IoT Security
Where do you see the future of connected devices headed? Connected objects, which have increased in numbers in recent years, also introduce new cybersecurity threats among which data management and processing and especially personal data is a major challenge. Te Internet of Tings implies a very large dissemination of
objects, whose lifecycle must be taken into account in order not to add risk to the already inherent risk. Mass deployments of connected objects and wireless networks are bound to fail if they are not supported by a comprehensive security approach that would include sophisticated system management, authentication services for connected objects, commissioning and upgrades, and monitoring of the data exchanged to ensure integrity and confidentiality. Te security challenges are similar across various industries but
each market has its own specification based on its usage. Terefore, we see a trend in the need for security certified products in each market (for example combination of safety and security certification schemes in automotive, some lightweight schemes for IoT, etc.).
Please can you explain more about the company’s “Chip to Cloud” vision, and the launch its cybersecurity lifecycle management platform for connected objects? In the context of the Internet of Tings (IoT), we strongly believe that device security is critical and one of the most important assets of the digital world. Tat is why, we have based our end-to-end embedded cybersecurity solutions around a unique approach called PESC for “Protect, Evaluate, Service & Certify” to effectively support our customers throughout the design lifecycle. However, aſter the devices are deployed, they must remain secure.
Terefore, it is logical to leverage the chip level (meaning the physical security of electronic chips) to the cloud level and enable customers to “Supply, Deploy and Manage” their device fleets. With this new cybersecurity lifecycle management platform, we cover the entire security lifecycle of connected objects from design to decommissioning. For example, the platform encompasses the services associated
with secret parameters (keys, certificates) provisioning and management, soſtware update capability (deployment of patches, new soſtware versions, etc. which are critical for the lifetime of the products) and security monitoring over the lifetime of the device, based on the device identity service.
Can you tell us more about integrated Secure Elements (iSE) and how this protects System-on- Chips, across the supply chain? An iSE is a vital security function that is directly integrated into the main chip of the endpoint device, mounted as a subsystem onto the host chip it protects by establishing a silicon root of trust. It typically provides multiple services such as secure boot, isolated processing, asset management, security policy, etc. and thus helps fight against master compromising, malware/Trojan insertion, overbuilding, etc. For optimised security, Securyzr iSE complies with
the most stringent security standards and is suitable for multiple certifications, such as Common Criteria, NIST FIPS 140, and regional schemes whenever required.
www.pcr-online.biz April 2022 | 35
What is the platform composed of? Securyzr integrated Security Services Platform (iSSP) is composed of four different services: • Key provisioning to securely provision the chip devices with secret key across the supply chain
• Firmware Update (FOTA/FUOTA) to securely provide chips with their soſtware and then update them physically or over the air, to maintain their security level
• Devices monitoring and cyber intelligence to provide a proactive security service, retrieving cyber security logs from the chips, analysing them and sending instructions back to the chip fleet if necessary
• Device identity guarantees trust from the chip to the cloud, from the user and data through device multi-factor authentication that safeguards against hackers, replay, and in the event of an initial compromise
On top of Securyzr iSE, Securyzr iSSP offers additional
capabilities. For instance, in the case of the Key Provisioning service, the Securyzr iSSP is able to remotely: generate the assets, securely store the assets to be sent to the cloud, prepare the assets for provisioning, install them in the Secure Element, update and revoke them if necessary.
Can you explain more about the benefits that digital twins provide, what these are and how they can be used within the connected device market? Digital twins are the virtual counterparts of real IoT devices. Abstracting a fleet of IoT devices into a collection of digital twins allows the operator to see all devices at a glance. Tis allows a dashboard to: • See the status of all devices, how they have been provisioned, and their current configuration
• Monitor each and every device, and thus also gain collective information through analytics (e.g., to enable first evidence of attacks before they are even deployed at scale)
• Apply patches to each device accordingly In this regard, digital twins are central to managing devices
seamlessly.
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32 |
Page 33 |
Page 34 |
Page 35 |
Page 36 |
Page 37 |
Page 38 |
Page 39 |
Page 40 |
Page 41 |
Page 42 |
Page 43 |
Page 44 |
Page 45 |
Page 46 |
Page 47 |
Page 48 |
Page 49 |
Page 50 |
Page 51 |
Page 52
