IoT Security


Securing the digital world


Sylvain Guilley, CTO of Secure-IC explains why embedded chip security is vital for protecting the growing fleet of end point devices and tells us more about the recent launch of Secure-IC’s lifecycle management platform for connected devices.


S


ecure-IC’s Securyzr integrated Security Services Platform (iSSP) serves a string of IoT connected


devices from the cloud and can be provided with added-value security services, as well as compliance to standards. We spoke with Sylvain Guilley, CTO of Secure-IC to find out more.


What are the current security challenges affecting connected devices and how can end users look to safeguard themselves against cyber-attacks? With the EN 303 645 standard, Europe has started to work on establishing some provisions to ensure the security of connected objects and this work is an important step forward to guide consumers with maximum security in their use of IoT: no default password, automatic vulnerability updates (e.g., vulnerabilities detected by independent labs), secure communications, protection of personal data, ease of deleting said data, etc. We can also advise consumers to be cautious before buying a


connected device. Indeed, they can easily find information as security issues become more and more important in tests related to connected objects. Like many products in the industry, connected objects are never 100% produced by a single manufacturer. It is therefore necessary to ensure the origin of the object, as a connected object with little traceability can be potentially dangerous. Moreover, are security updates planned? Are the security parameters customisable?


34 | April 2022


Tese are indications that the object integrates a security dimension.


Where do you see the greatest device vulnerabilities in regards to connected devices and how can this be addressed? With the multiplication of digital devices and the connectivity brought to objects that were not previously connected, such as vehicles, smart speakers, and even production lines, data is now everywhere and needs to be secured. Te question of data security and integrity is for us at the


centre of the challenges of connected devices. As connected objects also represent a colossal attack surface, they are the first elements that need to be secured. We believe that only an integrated and homogeneous level of end-to-end security from connected objects to the depths of the cloud will ensure the security of a world where data is everywhere. A main framework is critical to the deployment of connected


objects and data protection. Indeed, it is the understanding of standards and their strict application, or even reinforcement, during the design phase that will ensure the quality and security of infrastructures and other systems, from the semiconductor to the cloud. Combined with the continued understanding of cybersecurity issues among an increasing number of people, this approach, which is always centered on the end user, makes it possible to limit the risks, and therefore keeps the proven exploitation of vulnerabilities to a minimum.


www.pcr-online.biz


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52