Secure Provenance

Other manufacturers find total transparency challenging.
We know that it’s the only way to verify Secure Provenance.

The SoftIron platform makes validation faster

SoftIron’s unified platform approach to manufacturing radically improves the efficiency of Secure Provenance. All SoftIron appliances are built on a shared chassis platform and PCB, so many components, circuitry and firmware are consistent across multiple devices. Any Secure Provenance audit with SoftIron can verify the appliances with unmatched efficiencies.

100% ownership of design

All design and engineering are done by SoftIron. There are no third party ODMs (Original Design Manufacturers) involved in any way with SoftIron.

Full stack control

SoftIron is in the unique position of being a full stack manufacturer, so we have authorship, ownership and total responsibility for all code that goes on our appliances. Any code we don’t write we read line by line – we know every single instruction and why it needs to be there. SoftIron will never install a binary file without taking it back to the source code for a forensic check.

External components check-tested

Only strictly specified components (including manufacturer and batch) are used in SoftIron appliances and only from fully vetted supply partners. All components are checked and tested before installation.

Manufacture and assembly are all in-house

All manufacturing, including surface-mount assembly, is done in-house. There are no white label components inside a SoftIron box. Our name is our reputation and we take that very seriously.

Risk mitigation is risky

The trouble with conventional risk mitigation on hardware and appliance-level software is that those looking for issues are only able to look for the big, obvious, and generally known risks. They will never be able to do the 100% job that Secure Provenance can. Accepting 99% risk mitigation is saying exposure is okay with us – and your clients may have a difference of opinion on that. If security matters to your organisation you must ensure a 100% job.

A SoftIron Secure Provenance audit

A 360° transparent audit to demonstrate Secure Provenance will reveal:

  • All design done in-house
  • All circuit schematics
  • No SKU has multiple bids
  • Fully vetted supply partners
  • Component verification (x-rays, parameter testing, etc.)
  • Firmware and OS code in source form, line-by-line
  • Secure manufacture and assembly in-house
  • Individual appliance test and seal
  • End-to-end forensic chain of custody
  • Tamper-evident packaging before leaving our secure facility
  • Any external component precisely specified (manufacturer and batch)

The audit process validates the product is exactly as designed and specified. It will demonstrate there are no additional or duplicitous components, nor any hidden coding.