TOKYO — NXP Semiconductors is bringing to edge devices for Google IoT Cloud the same level of security used in banking.
The Dutch semiconductor vendor is unveiled Monday “a solution for secure, scalable connections of devices using NXP’s A71CH to Google IoT Cloud.”
NXP calls its A71CH “a trust anchor,” because NXP pre-injects private device credentials into the A71CH for autonomous cloud onboarding and authentication, while public keys are delivered to the customer via a NXP web interface.
By implementing its trust provisioning service “at the chip level,” Philippe Dubois, senior director and general manager of IoT security solutions at NXP, told EE Times, “Keys are never exposed to any party during the lifetime of a device.” This allows “offloading the cost of ownership and complexity of key management from OEMs,” according to NXP.
‘Security by design’ made easy
“Security by design” is a familiar mantra, but for a first-time IoT system designer, what does it exactly mean? What would it take to implement the rigorous security that appears to be demanded of IoT devices in recent days?
This pressure applies, for example, to the development of connected industrial devices, sensor networks, IP cameras, smart home devices, home gateways and smart cities.
Asked about traditional steps to bring security to IoT devices, Dubois laid out several paths.
First, a manual provisioning process is often used in small deployment. For example, there is the “provisioning of devices with credentials done one by one,” he noted. However, this is not optimal, because “it’s not secure (manipulating key in plaintext) and lends itself to errors (human error),” said Dubois. Especially, “it is difficult to scale when more devices are needed… impossible for deployment of millions of devices.”
A second option is an “in-house provisioning system” for large deployment.
Dubois explained: “Some OEMs invest on a costly manufacturing line for secure provisioning, to ensure keys are kept safe, and credentials are injected in a trusted environment, in a facility with security features like tightly controlled access, careful personnel screening, and secure IT systems that protect against cyberattacks and theft of credentials. This is what is called PKI infrastructure.”
For small and medium deployment, the cost vs. revenue balance makes this unprofitable, according to Dubois. PKI infrastructure “has a very high cost and is limited only to large deployment,” he said.
Third, presumably, one could provision via contract manufacturer (CM). This is an option for a majority of OEMs. Dubois explained that some OEMs choose to provision devices at their CM. But in this case, the OEM has no “grantee” on the trust of his credentials. It’s because “keys may be stolen at CM and communicated to malicious parties, or infrastructure at CM may be weak, especially when the CM is in regions like China,” he added.