Next-Generation Security. Sanctuary

Sanctuary Embedded’s portfolio of security services can be combined in flexible ways to provide strong protection for your current and future products and enable new business models such as in the area of digital rights management.

Today’s Systems Face Diverse Security Challenges Across Domains

The protection of sensitive data is of great importance on all of today’s computing devices, ranging from resource constraint embedded devices over mobile devices up to powerful cloud servers. Driven by megatrends such as the Internet of Things (IoT) or new applications (e.g., autonomous driving), new cloud computing services (e.g., Container-as-a-service) and also new data protection regulations (e.g., GDPR), the demand for security solutions across platforms and services is ever increasing.

Sanctuary Embedded provides a comprehensive set of security services and primitives, that enhance the protection and resiliency of existing solutions as well as future systems. Isolation allows to build zero-trust systems with independent software components. With integrity verification and run-time protection Sanctuary Embedded ensures that attacks and modifications are detected and sensitive data is protected. Additionally, Sanctuary Embedded can monitor a system’s health state to detect and report incidences, including both, attacks from malicious entities as well as faults due to errors. Combined with strongly protected cryptographic functionalities, using virtual HSM technology, Sanctuary Embedded allows secure operation in distributed scenarios.

Service Portfolio

Strong Workload Isolation

Isolation is a core principle of computer security. Sanctuary Embedded provides strong isolation of all your workloads at multiple layers, providing defense in depth.

Platform Integrity Verification

Platform integrity measurements enable you to check the current state of your system – allowing you to authenticate individual components of the system and manage digital rights.

Run-time Protection

Sanctuary Embedded provides security mechanisms to protect your critical data against today’s broad threat landscape. Complex attacks, that manipulate a systems’ behavior remotely without altering their code can be prevented with Sanctuary Embedded‘s Security Services.

System Health Monitoring

Sanctuary Embedded is capable of robustly monitoring a system’s health state to detect security violations as well as execution faults.

Cryptographic Services

HSM & Cryptographic Services

Sanctuary Embedded offers rich HSM (-like) functionality right on your system! Use your existing applications while relying on strongly isolated cryptographic services through standardized interfaces and protocols.

The Sanctuary Embedded Benefits


Unified security

Unified security

Sanctuary Embedded provides unified security services on all layers that can be integrated in existing solutions as well as serve as fundamental security primitives for future systems.


Fitting your security needs

Fitting your security needs

The Sanctuary Security Services elevate your products to a new security level – from system state verification, over cryptographic services, up to monitoring other applications on the system.


Forward-thinking security

Forward-thinking security

The Sanctuary Security Services are built with the latest advances in security research in mind in order to provide protection for your products for state-of-the-art and future software attacks.

Contact us to learn more about how we can support your embedded projects!

Any Questions?

Contact us to learn more about how we can support your embedded projects!