MENU

Hardware-based IoT security solution removes provisioning barriers

Hardware-based IoT security solution removes provisioning barriers

Market news |
By Rich Pell



While hardware-based security is a proven way to protect secret keys from physical attacks and remote extraction, it requires extensive security expertise, development time, and costs to configure and provision each device. With companies producing anywhere from hundreds to millions of connected devices per year across the globe, scalability of architecture can be a major barrier to deployments, and as a result manufacturers typically have only been able to support configuring and provisioning for high-volume orders.

The new Trust Platform offering is designed to address the needs of companies with low- to mid-sized deployments of connected devices, which until now, says the company, have been left with low-performing options.

“The uptick in successful attacks on software-based security solutions underscores the need for companies to adopt industry best practices, including isolating private keys in secure elements,” says Nuri Dagdeviren, vice president of Microchip’s secure products business unit. “Microchip’s Trust Platform makes hardware-based security simple and cost-effective for companies of all sizes to implement, removing the barriers traditionally associated with configuring and provisioning devices.”

The Trust Platform consists of a three-tier offering – out-of-the-box pre-provisioned, pre-configured, or fully customizable secure elements – allowing developers to choose the platform best suited for their individual design. The first tier, called Trust&GO, provides zero-touch pre-provisioned secure elements with a minimum orderable quantity (MOQ) as low as 10 units.

Device credentials are pre-programmed, shipped and locked inside the company’s ATECC608A CryptoAuthentication device, which provides Common Criteria Joint Interpretation Library (JIL) “high”-rated secure key storage, for automated cloud or LoRaWAN authentication onboarding. In parallel, corresponding certificates and public keys are delivered in a “manifest” file, which is downloadable via the company’s e-commerce store and select distribution partners.

In addition to saving up to several months of development time, says the company, the solution significantly simplifies provisioning logistics, making it easy for mass market customers to secure and manage edge devices without the overhead cost of third-party provisioning services or certificate authorities.

The second tier in the program, TrustFLEX, offers the flexibility to use the customer’s certificate authority of choice while still benefiting from pre-configured use cases. These use cases include baseline security measures such as Transport Layer Security (TLS) hardened authentication for connecting to any IP-based network using any certificate chain, LoRaWAN authentication, secure boot, Over-the-Air (OTA) updates, IP protection, user data protection and key rotation. For users who would like to entirely customize their designs, the third tier in the program – TrustCUSTOM – provides customer-specific configuration capabilities and custom credential provisioning.

The company worked with Amazon Web Services (AWS) to enable a straightforward and simplified onboarding process into AWS IoT services for products designed with all variants of the Microchip Trust Platform.

The ATECC608A can be paired with any microcontroller and microprocessor. For rapid prototyping of secure solutions, designers can use the Trust Platform Design Suite, which includes the following:

  • A guided “use case tool”
  • Executable Python tutorials running on Jupyter notebooks
  • C code examples for each use case
  • A “secret exchange” utility
  • The Trust Platform hardware development kits

Devices in the company’s Trust Platform are available in volume production with the following minimum order quantities (MOQ):

  • Trust&GO for TLS (ATECC608A-TNGTLSx-B): $1.20 with a MOQ of 10 units*
  • Trust&GO for TLS (ATECC608A-TNGTLSx-G): $0.77 with a MOQ of 2000 units*
  • Trust&GO for LoRaWAN (The Things Industries ATECC608A-TNGLORAx-B and Actility ATECC608A-TNGACTU-B): $1.40 with a MOQ of 10 units*
  • TrustFLEX for LoRaWAN any join servers (ATECC608A-TFLXLORAx): $0.938 with a MOQ of 2000 units*
  • TrustFLEX (ATECC608A-TFLXTLSx): $0.845 with a MOQ of 2,000 units*
  • TrustCUSTOM (ATECC608A-TCSTMx): $0.883 with a MOQ of 4,000 units*

*uDFN (x = U) or SO8 (x = S)

Development tools in the Trust Platform include the CryptoAuth Trust Platform kit ($13) and ATECC608a Trust Platform kit ($14).

Microchip Technology

If you enjoyed this article, you will like the following ones: don't miss them by subscribing to :    eeNews on Google News

Share:

Linked Articles
10s