The main challenge of expanding a good security coverage to connected devices is to design security schemes complying with both Information Technology (IT) and embedded hardware standards
The Internet-of-Things (IoT) technology is promising to connect billions of objects, devices and machines to application servers via the Internet, revolutionizing industrial processes, enabling many new consumer applications… provided that security is not left behind. In the past 15 years, enterprise Information Technology (IT) architects have successfully upgraded their security schemes from an all-wired-stationary desktop world to all-wireless-mobile laptop and smartphone fleets without compromising on security and even improving it.
A similar evolution is happening now when beyond laptops and smartphones, industries are looking into connecting many devices, machines and objects to application servers through private and public networks.
Often closer to Intranet-of-Things than to true Internet-of-Things, these industrial deployments are focusing on keeping full control of the flow, storage and processing of data produced by their own devices without opening or trading them to the outside world. In such schemes, the main challenge of expanding a good security coverage to these devices is to design security schemes complying with both Information Technology (IT) and embedded hardware standards:
These security schemes are expected to widespread further in the industry and in the consumer world yielding end-to-end device-to-applicative server security, even simplifying device provisioning to services thanks to elaborate secure transactions over any kind of connectivity.
This is exactly what Avnet Silica, together with our partners and suppliers are investing into, providing full security reference-designs encompassing:
- Secure elements with customizable security protocols
- Embedded stacks using the secure elements
- Server code talking to the secure elements
- Secure personalization services for making each secure element unique
Whitepaper: IoT Security - Real Problems and Solutions
This paper aims at defining the real issues behind “IoT security”, the real challenges for our customers both from hardware and embedded / server software aspects and of course solutions as we envision them for the next 6 to 8 years, until our world becomes all IPv6 and 6LoWPAN.
OPTIGA™ embedded security solutions
With its OPTIGA™ product family, Infineon offers easy-to-integrate, scalable and customizable turnkey solutions to meet your embedded security challenges.
The STSAFE-A100 is a highly secure solution that acts as a secure element providing authentication and data management services to a local or remote host. It consists of a full turnkey solution with a secure operating system running on the latest generation of secure microcontrollers.
NXP's A1006 is a complete embedded security platform for electronic accessories, mobile phones, portable devices, computing and consumer electronic devices, and embedded systems where a strong security infrastructure is required.
Trusted Platform PMOD
Trusted Platform Module (TPM) Security Peripheral Module (Pmod) for Zynq®-7000 All Programmable SoCs enables a root of trust for platform integrity, remote attestation, and cryptographic services as required by Industrial Internet of Things Applications.
The DeepCover Secure Authenticator (DS28E15) combines crypto-strong bidirectional secure challenge-andresponse authentication functionality with an implementation based on the FIPS 180-3-specified Secure Hash Algorithm (SHA-256). A 512-bit user-programmable EEPROM array provides nonvolatile storage of application data. Additional protected memory holds a read-protected secret for SHA-256 operations and settings for memory protection control.
The A700x family is a tamper resistant secure Micro Controller Unit (MCU) family using a dedicated security hardened MX51CPU. NXP® Semiconductors has a long track record in security MCUs.
TO136 is the lowest power certified tiny secure element in the market. Coming with a fully customisable personalisation scheme and command-set, starting at the lowest volumes in the industry.