search.noResults

search.searching

note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
Internet of Things


Elementary way to keep the IoT secure


Andrew Pockson, divisional marketing manager at Anglia Components explains how secure elements can build trust between devices on an IoT network


standstill. Two senators in the USA – Democrat Mark Warner and Republican Cory Gardner – have even put forward a bill to force IoT providers to the government to meet security standards, a move that many believe will have ramifications well outside government contracts as it could by default become a marker for what is acceptable practice in all spheres.


Andrew Pockson, divisional marketing manager at Anglia Components


W


hile companies and individuals are welcoming the rapid growth of the Internet of Things (IoT),


there is a certain trepidation among many that opening up so many devices to internet connectivity so rapidly could also expose these devices to unwanted attention. There is a fear that in the rush to connect a vast number of things, maybe security is not being treated as thoroughly as it should. Already, there have been reports in the


press of hacker exploits using common household devices such as a toaster or kettle to break into a home network. Baby monitors and home security systems have been compromised. Potentially more serious was the now infamous Jeep hack where a couple of, thankfully, benign hackers demonstrated successfully how they could take control of the vehicle remotely.


In the industrial world, the danger comes


from criminals gaining access to trade secrets or the actual machinery in the plant. A recent report from Markets & Markets predicts the industrial cyber-security market to hit US$22.8bn by 2023, growing at a CAGR of 8.6 per cent from 2017 to 2023. Law makers are starting to appreciate


the problem, especially in an era where security generally is so high on the agenda and distributed denial of service attacks have seen businesses brought to a


38 October 2017


The data lifecycle The problem is that the easiest way often for a hacker to gain access to a network is through the basic edge devices. And installing high security in these can be a costly exercise, especially as the goal of the IoT is to have billions of such devices connected, say, through a LoRa wide area network. A good real example is an industrial company that uses a LoRa network to monitor processes in a gas refinery. If a hacker used one of the edge devices to gain access to the server then the damage that could be caused is immense. General Electric too uses the IoT for predictive maintenance in jet engines so it can spot problems before they grow into serious faults. Again, in such a critical application the last thing that is needed is an unwanted presence on the network. Therefore, a key element in a secure IoT network is to ensure that whoever is on the network has a right to be there. Data have to be secured on their journey through the network to make sure they do not fall into the wrong hands. To achieve this, there has to be some form of authentication so that trust can be established between the different elements of the network. But for this to happen, the data (usually in the form of a private key) that define that trust, have themselves to be protected. One way of doing this is to use what is known as a secure element. This is a tamper resistant hardware component embedded in IoT and industrial connected equipment and machines to deliver smart card level digital security and device lifecycle management. The secure element serves as the foundation of trust in an end-to-end security architecture to protect data integrity and defend against cyber attacks.


Turnkey solution for IoT devices Good examples of tamper-resistant, advanced protection solutions are the


Components in Electronics


Gemalto Secure Element and the STMicroelectronics STSAFE-100. Ruggedised for reliability and longevity


in extreme environmental conditions typical of M2M and IoT applications, the Gemalto Secure Element ensures that data are stored in a safe place and that access is granted only to authorised applications and people. It also enables over-the-air management of security credentials, software updates and evolving security capabilities across the lifecycle of products and services. This will work with any vertical market application including connected cars, smart grids and smart city services and provides a powerful key to help secure the entire IoT ecosystem. Likewise, the STSAFE-A100 acts as a


secure element providing authentication and data management services to a local or remote host. It has a secure operating system running on the latest secure microcontrollers, and can be integrated in IoT devices, smart-home, smart-city and industrial applications, consumer electronics devices, consumables and accessories. OEMs can install these network encryption devices into cloud-based products, say on the PCB inside a smart-home hub. A device that this communicates with will have the same encryption key and only when the two keys have authenticated each other can communications between the devices commence.


Conclusion There have been massive predictions for how large the IoT will become and how many billion connected devices will become part of this technological revolution. And this is not just something for the far future; it is here today. Already, smart devices are appearing in people’s homes, factories are becoming more connected and there are numerous trials of autonomous vehicle technologies around the world. Cities are falling over themselves to install the sort of smart services that will save them money, make their operations more efficient, and improve the lives and safety of their citizens. But for all this to become a reality, there has to be trust. Companies, politicians and individuals need to be assured that the networks are secure and nobody can access their private data. This means security has to be designed in from the start and not just an as afterthought when equipment is deployed.


While many factors have to come into play to ensure such trust, the use by manufacturers of secure elements, such as those from ST Microelectronics and Gemalto, go a long way towards guaranteeing mutual authentication between the devices that make up these networks.


www.anglia.com www.cieonline.co.uk


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58  |  Page 59  |  Page 60