IoT security is focus of UK home gateway collaboration
Based on a collaborative initiative between Imagination, Intercede, BT and other industry leaders, the demonstration of the ‘Trust Continuum’ shows how systems-on-chips (SoCs) for home gateway routers can be architected to address the growing security and management challenges presented by the proliferation of IoT devices, services and technologies entering the home.
The Trust Continuum focuses on architectural innovation in gateway router design. Routers, which traditionally manage network traffic between the home network and the Internet, can now become secure, intelligent hubs for all IoT devices and services within the home.
The Trust Continuum defines a way for home gateway manufacturers, operators and service providers to guarantee establishment of trust from silicon through to service provisioning. They can ensure a connected device is on a trusted path, running authentic manufacturer-installed software, and operating in its intended state. With this foundation, a server can trust the device that is attempting to access its services, and the device can trust that it is accessing the appropriate services.
The demonstration harnesses Imagination’s OmniShield enabled MIPS CPUs and Intercede’s MyTAM solution, plus other key partner technologies to showcase an innovative gateway architecture that places the operator firmly in control and at the center of the IoT ecosystem.
BT’s chief security researcher Paul Kearney has played a key role in defining the Trust Continuum through the prpl Foundation’s Trust Continuum Working Group, alongside representatives from Imagination, Intercede, Intrinsic-ID, Kernkonzept, Synopsys and others. The group is defining the APIs necessary to ensure hardware-enforced, end-to-end security in the evolving service-based economy, and is rolling out the first of those APIs imminently for peer review.
At Innovation 2017 taking place in Ipswich, Intercede and Imagination will demonstrate how an end-to-end chain of trust is established via the home gateway, enabling operators and their IoT providers to dynamically deploy, provision, and manage trusted services while simultaneously reducing the hardware burden and simplifying the end-user experience.
The demo is centered around a MIPS-based platform supporting multiple isolated Trusted Runtime Environments (TREs) where services, including the network communication standards they rely upon, can be provisioned and managed by the operator.
This is enabled by the powerful hardware virtualization capabilities of the MIPS CPU and the security-focused evolution of Intercede’s MyTAM client and mobile app, which enables service providers to dynamically create TREs and to deploy trusted applications directly into them. The demonstration leverages the L4Re hypervisor from Kernkonzept and a MIPS-based SoC from Baikal Electronics.
Intercede – www.imgtec.com
Russia’s Baikal reveals ARM processor roadmap
MIPI turns attention to mobile security
Micron, Microsoft team up on IoT cloud security
Barco Silex and Intrinsic ID partners on securing IoT applications