Skip to main content

Target Encrypted Link Package (TELP)
Protecting intellectual property with secure programming

Combined with the Flasher Secure, SEGGER's Target Encrypted Link Package (TELP) redefines IP protection in off-site production. Using TELP, any microcontroller can be programmed with an encrypted firmware or bootloader image.

Contact us
Compare Flasher models
Documentation
Product icon TELP

Overview

Developed in house and used by numerous well-known customers, TELP is SEGGER's secure programming package for transferring firmware to a microcontroller. Using the Target Encrypted Link Package in addition to SEGGER's Flasher Secure Server, the Flasher Secure flash programmer, and emSecure anti-cloning software ensures absolutely secure programming.

Key features

  • Protection of intellectual property against copying
  • Support for any microcontroller with a minimal memory configuration
  • Support for any microcontroller, even one without a security engine of any kind
  • Full control over programming processes
  • Transparent programming yield

Protecting intellectual property

In the dynamic landscape of modern manufacturing, the protection of intellectual property (IP) is of paramount concern for both IP owners and contract manufacturers. Using SEGGER's Target Encrypted Link Package (TELP), both parties can find peace of mind, knowing that intellectual property remains secure during production processes. Using TELP ensures that only IP owners have full access to their IP.

Chip highlighted on a PCB

Contract manufacturers

As a contract manufacturer, your customers' trust is critical. They need to know that their firmware is in safe hands. This means no firmware leaks, no cloned hardware devices, no eavesdropping. To provide a completely secure production environment, TELP is the right choice. Combined with the Flasher Secure, it guarantees that your customers' intellectual property is secure at every stage of production.

Opened laptop and Copyright icon

IP owners

As an intellectual property owner, protecting your innovations and ideas from unauthorized access and replication by third parties is critical. Addressing these concerns becomes even more complex when manufacturing processes take place at a third-party location, where maintaining the security of sensitive data during production is a top priority. TELP addresses these vulnerabilities while giving you full control over the programming process.

Secure programming with TELP explained

Using SEGGER's Flasher Secure Server when programming microcontrollers already reduces the risk of counterfeiting. To take security one step further, the hardware can be signed and secured with emSecure, a Flasher Secure Hardware Authentication Package, and the Flasher Secure. As a final step, SEGGER's TELP adds protection to the last inch of communication. This way it protects the firmware against attacks of any kind.

Even if all communication between the IP owner and the production device already is encrypted, there still is one last weak spot – the link between the programmer and the memory. TELP takes care that even the final lengths of wire are protected from sniffing by encrypting the communication and locking all side channels.

Identify target device

To initiate TELP, the Flasher Secure first needs to identify the target device. If the device's chip meets the specified requirements, it sends a Unique ID (UID) back to the Flasher Secure.

Authorize programming process and create device signature

The Flasher Secure now transmits the UID to the Flasher Secure Server, which authorizes the programming process, generates the signature, and sends it back to the Flasher Secure.

The firmware is transferred during this step only if required.

Install secure bootloader

The Flasher Secure now installs a secure bootloader onto the microcontroller, equipping it with additional functions it previously lacked. This includes encrypted communication and a proprietary method of communication that enables TELP to switch off the debug interface.

Establish secure connection

Once the Flasher Secure has established a secure connection with the MCU, a proprietary interface is opened between the Flasher Secure and the microcontroller. After installing the firmware, communication with the processor can only occur through the interface established by the firmware between the Flasher Secure and the target device.

Store signature

The Flasher Secure then transfers the encrypted firmware image to the microcontroller, which stores both the MCU signature and the firmware. Since the firmware is encrypted, the MCU must unpack and decrypt it using a designated test protocol.

Remove connection

After all required components are stored on the MCU, the programming link is disconnected, and the system is reset.

Decrypt and install firmware and remove secure bootloader

In the final step, the microcontroller itself decrypts and installs the firmware onto the microcontroller, subsequently removing the secure bootloader. Once this process is completed, the firmware becomes ready-to-run and it blocks unwanted access from external sources.

Requirements for using TELP

Using SEGGER's Target Encrypted Link Package for secure programming requires:

  • Flasher Secure Server (FSS)
  • Flash programmer Flasher Secure
  • Authentication via emSecure
  • 8 kB of flash and RAM memory