Enhanced security capabilities for IoT devices
Analyst forecasts of the number of connected devices deployed over the next decade range into the hundreds of billions. With the vast potential value that IoT brings, also comes a growing concern of data security.
Trustonic has announced that it is enabling Microchip Technology to provide their customers with a secure platform and strong device identity pre-embedded into their MCUs, aiming to provide enhanced security capabilities that can be leveraged across the value chain and IoT ecosystem.
Product variants of Microchip’s newly-launched SAM L11 MCUs contain Trustonic’s Kinibi-M security platform and are based on the Arm Cortex-M23 core featuring Arm TrustZone for Armv8-M, a programmable environment that provides hardware isolation between certified libraries, IP and application code. SAM L11 MCUs also include proprietary chip-level tamper resistance, secure boot and secure key storage.
Trustonic’s Kinibi-M software is a new modular, hardware-secured Trusted Execution Environment (TEE), a secure operating system (OS) that has been specially designed for size-constrained IoT chipsets. It has been designed with the aim of easing development and leveraging Trustonic’s implementation resources, saving developers from having to develop expertise in-house.
In order to trust data coming from an IoT device, you first need to be able to trust the device itself. To achieve this, Trustonic embeds a distinct identity for every device during silicon manufacture.
Kinibi-M technology aims to enable device makers to:
- Record and attest to manufacturing steps, preventing opportunities for fraud & counterfeiting in the supply chain
- Protect software and IP on devices throughout their entire lifecycle
- Ensure that updates, personalisation and secrets can be securely delivered
- Enable devices to identify themselves in the field – for example to enable automatic cloud enrolment
Trustonic’s solution is supplemented by its Digital Holograms technology, which enables manufacturers to prove that devices connecting to their systems are legitimate and have been through the correct and audited manufacturing stages.
Kinibi-M also offers:
- Manufacturing and lifecycle stages can be securely recorded using Digital Holograms.
- The secure OS and Digital Holograms prevent individual devices from being cloned, IP or keys from being removed from a device, or devices from being over-produced.
- Code modules are isolated from each other, reducing both the risks associated with errors elsewhere on the device and the potential for firmware updates to invalidate assumptions made during certification.
Rod Drake, Vice President of Microchip’s MCU32 Business Unit stated: “IoT end points often require low power and high security. However, the growth of IoT nodes is happening so fast that security is not always adequately addressed. The features of the SAM L11 are exactly what customers need to plan for security early in the design cycle and throughout the remainder of the device’s life.”