Image signing and encryption
A single solution to digitally sign and encrypt
all software packages
Sign and encrypt all types of software packages
The LAAVAT platform is a comprehensive solution for signing and encrypting software packages of all types, including embedded device images, Windows binaries, Linux, Java, and container packages.
The platform's robust code-signing capabilities are further enhanced by the use of Hardware Security Modules (HSMs), which provide complete protection for signing keys in use and at rest.
Seamless integration with CI/CD pipelines is ensured through REST API-based well-defined interfaces. Support for authentication solutions such as Microsoft Entra ID and certificate-based authentication to provide secure client access and fine-grained authorization for signing operations to ensure the protection of the software supply chain.
Enabling embedded device security features such as secure boot, secure firmware update and protection of critical IP
For device manufacturers, the signing capabilities of the platform play a key role in enabling embedded device security features such as secure boot and secure firmware update. Device firmware must be digitally signed to guarantee the integrity of the boot process.
The Platform supports the signing of different types of images, such as bootloader, firmware updates, and kernel. Integration with platform-specific tools for remote signing is also supported.
The platform supports encryption for all types of images. Device manufacturers can leverage the encryption capabilities of the platform to safeguard critical IPR and security-sensitive data on devices.
The platform also supports the secure distribution of cryptographic assets (such as encryption keys and fuse maps) to manufacturing, with the ability to restrict access to specific assets only for authorized entities.