Abstract: At least one non-transitory computer readable medium, that at least one non-transitory computer readable medium stores instructions for (a) generating master keys by a keys security entity (KSE) that is established within a KSE; (b) generating one-time connection session keys, by the KSE, based on the master keys; (c) outputting, by the KSE, the one-time connection session keys to a Connection Security Entity (CSE) enclave in which a CSE is established, over a secure communication link; and (d) preventing access, by the KSE, to the master keys.

Abstract: A method for fault tree analysis (FTA) of a system, the method may include (i) preforming FTA of the system using multiple hybrid events to provide a FTA result, wherein each hybrid event represents both latent failure modes and evident failure modes; and (ii) responding to the FTS result.

Abstract: A hardware controller for securing one or more parts of an MMI, the hardware controller may include a MMI interface configured to communicate with the MMI; a first security level (SL) processor interface configured to communicate with a first SL processor while maintaining the first SL; a second SL processor interface configured to communicate with a second SL processor while maintaining the second SL; wherein the second SL differs from the first SL; a configuration interface configured to receive configuration information that divides the MMI to one or first SL MMI areas and to one or more second SL MMI areas; and a controller core configured to control, based on the configuration information, (a) a communication between the first SL processor and the one or first SL MMI areas, and (b) a communication between the second SL processor and the one or second SL MMI areas.

Abstract: At least one non-transitory computer readable medium, that at least one non-transitory computer readable medium stores instructions for (a) generating master keys by a keys security entity (KSE) that is established within a KSE; (b) generating one-time connection session keys, by the KSE, based on the master keys; (c) outputting, by the KSE, the one-time connection session keys to a Connection Security Entity (CSE) enclave in which a CSE is established, over a secure communication link; and (d) preventing access, by the KSE, to the master keys.

Abstract: A mobile wallet for storing a digital asset, the mobile wallet may include a communication unit; a programmable logic device (PLD), a main controller, a secure element, and an anti-tamper unit that comprises one or more anti-tamper sensors. The secure element may be configured to store the digital asset. The communication unit may be configured to receive ingress traffic from outside the mobile wallet and to output egress traffic not blocked by the PLD. The PLD may be configured to monitor ingress traffic and egress traffic, and to determine whether to pass or block ingress messages of the ingress traffic and egress messages of the egress traffic. At least one of the main controller and the anti-tamper unit may be configured to detect a tamper attempt based on outputs of the one or more anti-tamper sensors. The main controller may be configured to assist in responding to a detected tamper attempt.