IoT Security is Now Easy to Integrate with Infineon OPTIGA Trust

July 30, 2019 Brandon Lewis

The internet of things (IoT) is expanding explosively with the International Data Corporation (IDC) predicting that the installed base of IoT units and systems will grow at 17.5 percent CAGR to reach 28.1 billion in 2020. That is everything from home security cameras and heating controllers, through industrial automation, to smart street lighting and much more.

IoT in 2020 (Source: Intel Corp.)

With all these connected devices, there is a real security issue; you might remember the internet outages in 2016 caused by a Rutgers undergraduate who unleashed the Mirai botnet[1]. His malware hijacked thousands of simple IoT devices, like CCTV cameras and baby monitors, to launch ‘denial of service’ attacks on servers round the world. The methodology was simple – the malware looked for open device ports on the internet and then tried to log in with default usernames and passwords, all too often successfully. The botnet then configured the devices to send continuous access requests to overwhelm the target servers.

There are more ways though that those looking to attack systems can try to access IoT devices by exploiting software vulnerabilities. The effects can often go unnoticed with the aim being to steal IP or valuable data.. Counterfeit components can also lead to loss of legitimate revenue or compromise the quality of the system so they should be detected and rejected.

Adding embedded software protection against IoT attackers is a solution, but software alone is vulnerable in itself to malicious interference, not least because one of the benefits of IoT is the ability for devices to have their software updated remotely, deliberately ‘opening the door’ to the possibility of unauthorized changes. A better solution is to have a hardware ‘root of trust’ - a chip that incorporates pre-provisioned secret cryptographic keys that enable secured authentication between the IoT device and other elements of the IoT system in a manner not subject to compromise of application software. The presence of a hardware root of trust enables software updates to be validated, remote access to be controlled, and low-quality counterfeit add-on parts or repair tools screened out.

The Infineon OPTIGATM Trust[2] is an example of a crypto security controller, which gives IoT designers a turnkey solution to securing their device while meeting international standards. The OPTIGA™ Trust is in a tiny package but packs in a lot of functionality. Along with device authentication and native support for X.509 certificates, it is a ‘trust anchor’ with a secured boot and memory integrity check. Encryption keys can be generated and exchanged for secure data exchange and updates, and it even includes a secure clock to be able to log incidents and provide supply chain tracking and a lifecycle counter. The device has an I2C communication interface and includes 10 KB user memory. Power consumption is low, and the part is available in standard and extended temperature ranges.

Connection to ‘the cloud’ is a major benefit for IoT devices for availability and scalability of data processing but it can bring its own security issues. To address this, Infineon has become an Advanced Technology Partner to the Amazon Web Services (AWS), one of the world’s leading public cloud service providers and a gold standard for IoT services [3]. With its solutions offering, Infineon enables IoT device makers to fully and securely develop and integrate their product solutions into the AWS cloud.

In the fast-moving IoT market, security features cannot be left behind so a turnkey hardware solution is the way to go.

References

[1]         https://www.wired.com/2016/10/internet-outage-ddos-dns-dyn/

[2] https://www.infineon.com/cms/en/product/security-smart-card-solutions/optiga-embedded-security-solutions/optiga-trust/optiga-trust-x-sls-32aia/?redirId=59560

[3]        https://www.infineon.com/cms/en/about-infineon/press/market-news/2019/INFDSS201905-070.html

About the Author

Brandon Lewis

Brandon Lewis, Editor-in-Chief of Embedded Computing Design, is responsible for guiding the property's content strategy, editorial direction, and engineering community engagement, which includes IoT Design, Automotive Embedded Systems, the Power Page, Industrial AI & Machine Learning, and other publications. As an experienced technical journalist, editor, and reporter with an aptitude for identifying key technologies, products, and market trends in the embedded technology sector, he enjoys covering topics that range from development kits and tools to cyber security and technology business models. Brandon received a BA in English Literature from Arizona State University, where he graduated cum laude. He can be reached by email at brandon.lewis@opensysmedia.com.

Follow on Twitter Follow on Linkedin Visit Website More Content by Brandon Lewis
Previous Article
The Future of IoT is Analog

IoT applications simply won’t work without tried and tested solutions such as analog to digital converters ...

Next Article
Edge Computing Infrastructure to Increase 50 Percent by 2024, per Research

Edge computing server shipments are projected to grow at a 50 percent CAGR over the next five years, to 74,...

How to Develop Cross-Industry IoT Interoperability

Multi-Part Series