Silicon Labs IoT Security Developer's Guide#
The IoT Security Developer's Guide offers detailed information on how to implement each of the device security features. This content is applicable to any protocol that supports the feature described. Additional protocol-specific information for Bluetooth, Bluetooth Mesh, OpenThread, and Zigbee is available in the protocol-specific section.
Series 2 Secure Debug (PDF): Describes how to lock and unlock the debug access of EFR32 Gecko Series 2 devices. Many aspects of the debug access, including the secure debug unlock are described. The Debug Challenge Interface (DCI) and Secure Engine (SE) Mailbox Interface for locking and unlocking debug access are also included.
Series 2 TrustZone (PDF): Covers the basics of ARMv8-M TrustZone, describes how TrustZone is implemented on Series 2 devices, and provides application examples.
Production Programming of Series 2 Devices (PDF): Provides details on programming, provisioning, and configuring Series 2 devices in production environments. Covers Secure Engine Subsystem of Series 2 devices, which runs easily upgradeable Secure Engine (SE) or Virtual Secure Engine (VSE) firmware.
Anti-Tamper Protection Configuration and Use (PDF): Shows how to program, provision, and configure the anti-tamper module on EFR32 Series 2 devices with Secure Vault.
Authenticating Silicon Labs Devices using Device Certificates (PDF): Describes how to authenticate an EFR32 Series 2 device with Secure Vault, using secure device certificates and signatures.
Secure Key Storage (PDF): Explains how to securely "wrap" keys in EFR32 Series 2 devices with Secure Vault, so they can be stored in non-volatile storage.
Programming Series 2 Devices Using the Debug Challenge Interface (DCI) and Serial Wire Debug (SWD) (PDF): Describes how to provision and configure Series 2 devices through the DCI and SWD.
Integrating Crypto Functionality Using PSA Crypto Compared to Mbed TLS (PDF): Describes how to integrate crypto functionality into applications using PSA Crypto compared to Mbed TLS.