The internet of things (IoT) is comprised today of billions of connected devices and is changing our world rapidly — and it’s significantly influencing our everyday lives, our work and our society. While it’s great to have connected devices capturing, generating and using data to make real-time decisions based on insights and analytics, these capabilities also introduce some challenges. One of the most commonly cited concerns relates to the security of devices and their operations. For example, how do we protect the data and integrity of these devices when they are outside the traditional security perimeters, such as a firewalled data center? And even before that, how do we ensure that the devices were not compromised by an attacker during the manufacturing stage?
Security is a difficult challenge but one the industry is tackling
Our Micron team — made up of team members with deep expertise in embedded, mobile, client and automotive systems and cybersecurity — works with software partners, OEMs (original equipment manufacturers), their system integrators and many other industry collaborators to qualify our products on their platforms. As such, we have strong insight into the complex security challenges that the industry faces. These wide arrays of connected devices and their need to be secured has led the ecosystem to demand secure cloud services at the intelligent edge through a foundation of strong hardware security — and that is what we are committed to delivering.
Micron has developed an end-to-end solution to simplify and address cybersecurity challenges via embedding a cryptographically verifiable secure element in an already pervasively used component such as nonvolatile memory.
Our approach is gaining industry interest based on three compelling aspects:
- It establishes a critical security mechanism (that is, a hardware-based root of trust) that is already used in the system, and it’s where the core device boot code and critical data are stored.
- Enabling the root of trust via a standard design component provides ease of development and integration and requires no additional bill-of-materials cost.
- Using a cloud service makes provisioning and verifying device identity and integrity in real IoT deployment much simpler and easier.
We are delivering these benefits through Micron Authenta silicon root of trust-enabled memory devices and the new Micron Authenta Cloud Platform. Micron Authenta-enabled memory lets device manufacturers replace standard flash components with components that also contain the Authenta root of trust technology. This replacement allows the security evaluation (such as identification and verification of code) function of the device to be in protected hardware and accessible from the earliest stages of the system startup process — making it harder for an adversary to alter or evade detection. Unlike other methods of protecting connected devices, Authenta does not require secure key injection or added secure elements, enabling simplified and scalable edge security.
Leveraging this root of trust, the Authenta Cloud Platform authenticates IoT devices using standard certificates and public key infrastructure so that they can be activated and managed at the edge. This capability enables platform-hardening and improves device protection through the entire lifecycle, from manufacturing to installation to end-of-life.
There is no silver bullet when it comes to security
Any IT professional will tell you that proper security practices involve a multilayered defense-in-depth strategy. In fact, one aspect of a security approach based on Micron Authenta technology is that it allows a new base layer approach that can provide the foundation for the defense-in-depth model. Since Authenta technology uses standard-certificates, encryption and other security protocols, it can readily align with the other layers of defense used in many distributed enterprise scenarios.
Micron Authenta is a foundational security mechanism based on multiple open industry standards. But it takes additional expertise to implement operational, security-enhanced use models across industries embracing connected devices. That’s why we’re collaborating with some of the key IoT and security service providers in the market to develop effective implementations — and we’re gaining momentum. Consider some of these recent examples of the growing ecosystem of solutions going into the marketplace:
One great example of Micron Authenta adoption is SanCloud. SanCloud is integrating Authenta flash in its BeagleBone® Enhanced Single Board Computer Systems and using the Authenta Cloud Platform to enable trusted, secure deployment of its SanTrack IoT web platform on its customers’ embedded systems. Applications such as connected lighting, automotive gateways and preventative machine maintenance are delivering secure and trusted data to SanTrack for analysis. Simplifying onboarding of the IoT devices powering these applications, the Authenta-enabled memory in SanCloud’s embedded system eliminates the need to manually provision keys on the manufacturing floor by embedding Micron trusted security keys directly in the flash.
We are also collaborating with Swissbit to embed Authenta technology in its security and storage solutions for IoT and industrial markets. The first third-party security memory solutions provider to announce Authenta-enabled solutions, Swissbit plans to roll out an Authenta-enabled microSD memory solution first, followed by other products such as eMMC.The integration of Authenta’s secure element features in Swissbit’s flash storage modules also gives Swissbit customers the ability to use the Authenta Cloud Platform for its simplified silicon-to-cloud onboarding and authentication capabilities.
Much work still needs to be done in the world of cybersecurity
Better security is an essential ingredient to increased success in the deployment of intelligent devices. But we can be increasingly optimistic that solutions to enable the full potential of the intelligent edge and smart industries are attainable.
It’s gratifying to share these few examples of progress. While Micron is the developer of the foundational Authenta technology at the heart of these solutions, we recognize that proprietary solutions provide limited value. Continuing to work with a broad ecosystem of providers on solutions for industrial IoT implementations will allow more industries and products to be better protected.
Our collaboration with Swissbit is proof that it’s possible to start building a uniform security architecture across the ecosystem, and to allow for greater choice in suppliers. In addition, through working with cloud-native cybersecurity companies such as SanCloud, we believe that Authenta can become the backbone of trust across many types of connected devices in a wide array of markets. We’re proud of the market response to Authenta and of our part in the initial work in IoT with SanCloud. We look forward to rapidly expanding from here and showing more examples of partners and solutions in the coming months.