Already securing more than 2 billion connected mobile devices worldwide, Trustonic has now launched a suite of technologies for the protection, authentication and enrolment of industrial, M2M and consumer IoT devices. In addition to on-device protection for services, apps and data, Trustonic’s modular IoT security solution delivers a wide range of benefits. These include device attestation, protection from overproduction, cloning and tampering, supply chain integrity from start to in-field operation and trusted, autonomous cloud enrolment. Chip, device and equipment manufacturers can select only the specific security features needed to bring appropriate levels of trust to their products, as many IoT devices are limited by size, speed and capacity. The Trustonic IoT solution includes:
- Kinibi-M – a new, modular, hardware-secured operating environment specially designed for size-constrained IoT chipsets. The platform is adapted from Trustonic’s existing technology that is already embedded into more than 2 billion connected devices, including smartphones and wearables.
- Digital Holograms™ – a new breakthrough technology for device attestation that leverages blockchain technology. This new technology enables anyone in the device manufacturing chain to attest securely and irreversibly to a stage of manufacture. The holograms are cryptographically superior to digital certificates, as they cannot be copied and used across multiple devices.
- Key provisioning – enabling a ‘Root of Trust’ (RoT) to attest that devices were securely manufactured, determine the device type and identity, ensure applications and secrets can be securely delivered and identify rogue or counterfeit devices.
- Tools & SDK – enabling developers to create secure IoT devices and applications easily.
“There can be no scalability in the IoT world without addressing the fundamentals; connectivity, security, and trust. If it is not possible to trust the components that make up a device, or the devices that are connecting to cloud services, the IoT industry has a big problem. Think about examples such as connected cars or an automated manufacturing line – just one compromised component can destroy the integrity of the entire system,” comments Ben Cade, CEO at Trustonic. “This is why we are working with chip, device and equipment manufacturers to make trust a reality for every connected “thing”, whether a car, premium consumer device or an embedded, low-cost sensor.”
Enabling secure and trusted consumer and industrial IoT devices
“Security is often viewed as complex and under-prioritized until a breach or a negative event occurs. This is why we do a lot of the work with the chip makers early on and then deliver simple security APIs for developers to use and embed within their solutions to add protection. Also, it is important to note that a Root of Trust is not necessarily sufficient to determine if a device is counterfeit, as it only attests to the start of a device’s lifecycle. IoT devices often go through several stages before they are ready for the world and each of these needs to be traceable. This is where Digital Holograms come in. Adding a digital hologram at every step of manufacture and storing them in a blockchain enables the full lifecycle to be checked and validated. Our technologies solve a genuine problem for OEMs and the wider ecosystem and it is their combination with Kinibi-M that delivers the trust that is missing from IoT today,” adds Richard Hayton, CTO at Trustonic.
Utilizing Trustonic’s IoT security solution, device makers can streamline secure enrolment of authentic devices to their web services. Without this, their web service could be negatively impacted, by counterfeit devices that do not perform as intended, thus potentially delivering a poor user experience, damaging their brand and eroding their revenues. Additionally, by enabling secure communications with the cloud, Trustonic’s platform also safeguards the integrity of the data being gathered from devices such as traffic sensors or fitness trackers. End users of devices protected by Trustonic can also be confident that their privacy and identity are protected.
Benefits for a range of use cases
All IoT use cases – from single-purpose sensors, right through to larger devices with multiple connected components – can benefit from the technology, including:
- Industrial automation – This is perhaps the most successful area of IoT to date, but many existing systems were not designed with security in mind. For new systems, security is a must-have and Trustonic’s Kinibi platform delivers this.
- Medical – With obvious privacy and functional concerns, a robust mechanism is needed to distinguish between genuine, certified devices and low-quality counterfeits. The isolation provided by Kinibi-M addresses the need for medical devices to perform both safety critical functions, such as controlling actuators to administer drugs, and other important, but less critical functions, such as providing a UI or communications stack.
- Automotive – Modern cars contain hundreds of microcontrollers and Trustonic’s Digital Holograms enable the authenticity of each of them to be validated from the time of manufacture all the way through the device’s entire life-cycle. The automotive industry is increasingly aware that the ‘CAN bus’ is no longer adequately secure and data flowing across it must be encrypted. Kinibi-M delivers this capability for even the smallest of automotive processors.
Last year Trustonic became the first vendor globally to achieve Common Criteria security certification for a TEE device security product, paving the way for mass market delivery of trusted services on connected devices. To find out more about ‘open’ TEE technology, visit the website and blog.