Trusted products and services for embedded security. Join-us on Linkedin

ProvenRun at CES 2022

After an all-digital event in 2021 due to the Covid pandemic, the CES (Consumer Electronic Show) returns to Las Vegas in 2022.

ProvenRun will be exhibiting on the French Tech Automotive pavilion. We will showcase our solutions for the automotive market and how we can help car OEMs and Tier1s resolve their security challenges. Come and meet us:

Vehicle Technology – Tech East
Las Vegas Convention and World Trade Center – West hall
booth #4557 Business France Automotive

We have an exciting news

ProvenRun has partnered with Cinemo, a global leader in high performance and automotive grade multimedia playback, streaming, media management, connectivity, and cloud middleware to demonstrate a world first Infotainment solution for the Automotive industry. We will showcase how Cinemo solution and ProvenCore, ProvenRun’s ultra secure OS, can be combined to provide the best in-vehicle infotainment experience, compliant with the latest and highest security requirements for content protection.

Discover what we have prepared for you:

Teaser CES 2022

Digital Rights Managements Demonstration

This demonstration is the world’s first implementation of the new GlobalPlatform Secure Media Path Protection Profile. It leverages on Cinemo’s award-wining media streaming and playback engine using ProvenRun’s ultra secure TEE ProvenCore and Cinemo’s Widewine DRM implementation.

Within this SMP PP framework, ProvenRun has a DRM solution ready to be certified on any chip or ECU. The secure media path is also entirely protected by ProvenCore itself.

Hardware description




  • NXP i.MX 8
  • 2x Cortex-A72 @ up to 1.6 GHz
  • 4x Cortex-A53 @ up to 1.2 GHz
  • 1 MB L2 cache
  • 2x Cortex-M4 @ 266 MHz

Power Management

  • NXP MMPF8100/8200 PMIC


  • LPDDR4 memory, x64
  • 32 GB eMMC 5.1
  • 64 MB Octal SPI Flash


  • 1x full-size SD/MMC card slot
  • 10/100/1000 Ethernet port
  • 1x USB 3.0 Type C


  • JTAG connector
  • Serial to USB connector

Software description

TEE / Secure OS

Rich OS

  • Yocto branch: imx-linux-warrior
  • Linux v4.19.35
  • Weston v6.0.1

Media player

  • Cinemo’s media streaming and playback engine
  • Widewine DRM

Secure Media Path data flow

  1. At boot time, the memory regions for the Protected Media Pipeline (PMP) are reserved.
  2. The DRM plugin interacts with the DRM agent and the external DRM server to exchange crypto materials and start a DRM session with valid credentials.
  3. The Protected Media Manager (PMM) configures the firewall infrastructure to constrain the PMP actors (VPU, GPU, DPU) to access the selected protected buffers only. The PMP is entirely secured by ProvenCore itself.
  4. Once a DRM session has been established, the corresponding DRM plug-in takes care of copying the incoming encrypted video stream into the public shared memory area.
  5. The Decryptor starts decrypting from the shared memory area into protected buffers.
  6. When the crypto operations are completed, the encoded stream stored inside the protected buffers is ready to be processed.
  7. The protected buffers are also accessible by the GPU. This allows the rich OS to perform composition (UI, video controls, etc.) without having access to the decrypted media content.

Your contacts for the CES

Jerome Bring

Director – Global Sales & Business Development

Benjamin Mouchard

Marketing Manager