mcr / enacttrust

Enact is an open-source software that enables you to monitor the health of your system

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

EnactTrust

Security and compliance for IoT & Edge systems

Typical use cases are:

  • offline protection of IoT devices in the field
  • monitoring of the device health of Edge devices
  • compliance for Industrial IoT and Automotive systems

To learn more about EnactTrust, read our whitepaper.

Screenshots

Boing Boing

Explore device health by visiting the EnactTrust Security Cloud.

Installation

Please check the INSTALL.md file for step by step instructions. Short summary is available below:

  1. Git clone this repo
  2. Make
  3. Register at https://a3s.enacttrust.com
  4. enact onboard A3S_USER_ID (see above step)
  5. enact

If you're familiar with attestation and are comfortable with looking at C code, you can also try out the EnactTrust API which is aimed primarily at 3rd party integrations.

Codacy Badge

Requirements

EnactTrust is built for the IoT & Edge devices that live in the field for 3/5/10 years, therefore our implementation is highly portable and EnactTrust supports the most popular firmware architectures. Including the major RTOS solutions, like FreeRTOS, Zephyr and others:

Architecture EnactTrust QuickStart
RTOS Yes
Bare-metal Yes
Safety-critical (FSM) Yes
Linux Yes Yes

Additionally, we aim to support hardware hardening technologies like TrustZone (TF-M & TF-A).

Built With

The QuickStart version of EnactTrust uses:

  • wolfTPM — Our QuickStart version uses wolfTPM because it is designed for embedded systems and requires no external dependencies.
  • libcurl — Our agent uses Curl to communicate easily with our cloud server.

Let us know if you want access to our TF-M and TF-A variant of EnactTrust by sending us an email.

Tiers

This version of EnactTrust is called "Quick Start" and is designed toward ease of use.

Note: EnactTrust is meant to run in a memory isolated environment, so it can protect your system even when your device is compromised or under attack.

Here is the complete list of EnactTrust versions:

  • Quick start - Basic attestation for 1 node (this version).
  • Developer - Advanced attestation for 5 nodes.
  • Enterprise - Protecting IoT products during their entire lifecycle, ZeroTrust security model for critical infrastructure, available on premise and as a managed service, EnactTrust agent deployed in memory isolation to protect the system even in the case of an attack.

History

The original concept of EnactTrust emerged during 2017 and involves the largest trade fair for "Internet of Things" - Embedded World in Nuremberg/Germany. For the very first time there was a dedicated Trusted Platform Module(TPM) track. Presenters included managers from ARM, OnSemi and other industry leaders. Surprisingly, no one from the five speakers talked about Trusted Computing or mentioned the use of TPM 2.0 modules.

The capability to build trust into a computer system remained just a marketing slogan in 2017. Therefore, in early 2018 we built the first prototype of what later became known as EnactTrust. It took years of development and testing with interested companies to define the core features and qualities of EnactTrust that we have today.

The current "Quick Start" version of EnactTrust is re-written to use the open-source wolfTPM and libcurl librariers, and targets Linux for ease of use.

Contact us

The goal of EnactTrust is to make IoT and Edge systems more secure. Send us an email with your questions and we will respond. Alternatively, you could also use TPM.dev forum.

We look forward to receiving your comments and questions.

About

Enact is an open-source software that enables you to monitor the health of your system

License:GNU General Public License v2.0


Languages

Language:C 99.2%Language:Makefile 0.8%