Securing the future for IoT devices

The world is becoming increasingly connected, not just through smartphones, but also via connected devices in our cars, our homes and our cities. This opens up many new and exciting opportunities, but also introduces challenges around how we protect and secure individual users and service providers.

IoT devices need to be built around a proven foundation of hardware backed security that will provide robust protection long into the future. It will also be vitally important to be able to distinguish between ‘trustworthy’ and ‘untrustworthy’ devices.

Trustonic’s hardware backed security and Root of Trust foundation forms the basis upon which a secure and trusted IoT infrastructure should be built.

8.4 billion connected things in 2017, up 31% since 2016

Gartner

Connected IoT devices interact throughout the day

  • 05:00 Thermostat

    Thermostat needs to start early

    A connected thermostat identifies a colder than average temperature outside and turns on the heating earlier than normal

  • 08:00 Unlock the car

    Unlock the car

    Using biometric authentication on a smartphone to unlock your car as you approach

  • 08:45 Car pays Toll

    Car pays toll payment

    The car automatically pays a road toll booth as it travels past

  • 14:00

    Smart appliances

    Your washing machine detects a build of scale and orders a descaler.

  • 17:00 Secure chat to doctor

    Secured webcam

    You have a private remote consultation with your doctor through a secured webcam link

  • 21:00 Smart drug delivery

    Smart drug delivery

    Your connected insulin pump alters the dose based on biometric data analysis and an update following from the consultation with your doctor

The fundamental requirements of IoT are that connected devices can be proven to be legitimate and trustworthy, and that the associated services and applications, including any sensitive data and communications, are protected at all times.

In order to be protected, IoT devices need to be proven to be legitimate, identifiable and manageable. What is also important to remember is that, unlike mobile phones which are typically manufactured by one company, IoT devices are often built on top of a module manufactured by another supplier. The device lifecycle can be complex and legitimacy and identity need to be managed throughout the manufacturing process, as well as after delivery to a user. In the case of a consumer device, there is also the possibility of device recycling, so solutions need to cater for a change in device ownership, whereby the new owner can be assured that the previous owner no longer has access or control.

 

image showing a factory embedding a TEE into IOT devices

The fundamental requirements of IoT are that the device can be proven to be what it claims it is, and that the applications running on it, data and communications are protected and secure at all times.

To protect IoT devices, they need to be proven to be legitimate, identifiable and manageable. What’s also important to remember, unlike mobile phones which are typically manufactured by one company, IoT devices are often built on top of a module manufactured by another supplier. The device lifecycle can be complex, and legitimacy and identity needs to be managed throughout the manufacturing process, as well as after delivery to a user. In the case of a consumer device, there is also the possibility of device recycling, so solutions need to cater for a change in device ownership, whereby the new owner can be assured that the previous owner no longer has access or control.

Trustonic’s TEE is unique and open, it has been designed to support multiple separate applications, each potentially with a different owner. These separate applications are individually isolated and unable to eavesdrop on each other.

Device Authenticaton

By embedding a Root of Trust into each device during manufacture, the legitimacy of the device can be guaranteed by any connected services.

Secure Cryptography

The TEE has the ability to secure data, communications and cryptographic operations. Encryption keys can be stored, managed and used within the secure environment, with no opportunity for eavesdropping.

Application Protection

Sensitive parts of any application can be executed inside the TEE, ensuring that applications and services are immune from both malware and software based attacks at all times.

Click here to contact Trustonic to learn how you can start working with TAP.