Massive opportunities from the rollout of the internet of things (IoT) have consumer and IoT developers busily planning and implementing a range of exciting new products and systems for smart cars, smart homes and even smart factories. In this exploding marketplace, McKinsey Global Institute estimated 127 new devices connect to the internet every second. But all these connected devices increase the risk of attacks from many entry points, and the threat landscape evolves as these networks grow.
Governments concerned about national infrastructure are looking at the connected data security of IoT devices now that this market segment is becoming a high-value target for malicious disruption. In particular, transportation is highly vulnerable as vehicles become more connected. It’s been an expensive and complex proposition to establish a secure environment around the stored data in IoT devices, with security threats becoming more clever and evasive.
Micron believes that protecting data at the source — the flash memory embedded in the devices themselves — is a robust strategy for data security in a connected world, being both simple to implement and a highly effective deterrent to security attacks. We offered a workshop for developers to see if our approach resonated with the embedded security community.
Micron Highlights Edge Device Security
Securing endpoint devices in the network is a natural extension and second line of defense to already established security strategies used in IoT devices ranging from smart home devices to security cameras and automobiles. We introduced a line of secure storage devices primarily intended for embedded applications. Micron AuthentaTM helps establish a security perimeter directly around stored data in NOR and e.MMC devices located at the intelligent edge. Our managed NAND products with Authenta device-level security options will integrate well with larger cybersecurity programs.
Provisioning security can also be a significant challenge. At our workshop, we demonstrated a cloud-based security-as-a-service approach as a part of Authenta. This comprehensive key management service (KMS) infrastructure simplifies end-to-end security asset management for our direct customers, security partners and third-party security integrators.
All Micron Authenta devices are based on JEDEC-standard configurations, which allows developers to do a pin-for-pin replacement of a device in existing designs. Device owners or security managers can enable these security features at any point from the warehouse to post-product launch by revising the system firmware. This flexibility means that adopting Authenta security does not require a complete platform redesign.
The Security Workshop Agenda with Micron and Partners
At this first Authenta Security Workshop, held in San Jose, California, last fall, 41 security developers sat down to hands-on training and all the tools and collateral to onboard the Authenta security platform into their designs. These classroom-style labs were led by representatives from Trustiphi, who had developed software tools to integrate Authenta devices into a platform. Participants used lab stations equipped with BeagleBone target hardware and Raspberry Pi development systems. The agenda covered four key topics:
- Review of data security practices and ways in which Authenta integrates to the security environment
- Overview of recent hacking trends and Authenta’s effectiveness against these threats
- Case studies of onboarding Authenta onto IoT devices, focusing on the integration process
- Methods to integrate Authenta storage security with runtime trusted execution environments to provide safe application behavior when data is at rest or in active use
The industry workshop attendees then worked with actual hardware, software and tools to demonstrate several key tasks:
- Integrating an Authenta NOR device to a hardware platform
- Connecting the platform to the online KMS to activate the device from the Micron private keys embedded in each part
- Demonstrating data-security capabilities on an actual platform by simulating data attacks
Industry Participants Deem Workshop a Success
One of the key objectives of the Authenta Security Workshop was to demonstrate the effectiveness of the Authenta security solution and underscore Micron’s end-to-end implementation tools and services that allow easy design integration. When workshop participants successfully accomplished the integration tasks in less than one hour, they got real-life proof of Authenta’s low friction on boarding these security solutions.
Attendees learned how Authenta enables many new product features, beyond the traditional security focus on safe booting and over-the-air updates, such as safe application launch and late binding of secure add-on services. This allows IoT devices to remain fresh and aligned to market trends over their product life.
The workshop was well attended, with the 41 attendees mainly from the automotive community and several participants from other IoT market segments. Attendees seemed to appreciate the workshop content and entered into many interactive conversations with the presenters. Many collaborative conversations among participants also occurred during breakout periods. In the days following the workshop, Micron received a number of requests for follow-on discussions with key customers.
Micron will offer upcoming workshops in key global development locations. Contact your Micron representatives for exact details.