (PDF): Describes how to lock and unlock the debug access of EFR32 Gecko Series 2 devices. Many aspects of the debug access, including the secure debug unlock are described. The Debug Challenge Interface (DCI) and Secure Engine (SE) Mailbox Interface for locking and unlocking debug access are also included.
Production Programming of Series 2 Devices (PDF): Provides details on programming, provisioning, and configuring Series 2 devices in production environments. Covers Secure Engine Subsystem of Series 2 devices, which runs easily upgradeable Secure Engine (SE) or Virtual Secure Engine (VSE) firmware.
Anti-Tamper Protection Configuration and Use (PDF): Anti-Tamper Protection Configuration and Use - Shows how to program, provision, and configure the anti-tamper module on EFR32 Series 2 devices with Secure Vault.
Authenticating Silicon Labs Devices using Device Certificates (PDF): How to authenticate an EFR32 Series 2 device with Secure Vault, using secure device certificates and signatures.
Secure Key Storage (PDF): Explains how to securely "wrap" keys in EFR32 Series 2 devices with Secure Vault, so they can be stored in non-volatile storage.
Programming Series 2 Devices Using the DCI and SWD (PDF): Describes how to provision and configure Series 2 devices through the DCI and SWD.
Integrating Crypto Functionality with PSA Crypto vs. Mbed TLS (PDF): Describes how to integrate crypto functionality into applications using PSA Crypto compared to Mbed TLS.
Series 2 TrustZone (PDF): Provides background and information on implementing TrustZone on series 2 devices.