Trusted Computing Group (TCG), in partnership with OpenSystems Media (OSM), will demonstrate and discuss secure embedded and IoT devices and data at Embedded World. TCG is a not-for-profit organization that develops, defines and promotes open, vendor-neutral, global industry standards, supportive of a hardware-based root of trust for interoperable trusted computing platforms. OSM is the leading media outlet for engineers working on embedded, IoT, industrial, and military applications.
The TCG program includes daily live demonstrations by the member companies Wibu-Systems and Winbond on how to protect IoT and embedded devices and data using several TCG specifications implemented for security purposes. The demonstrations will be augmented with a lecture by Dr. Florian Schreiner, IT Security and Platform Security Specialist of Infineon Technologies, who will present “TPM 2.0 for Enhanced Security in Software Updates of Industrial Systems” on March 1, 2018.
On February 28th and March 1st, Wibu-Systems will demonstrate license management with Trusted Platform Modules (TPM) powered by CodeMeter, the company’s flagship technology for protection, licensing and security. The data about technical know-how theft has always been alarming, but now the Internet of Things is bringing a new dimension to this phenomenon: counterfeiting, reverse engineering, tampering, and cyberattacks are skyrocketing, even in a Trusted Computing environment. As the value in the supply chain shifts from hardware to software, software protection becomes the vital backbone of any robust cyber security strategy. In particular, hardware secure elements (like industrial grade dongles, memory cards, TPMs, or ASICs) in the target system offer a secure repository where encrypted code keys can be safely stored. By combining endpoint security with skillfully designed licensing models integrated and back office systems, new revenue streams are created for any software-powered business. In the new economy led by Industrie 4.0, the secure upgradability and updatability of system features and functionalities open the doors for a shorter time to market, adaptive process optimization, and global competitiveness.
Winbond will demonstrate an IoT node running both authentic code and non-authentic (compromised) code. In the demo, a “cloud” server will get the correct Compound Device Identifier (CDI, as defined in TCG Device Identity Composition Engine specification) with authentic data from the authentic system and the wrong CDI along with fake data from the compromised system. The demo will show how the cloud server can identify the compromised system.