Smart Solutions

Column: Martin Milter – IoT Provisioning – Security from The Get-Go

Security is a rising concern in the embedded market – and for good reason. As hackers be come ever more capable, the – industry is coming to realize that security is a process, not a feature. It needs to start the day you begin thinking about a new product or service and it ends on the last day when you decommission them.

The assumption made by many developers is that security is a feature of a product that can be implemented just like any other feature. This is an easy way to look at security because, in that way, either you have security or you don’t. This is why people often have a hard time grasping the fundamentals of security, which is the process and not the product or feature. It is a gradient that starts with no security at all and ends with military-class security. You have to analyze where your needs are and how to implement them.

Threats are different but the tools to solve them are the same.

Martin Milter
Head of Cybersecurity EMEA for Avnet Silica

IoT Provisioning: Martin Milter</ Avnet Silica


 

The process of implementing security can be split into several key steps: the requirements and specifications decisions, the design phase, testing, production, distribution, operations, and, finally, the end-of-life stages. The steps where provisioning becomes critical is clearly the distribution and production phase – and that’s where Avnet has been a key player for 100 years. In fact, as we celebrate our centenary this year, it still makes sense for us to offer services around that part of the process, as well.

Supply networks need to be extremely flexible. A company may want to produce its products in Asia, Europe, or in America, both North and South, but that can result in an untrustworthy manufacturing environment. Device credentials and software can be exposed during manufacture, which can lead to counterfeit products and reliability issues, Trojan horses in the infrastructure, low performance, and high warranty costs.

As a licensed distributor of Microchip’s Trust Platform, a family of pre-provisioned, preconfigured, or fully customizable secure elements, Avnet Silica aims at closing that gap by delivering pre-provisioned parts to the market. Our partner NXP Semiconductors has a similar solution where some security credentials are already provisioned before it is even distributed to the OEM. We also have a strategic partnership with Trusted Objects, a software company specializing in IoT security, to enable us to offer a scalable end-to-end security solution for low power devices. This relationship allows customers to comprehensively secure their IoT devices while speeding time to market, reducing costs, and managing complexity.

Whenever necessary, we can do the provisioning in a closely tailored way, so it fits a customer’s needs exactly. Avnet Silica operates its own process-secure programming facility near Munich, Germany, which has access restrictions on different levels and a different sensitivity level. We provision the parts of each system and ship them directly to the manufacturer, effectively mitigating most of the risk. All the proprietary information that needs to be programmed into the product is already there from the get-go.

One key challenge is that there’s very little standardization today. Threat analysis and mitigations may differ from system to system but the tools to solve them are the same. That is why Avnet Silica offers a toolbox where customers can pick and choose the tools they need to get to the right security level. We are constantly expanding that toolbox to offer more complete security by covering an ever-wider part of the security process.

Comments are closed.