Infineon Technologies Security Solutions for Artificial Intelligence

Generative and agentic AI shift enterprise value to models and data - expanding the attack surface from the smallest edge sensors to cloud servers.

Software-only security measures and virtual roots of trust can be bypassed, exposing IP. To secure AI effectively, Infineon anchors security at the silicon level, creating a chain of trust: OPTIGA™ TPM and OPTIGA™ Trust M provide a hardware-based Root-of-Trust that secures device identity, keys, and AI workloads end to end.

Across the edge-to-cloud AI workflow, OPTIGA TPM and OPTIGA Trust M address distinct but complementary attack surfaces – each applied based on the device architecture and security requirements.

Trusted Platform Modules (TPM)

The OPTIGA TPM provides hardware-based attestation, measured boot, and secured communication for edge devices built on MPU (Android, embedded Linux OS). This establishes platform security and trust verification before AI workloads are executed.

In distributed and federated environments, the TPM-based configurations allow only trusted nodes to participate.

During AI model deployment at the edge, Infineon solutions are selected based on system architecture and security needs.

These TPM modules are ideal to support:

• Protection of keys and secrets
• Anti-counterfeiting
• Device health attestation to verify device integrity
• Secured firmware updates
• Secured cloud onboarding
• Secured channel for encrypted, protected communication with Transport Layer Security (TLS)

Hardware-based security with TEE

The OPTIGA TRUST M SLS32AIA anchors device identity, performs secured key storage, signing, and decryption of AI models within its secured, isolated boundary – enabling authenticity and protecting AI model integrity from the first instance.

OPTIGA Trust M provides:
• Hardware-based security
• Trusted execution environment
• Secured key management
• Compliance with AI security standards
• Flexibility and scalability

AI Microcontrollers

At the data generation edge, where risks include device spoofing, firmware compromise, and tampered sensor inputs, PSOC™ microcontrollers provide secure boot and trusted execution in configurations that require lightweight, cost-optimized security.

PSOC Edge E84 provides:
• Secure boot
• Hardware-based security
• Encryption
• Secure key storage
• Trusted Execution Environment (TEE)
• Secure debug
• Anti-tamper (voltage and temperature monitoring)
• Secured firmware updates
• AI model storage and secure AI inference
• Compliance with security standards, including up to PSA Level 4 Certified, SESIP, and IEC 62443

Features

  • OPTIGA Trust M - a comprehensive security solution providing a trusted environment for AI model development, deployment, and execution
    • ECC - NIST curves up to P-521, Brainpool r1 curve up to 512
    • RSA® up to 2048
    • AES key up to 256, HMAC up to SHA-512
    • TLS v1.2 PRF and HKDF up to SHA-512
    • TRNG/DRNG
    • I2C interface with shielded connection
    • Hibernate mode for zero power consumption
    • USON-10 package (3mm x 3mm)
    • Standard and extended temperature ranges from -40°C to +105°C
    • Up to 10kB user memory
    • Protected updates
    • Usage counters
    • Dynamic object (e.g., credentials) locking
    • Configurable device security monitor
    • A lifetime of 20 years for industrial and infrastructure applications
    • Cryptographic ToolBox commands for SHA-256, ECC and RSA features, AES, HMAC, and Key derivation
    • MIT-licensed software framework on GitHub (github.com/Infineon/optiga-trust-m)
  • OPTIGA TPM SLB 9672 / OPTIGA TPM SLB 9673:
    • Standardized security controller
    • PQC-protected firmware update mechanism using XMSS signatures
    • Support for latest specifications of the TCG TPM 2.0 standard (revision 1.59) specifications
    • TCG, CC, and FIPS certifications
    • Windows HLK certification
    • Support for various cryptographic algorithms: up to RSA-4096, AES-128, AES-256, ECC NIST P256, ECC BN256, ECC NIST P384, SHA-1, SHA2-256, SHA2-384
    • Extended non-volatile memory (51kB)
    • SPI interface
    • Thin UQFN-32 package
  • PSOC Edge E84 MCUs offering state-of-the-art security with:
    • Lockstep secured enclave in a low-power always-on domain
    • Infineon Edge Protect Category 4 / Platform Security Architecture (PSA) Level 4
    • Off-the-shelf trusted Firmware-M enablement and Mbed-TLS for crypto operations

Applications

  • OPTIGA TPM SLB 9672/OPTIGA TPM SLB 9673
    • Data Centers
    • Edge Computing
    • Home and building automation
  • OPTIGA Trust M
    • Smart Home / Smart building
    • Consumer applications
    • Industrial and building automation

TPM Comparison Chart

Chart - Infineon Technologies Security Solutions for Artificial Intelligence

PSOC Edge E84 Block Diagram

Block Diagram - Infineon Technologies Security Solutions for Artificial Intelligence

Videos

發佈日期: 2026-04-10 | 更新日期: 2026-06-24