{"id":3364,"date":"2024-05-02T19:54:52","date_gmt":"2024-05-02T19:54:52","guid":{"rendered":"https:\/\/rmds.ca\/solution-yocto-securisee-nxp-pkcs11\/"},"modified":"2024-09-03T15:21:25","modified_gmt":"2024-09-03T15:21:25","slug":"secured-yocto-solution-nxp-pkcs11","status":"publish","type":"post","link":"https:\/\/rmds.ca\/en\/secured-yocto-solution-nxp-pkcs11\/","title":{"rendered":"Building a Secure Yocto Solution with NXP i.MX SoCs and PKCS#11"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"3364\" class=\"elementor elementor-3364 elementor-2798\" data-elementor-post-type=\"post\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-1f69e2e elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"1f69e2e\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-e1022ab\" data-id=\"e1022ab\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-734a75b elementor-widget elementor-widget-heading\" data-id=\"734a75b\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Why Secure by Design for IoT?<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5107416 elementor-widget elementor-widget-text-editor\" data-id=\"5107416\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>IoT devices are increasingly vulnerable to cyber threats, emphasizing the need for robust security from design to deployment. Without proper security measures, the consequences of vulnerable IoT devices can be severe:<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-85a3dfa elementor-widget elementor-widget-text-editor\" data-id=\"85a3dfa\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<ul><li><strong>Data Breaches: <\/strong>Vulnerable IoT devices can lead to unauthorized access and leakage of sensitive user data.<\/li><li><strong>Zombie Army: <\/strong>Insecure IoT devices are often targeted for inclusion in botnets, which can launch large-scale distributed denial-of-service (DDoS) attacks.<\/li><li><strong>Physical Safety: <\/strong>Malicious actors can exploit vulnerabilities in IoT devices to manipulate critical systems.<\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4c6d368 elementor-widget elementor-widget-text-editor\" data-id=\"4c6d368\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Secure functionalities such as cloud service authentication, secure network communication, and secure Over-the-Air (OTA) updates must be prioritized from the ideation phase through to production. This proactive approach is crucial for mitigating risks, costs and safeguarding both users and organizations.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-fd5986b elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"fd5986b\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-2960977\" data-id=\"2960977\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-385db9e elementor-widget elementor-widget-heading\" data-id=\"385db9e\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">NXP i.MX SoCs: Powering Secure IoT Devices<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6f61ff3 elementor-widget elementor-widget-text-editor\" data-id=\"6f61ff3\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>The i.MX family offers low-power ARM-based processors ideal for multimedia applications. These System-on-Chip (SoC) devices integrate various processing units, including a CPU, video processing unit, and graphics card.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-e553939 elementor-widget elementor-widget-text-editor\" data-id=\"e553939\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Starting with the i.MX6 series, these SoCs boast a well-supported High Assurance Boot (HAB) feature. HAB unlocks numerous security features, enhancing Bill of Materials (BOM) efficiency and boosting security throughout your design process.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-b980450 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"b980450\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-0932a8d\" data-id=\"0932a8d\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-1be0555 elementor-widget elementor-widget-heading\" data-id=\"1be0555\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Building a Chain of Trust (CoT): The Foundation of Security<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-797bf2d elementor-widget elementor-widget-text-editor\" data-id=\"797bf2d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>A Chain of Trust (CoT) safeguards your IoT product from various threats like IP theft, unauthorized access, and hijacking. It ensures the integrity and tamper-proof nature of your system.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-19497af elementor-widget elementor-widget-text-editor\" data-id=\"19497af\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>i.MX SoCs leverage HAB to establish a CoT. This CoT verifies the authenticity of every software component (bootloader, kernel, device tree and intellectual property (IP)) through hardware OEM locks and signature checks. This secure environment enables the use of OP-TEE Trusted Applications (TAs) to create a software-based Trusted Platform Module (fTPM) accessible via PKCS#11 from a Secure World.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-9fe0b46 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"9fe0b46\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-26ecbd4\" data-id=\"26ecbd4\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-800ac47 elementor-widget elementor-widget-heading\" data-id=\"800ac47\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Why Use PKCS#11?<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4bd5c5d elementor-widget elementor-widget-text-editor\" data-id=\"4bd5c5d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>PKCS#11 (Public Key Cryptography Standards #11) is a widely supported open-source project that facilitates secure cryptographic operations. It provides a standardized interface for accessing cryptographic tokens such as TPMs (Trusted Platform Modules) and HSMs (Hardware Security Modules).<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2939f7c elementor-widget elementor-widget-text-editor\" data-id=\"2939f7c\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>In environments without PKCS#11 support, cryptographic keys are often stored directly on devices or in software, making them vulnerable to unauthorized access or compromise. PKCS#11 addresses this issue by abstracting cryptographic operations and securely managing keys within hardware tokens. This ensures that sensitive keys are protected from exposure, reducing the risk of data breaches and ensuring compliance with security standards.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-b6b62b9 elementor-widget elementor-widget-text-editor\" data-id=\"b6b62b9\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Leading IoT cloud platforms like AWS and Azure utilize PKCS#11 to facilitate device authentication and secure cloud connections without exposing secret keys to the cloud infrastructure. Similarly, OTA (Over-The-Air) update clients such as SWUpdate \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 and Mender leverage PKCS#11 to securely manage cryptographic keys used in the update process, safeguarding against tampering and unauthorized access.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-7d21c0c elementor-widget elementor-widget-text-editor\" data-id=\"7d21c0c\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>By adopting PKCS#11, organizations can enhance the security of their IoT and cloud deployments, ensuring robust protection of sensitive cryptographic assets and maintaining compliance with industry security standards.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-764db82 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"764db82\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-72e1605\" data-id=\"72e1605\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-9c14adb elementor-widget elementor-widget-image\" data-id=\"9c14adb\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t<img fetchpriority=\"high\" decoding=\"async\" width=\"768\" height=\"642\" src=\"https:\/\/rmds.ca\/wp-content\/uploads\/2024\/05\/Providers-vs-clients-768x642.png\" class=\"attachment-medium_large size-medium_large wp-image-3372\" alt=\"\" srcset=\"https:\/\/rmds.ca\/wp-content\/uploads\/2024\/05\/Providers-vs-clients-768x642.png 768w, https:\/\/rmds.ca\/wp-content\/uploads\/2024\/05\/Providers-vs-clients-300x251.png 300w, https:\/\/rmds.ca\/wp-content\/uploads\/2024\/05\/Providers-vs-clients-1024x856.png 1024w, https:\/\/rmds.ca\/wp-content\/uploads\/2024\/05\/Providers-vs-clients.png 1132w\" sizes=\"(max-width: 768px) 100vw, 768px\" \/>\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">Example of Common usage of PKCS#11<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-470dfe4 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"470dfe4\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-fa22b76\" data-id=\"fa22b76\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-9cd6b49 elementor-widget elementor-widget-heading\" data-id=\"9cd6b49\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Key Management in NXP IoT Devices<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-e3069d5 elementor-widget elementor-widget-text-editor\" data-id=\"e3069d5\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Unlike user-based devices, IoT devices rely on keys and certificates for authentication and secure communication. PKCS#11 enables providers to act as keystores, supporting secure cryptographic operations without exposing private keys to end-users.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-8538986 elementor-widget elementor-widget-text-editor\" data-id=\"8538986\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>i.MX processors (from the i.MX6 series onwards) provide a range of security features to implement an fTPM as a PKCS#11 provider. This functionality combines ARM TrustZone technology with an open-source Secure OS like OP-TEE to achieve functionalities similar to HSMs\/TPMs\/Secure Elements. OP-TEE OS can run various TAs, including an fTPM, for diverse purposes.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-42a144f elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"42a144f\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-6efcb6f\" data-id=\"6efcb6f\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-a429a91 elementor-widget elementor-widget-image\" data-id=\"a429a91\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"768\" height=\"549\" src=\"https:\/\/rmds.ca\/wp-content\/uploads\/2024\/05\/fTPM-with-OP-TEE-768x549.png\" class=\"attachment-medium_large size-medium_large wp-image-3370\" alt=\"\" srcset=\"https:\/\/rmds.ca\/wp-content\/uploads\/2024\/05\/fTPM-with-OP-TEE-768x549.png 768w, https:\/\/rmds.ca\/wp-content\/uploads\/2024\/05\/fTPM-with-OP-TEE-300x214.png 300w, https:\/\/rmds.ca\/wp-content\/uploads\/2024\/05\/fTPM-with-OP-TEE.png 988w\" sizes=\"(max-width: 768px) 100vw, 768px\" \/>\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">Example usage of fTPM PCKS#11 TA with OP-TEE<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-a889ce5 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"a889ce5\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-45cbdec\" data-id=\"45cbdec\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-85c9d8d elementor-widget elementor-widget-text-editor\" data-id=\"85c9d8d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><strong>Important Notes :<\/strong><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3b2f22a elementor-widget elementor-widget-text-editor\" data-id=\"3b2f22a\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<ul><li>A secure OP-TEE requires a pre-established CoT for security (e.g., Secure Boot)<\/li><li>A secure OP-TEE necessitates SoC-supported HUK (Hardware Unique Key) (e.g., NXP i.MX with CAAM or EdgeLock) for secure storage.<\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-f4e32f1 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"f4e32f1\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-5172073\" data-id=\"5172073\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-7a0ce42 elementor-widget elementor-widget-heading\" data-id=\"7a0ce42\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Supply Chain Key Management Challenges<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3d22988 elementor-widget elementor-widget-text-editor\" data-id=\"3d22988\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Creating a secure CoT for your IoT solutions requires careful consideration throughout the development process. Implementing Secure Boot on NXP i.MX SoCs involves a Public Key Infrastructure (PKI) tree with four private keys that must be kept confidential. NXP i.MX Secure Boot is a one-time programmable option. If compromised, your entire device fleet becomes vulnerable.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-e7eca95 elementor-widget elementor-widget-text-editor\" data-id=\"e7eca95\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Implementing secure key management within the supply chain is another crucial aspect. Using an HSM as a PKCS#11 provider offers a secure keystore with physical, network, and hardware security for your CoT. Keys and certificates reside within a secure element, preventing private key exposure.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-e8fa4de elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"e8fa4de\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-8769c4c\" data-id=\"8769c4c\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-45410e5 elementor-widget elementor-widget-heading\" data-id=\"45410e5\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Yocto Project: Streamlining Secure Development<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-967478a elementor-widget elementor-widget-text-editor\" data-id=\"967478a\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>The Yocto Project, combined with the NXP Code Signing Tool, facilitates filesystem key signing during the Yocto build process. At Rational Minds, we have implemented a layer that leverages PKCS#11 support within the Yocto solution. This allows for integrating security features within the supply chain and seamlessly fits with continuous integration\/development (CI\/CD) workflows by enabling Yocto builds to sign all necessary components. Ultimately, PKCS#11, along with PKCS#11-Proxy, empowers tools like GitLab Runner to utilize a shared HSM within your private network or secure connection.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-8efb887 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"8efb887\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-e9abad9\" data-id=\"e9abad9\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-320ce6a elementor-widget elementor-widget-image\" data-id=\"320ce6a\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"768\" height=\"529\" src=\"https:\/\/rmds.ca\/wp-content\/uploads\/2024\/05\/Yocto-conception-768x529.png\" class=\"attachment-medium_large size-medium_large wp-image-3374\" alt=\"\" srcset=\"https:\/\/rmds.ca\/wp-content\/uploads\/2024\/05\/Yocto-conception-768x529.png 768w, https:\/\/rmds.ca\/wp-content\/uploads\/2024\/05\/Yocto-conception-300x207.png 300w, https:\/\/rmds.ca\/wp-content\/uploads\/2024\/05\/Yocto-conception.png 1021w\" sizes=\"(max-width: 768px) 100vw, 768px\" \/>\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">Example usage of PKCS#11 in Yocto Build \/ Supply Chain<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-11c9452 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"11c9452\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-b3c6371\" data-id=\"b3c6371\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-f7e5a2a elementor-widget elementor-widget-heading\" data-id=\"f7e5a2a\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Conclusion<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6dc2d25 elementor-widget elementor-widget-text-editor\" data-id=\"6dc2d25\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Leveraging OP-TEE as a PKCS#11 provider strengthens your IoT device security and eliminates the need for dedicated security chips, reducing BOM costs. Additionally, using an HSM as a PKCS#11 provider for your supply chain fulfills the minimal security requirements for managing keys across different teams, services, and systems.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4e303f5 elementor-widget elementor-widget-text-editor\" data-id=\"4e303f5\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Rational Minds offers different layers to meet PKCS#11 and HSM requirements inside a Yocto solution by leveraging NXP i.MX security features and applications. Schedule a free security consultation with us to learn more.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-9971d44 elementor-widget elementor-widget-button\" data-id=\"9971d44\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"button.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<div class=\"elementor-button-wrapper\">\n\t\t\t\t\t<a class=\"elementor-button elementor-button-link elementor-size-sm\" href=\"https:\/\/rmds.ca\/en\/contact\/\" target=\"_blank\">\n\t\t\t\t\t\t<span class=\"elementor-button-content-wrapper\">\n\t\t\t\t\t\t\t\t\t<span class=\"elementor-button-text\">I want to know more!<\/span>\n\t\t\t\t\t<\/span>\n\t\t\t\t\t<\/a>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-a0b4e36 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"a0b4e36\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-850fab1\" data-id=\"850fab1\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-50e77fe elementor-widget elementor-widget-spacer\" data-id=\"50e77fe\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-d2b121c elementor-widget-divider--view-line elementor-widget elementor-widget-divider\" data-id=\"d2b121c\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"divider.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-divider\">\n\t\t\t<span class=\"elementor-divider-separator\">\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-bc9bbae elementor-widget elementor-widget-author-box\" data-id=\"bc9bbae\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"author-box.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-author-box\">\n\t\t\t\t\t\t\t<div  class=\"elementor-author-box__avatar\">\n\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/rmds.ca\/wp-content\/uploads\/2024\/05\/Walter-300x300.jpg\" alt=\"Picture of Walter Bonetti\" loading=\"lazy\">\n\t\t\t\t<\/div>\n\t\t\t\n\t\t\t<div class=\"elementor-author-box__text\">\n\t\t\t\t\t\t\t\t\t<div >\n\t\t\t\t\t\t<h5 class=\"elementor-author-box__name\">\n\t\t\t\t\t\t\tWalter Bonetti\t\t\t\t\t\t<\/h5>\n\t\t\t\t\t<\/div>\n\t\t\t\t\n\t\t\t\t\t\t\t\t\t<div class=\"elementor-author-box__bio\">\n\t\t\t\t\t\t<p>Senior Software Developer<\/p>\n\t\t\t\t\t<\/div>\n\t\t\t\t\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>This article explores how to leverage the security features of NXP i.MX SoCs and PKCS#11 to build secure Yocto solutions for your IoT devices.<\/p>\n","protected":false},"author":4,"featured_media":3432,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"categories":[21],"tags":[],"class_list":["post-3364","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-yocto"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Building a Secure Yocto Solution with NXP i.MX SoCs and PKCS#11 - RMDS<\/title>\n<meta name=\"description\" content=\"Discover different tips for designing a secure Yocto solution using the NXP i.MX and PKCS#11 SoCs\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/rmds.ca\/en\/secured-yocto-solution-nxp-pkcs11\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Building a Secure Yocto Solution with NXP i.MX SoCs and PKCS#11\" \/>\n<meta property=\"og:description\" content=\"Discover different tips for designing a secure Yocto solution using the NXP i.MX and PKCS#11 SoCs\" \/>\n<meta property=\"og:url\" content=\"https:\/\/rmds.ca\/en\/secured-yocto-solution-nxp-pkcs11\/\" \/>\n<meta property=\"og:site_name\" content=\"RMDS\" \/>\n<meta property=\"article:published_time\" content=\"2024-05-02T19:54:52+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-09-03T15:21:25+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/rmds.ca\/wp-content\/uploads\/2024\/05\/image-4.png\" \/>\n\t<meta property=\"og:image:width\" content=\"3412\" \/>\n\t<meta property=\"og:image:height\" content=\"1320\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Maxime L&#039;Homme\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Maxime L&#039;Homme\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/rmds.ca\\\/en\\\/secured-yocto-solution-nxp-pkcs11\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/rmds.ca\\\/en\\\/secured-yocto-solution-nxp-pkcs11\\\/\"},\"author\":{\"name\":\"Maxime L'Homme\",\"@id\":\"https:\\\/\\\/rmds.ca\\\/#\\\/schema\\\/person\\\/506df3cc50e0ad80fa8c61fe4e712f59\"},\"headline\":\"Building a Secure Yocto Solution with NXP i.MX SoCs and PKCS#11\",\"datePublished\":\"2024-05-02T19:54:52+00:00\",\"dateModified\":\"2024-09-03T15:21:25+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/rmds.ca\\\/en\\\/secured-yocto-solution-nxp-pkcs11\\\/\"},\"wordCount\":929,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/rmds.ca\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/rmds.ca\\\/en\\\/secured-yocto-solution-nxp-pkcs11\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/rmds.ca\\\/wp-content\\\/uploads\\\/2024\\\/05\\\/image-4.png\",\"articleSection\":[\"Yocto\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/rmds.ca\\\/en\\\/secured-yocto-solution-nxp-pkcs11\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/rmds.ca\\\/en\\\/secured-yocto-solution-nxp-pkcs11\\\/\",\"url\":\"https:\\\/\\\/rmds.ca\\\/en\\\/secured-yocto-solution-nxp-pkcs11\\\/\",\"name\":\"Building a Secure Yocto Solution with NXP i.MX SoCs and PKCS#11 - RMDS\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/rmds.ca\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/rmds.ca\\\/en\\\/secured-yocto-solution-nxp-pkcs11\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/rmds.ca\\\/en\\\/secured-yocto-solution-nxp-pkcs11\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/rmds.ca\\\/wp-content\\\/uploads\\\/2024\\\/05\\\/image-4.png\",\"datePublished\":\"2024-05-02T19:54:52+00:00\",\"dateModified\":\"2024-09-03T15:21:25+00:00\",\"description\":\"Discover different tips for designing a secure Yocto solution using the NXP i.MX and PKCS#11 SoCs\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/rmds.ca\\\/en\\\/secured-yocto-solution-nxp-pkcs11\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/rmds.ca\\\/en\\\/secured-yocto-solution-nxp-pkcs11\\\/#primaryimage\",\"url\":\"https:\\\/\\\/rmds.ca\\\/wp-content\\\/uploads\\\/2024\\\/05\\\/image-4.png\",\"contentUrl\":\"https:\\\/\\\/rmds.ca\\\/wp-content\\\/uploads\\\/2024\\\/05\\\/image-4.png\",\"width\":3412,\"height\":1320},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/rmds.ca\\\/#website\",\"url\":\"https:\\\/\\\/rmds.ca\\\/\",\"name\":\"RMDS\",\"description\":\"Just another Les sites de Collectiv site\",\"publisher\":{\"@id\":\"https:\\\/\\\/rmds.ca\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/rmds.ca\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/rmds.ca\\\/#organization\",\"name\":\"RMDS\",\"url\":\"https:\\\/\\\/rmds.ca\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/rmds.ca\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/rmds.ca\\\/wp-content\\\/uploads\\\/2021\\\/05\\\/Group-1.svg\",\"contentUrl\":\"https:\\\/\\\/rmds.ca\\\/wp-content\\\/uploads\\\/2021\\\/05\\\/Group-1.svg\",\"caption\":\"RMDS\"},\"image\":{\"@id\":\"https:\\\/\\\/rmds.ca\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/rmds.ca\\\/#\\\/schema\\\/person\\\/506df3cc50e0ad80fa8c61fe4e712f59\",\"name\":\"Maxime L'Homme\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/3ab275ad6f489092363e11237cd155bb7efe0e21039d091a39f346048a05bbeb?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/3ab275ad6f489092363e11237cd155bb7efe0e21039d091a39f346048a05bbeb?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/3ab275ad6f489092363e11237cd155bb7efe0e21039d091a39f346048a05bbeb?s=96&d=mm&r=g\",\"caption\":\"Maxime L'Homme\"},\"url\":\"https:\\\/\\\/rmds.ca\\\/en\\\/author\\\/max\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Building a Secure Yocto Solution with NXP i.MX SoCs and PKCS#11 - RMDS","description":"Discover different tips for designing a secure Yocto solution using the NXP i.MX and PKCS#11 SoCs","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/rmds.ca\/en\/secured-yocto-solution-nxp-pkcs11\/","og_locale":"en_US","og_type":"article","og_title":"Building a Secure Yocto Solution with NXP i.MX SoCs and PKCS#11","og_description":"Discover different tips for designing a secure Yocto solution using the NXP i.MX and PKCS#11 SoCs","og_url":"https:\/\/rmds.ca\/en\/secured-yocto-solution-nxp-pkcs11\/","og_site_name":"RMDS","article_published_time":"2024-05-02T19:54:52+00:00","article_modified_time":"2024-09-03T15:21:25+00:00","og_image":[{"width":3412,"height":1320,"url":"https:\/\/rmds.ca\/wp-content\/uploads\/2024\/05\/image-4.png","type":"image\/png"}],"author":"Maxime L'Homme","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Maxime L'Homme","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/rmds.ca\/en\/secured-yocto-solution-nxp-pkcs11\/#article","isPartOf":{"@id":"https:\/\/rmds.ca\/en\/secured-yocto-solution-nxp-pkcs11\/"},"author":{"name":"Maxime L'Homme","@id":"https:\/\/rmds.ca\/#\/schema\/person\/506df3cc50e0ad80fa8c61fe4e712f59"},"headline":"Building a Secure Yocto Solution with NXP i.MX SoCs and PKCS#11","datePublished":"2024-05-02T19:54:52+00:00","dateModified":"2024-09-03T15:21:25+00:00","mainEntityOfPage":{"@id":"https:\/\/rmds.ca\/en\/secured-yocto-solution-nxp-pkcs11\/"},"wordCount":929,"commentCount":0,"publisher":{"@id":"https:\/\/rmds.ca\/#organization"},"image":{"@id":"https:\/\/rmds.ca\/en\/secured-yocto-solution-nxp-pkcs11\/#primaryimage"},"thumbnailUrl":"https:\/\/rmds.ca\/wp-content\/uploads\/2024\/05\/image-4.png","articleSection":["Yocto"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/rmds.ca\/en\/secured-yocto-solution-nxp-pkcs11\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/rmds.ca\/en\/secured-yocto-solution-nxp-pkcs11\/","url":"https:\/\/rmds.ca\/en\/secured-yocto-solution-nxp-pkcs11\/","name":"Building a Secure Yocto Solution with NXP i.MX SoCs and PKCS#11 - RMDS","isPartOf":{"@id":"https:\/\/rmds.ca\/#website"},"primaryImageOfPage":{"@id":"https:\/\/rmds.ca\/en\/secured-yocto-solution-nxp-pkcs11\/#primaryimage"},"image":{"@id":"https:\/\/rmds.ca\/en\/secured-yocto-solution-nxp-pkcs11\/#primaryimage"},"thumbnailUrl":"https:\/\/rmds.ca\/wp-content\/uploads\/2024\/05\/image-4.png","datePublished":"2024-05-02T19:54:52+00:00","dateModified":"2024-09-03T15:21:25+00:00","description":"Discover different tips for designing a secure Yocto solution using the NXP i.MX and PKCS#11 SoCs","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/rmds.ca\/en\/secured-yocto-solution-nxp-pkcs11\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/rmds.ca\/en\/secured-yocto-solution-nxp-pkcs11\/#primaryimage","url":"https:\/\/rmds.ca\/wp-content\/uploads\/2024\/05\/image-4.png","contentUrl":"https:\/\/rmds.ca\/wp-content\/uploads\/2024\/05\/image-4.png","width":3412,"height":1320},{"@type":"WebSite","@id":"https:\/\/rmds.ca\/#website","url":"https:\/\/rmds.ca\/","name":"RMDS","description":"Just another Les sites de Collectiv site","publisher":{"@id":"https:\/\/rmds.ca\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/rmds.ca\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/rmds.ca\/#organization","name":"RMDS","url":"https:\/\/rmds.ca\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/rmds.ca\/#\/schema\/logo\/image\/","url":"https:\/\/rmds.ca\/wp-content\/uploads\/2021\/05\/Group-1.svg","contentUrl":"https:\/\/rmds.ca\/wp-content\/uploads\/2021\/05\/Group-1.svg","caption":"RMDS"},"image":{"@id":"https:\/\/rmds.ca\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/rmds.ca\/#\/schema\/person\/506df3cc50e0ad80fa8c61fe4e712f59","name":"Maxime L'Homme","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/3ab275ad6f489092363e11237cd155bb7efe0e21039d091a39f346048a05bbeb?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/3ab275ad6f489092363e11237cd155bb7efe0e21039d091a39f346048a05bbeb?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/3ab275ad6f489092363e11237cd155bb7efe0e21039d091a39f346048a05bbeb?s=96&d=mm&r=g","caption":"Maxime L'Homme"},"url":"https:\/\/rmds.ca\/en\/author\/max\/"}]}},"_links":{"self":[{"href":"https:\/\/rmds.ca\/en\/wp-json\/wp\/v2\/posts\/3364","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/rmds.ca\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/rmds.ca\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/rmds.ca\/en\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/rmds.ca\/en\/wp-json\/wp\/v2\/comments?post=3364"}],"version-history":[{"count":0,"href":"https:\/\/rmds.ca\/en\/wp-json\/wp\/v2\/posts\/3364\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/rmds.ca\/en\/wp-json\/wp\/v2\/media\/3432"}],"wp:attachment":[{"href":"https:\/\/rmds.ca\/en\/wp-json\/wp\/v2\/media?parent=3364"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/rmds.ca\/en\/wp-json\/wp\/v2\/categories?post=3364"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/rmds.ca\/en\/wp-json\/wp\/v2\/tags?post=3364"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}