feature article
Subscribe Now

Embedded Security for MCUs at the Edge

I don’t know about you, but I think it’s getting to be a scary world out there, cybersecurity speaking. I’m not an angry man, but this makes me want to gnash my teeth and rend my garb. When I was in my early-20s (sometime in the previous century), a small group of us visited a friend who lived in a village near the south coast of England.

One day, we went for a walk, during which a member of our party needed to use the restroom. Our friend led them into the nearest cottage, which was unlocked. No one was at home, but we were assured that making free with their abode was perfectly acceptable. That was just the way things were at that time. I doubt they leave their doors unlocked today. This makes me sad.

Analogies are always suspect, but I dare to propose that my tale above bears a tenuous similarity to creating the “things” portion of the internet of things (IoT)—that is, the Edge devices that interface between the internet and the real world. In the early days of the IoT, people connected Edge devices with gay abandon and with little (if any) thought for security. These days, by comparison, security must be first and foremost in everybody’s minds. The problem is that life is short and security is hard*; like most engineers, I like designing the “Cool Beans” stuff and I dislike beating my head against the security wall. *Just saying this reminds me of the Doctor Who episode when Billy Shipton says “Life is short and you are hot” to Sally Sparrow, shortly (ironically) before being cast back in time by a Weeping Angel. But we digress…

As an aside, some claim that the first IoT device dates back to the early 1980s, when several graduate students at Carnegie Mellon University connected a Coke machine to ARPANET, which was the forerunner to the internet we know and love today. However, although the terms “World Wide Web (WWW)” and “internet” are not synonymous, there are those who say the aforementioned Coke machine wasn’t an IoT device because (a) the WWW wasn’t invented until 1989 by British scientist Tim Berners-Lee and (b) the term “Internet of Things” wasn’t coined until 1999 by British technology pioneer Kevin Ashton. Many people regard the first IoT device as being a connected toaster invented by John Romkey and Simon Hacket in 1990 on the basis that it came after the invention of the WWW, even though it predates the IoT terminology. But, once again, we digress…

The reason I’m waffling on about security is that I recently saw a news release issued by the chaps and chapesses at Infineon Technologies saying they had just launched their Edge Protect embedded security solution. The release went on to say that Edge Protect is optimized for Infineon’s PSoC and AIROC product families of connected processors, it boasts four categories of security configuration to meet different customers’ requirements in IoT applications, and it offers preconfigured product-security categories to satisfy regulatory and industry-standard levels so they “just work” right out of the box, as it were.

“Tell me more,” I thought, which is how I ended up chatting with Erik Wood (Senior Director, Product Security, Technical Marketing)… who did.

One aspect of security I hadn’t previously considered was how not implementing security is proving to be a leading barrier for IoT adoption. According to Bain & Company, >70% of customers would purchase more IoT devices if security were better addressed. Meanwhile, according to ABI Research, <4% of new IoT devices include sufficient security.

What this means is that developers could be creating and shipping tens of billions more IoT devices if only the public were convinced these devices were secure. So, why don’t we simply add more security, you may ask. Well, as I so pithily pointed out previously, “life is short and security is hard.” The problem is only exacerbated by the fact that, according to the New York Times, upwards of 3.5 million cybersecurity jobs remain unfilled.

So why should we trust the guys and gals at Infineon for our Edge security, as opposed to someone else like my dear old mother, just to pull a random example out of a hat (“You can always trust me to look out for you,” I remember her saying, shortly before her attention wandered, she looked the other way, and I fell off the cliff… but that’s a story for another day).

Well, how about the fact that Infineon has multiple decades of embedded security experience. Did you know that 50% of the world’s debit and credit cards have Infineon’s security chips inside? How about the fact that the passports and ID cards used by 75% of the world’s population use Infineon devices to secure their credentials? Were you aware that every second business laptop comes with a Trusted Platform Module (TPM) from Infineon inside? How about the fact that the majority of car emergency call (eCall) devices feature an Infineon chip? This is all rather impressive, huh?

When we talk about the IoT, we can envisage it as having two major “bookends.” One bookend is the data centers where the big data resides and the cloud IoT exists. These data centers have access to all the resources in the world from a power and processing perspective. With respect to security, they have four walls, video cameras, man traps, and badge ID access—just about everything short of gigantic rolling stone balls and alligator- and piranha-infested moats.

The bookend at the other end of the spectrum manifests itself in the form of IoT Edge devices, which have assets and processes we wish to protect, but which are out in the wild roaming the world. As Erik said to me: “Imagine if a data center lost its four walls, lost its security guards, lost its badge ID access control, and had to be powered by a battery. That’s the world we live in at the Edge” (I can’t help myself—I’m imagining this as a line in a movie being declaimed by James Earl Jones).

Erik notes that when we are talking about security, there are many complexities and market dynamics involved. For example, there are around 50 different jurisdictions right now that are busily beavering away defining IoT security requirements. And the folks at Infineon must boil all of this complexity down into a technical requirement that they deliver with their products in the form of hardware, software, tools, and services. 

Security enables value throughout the product lifecycle (Source: Infineon)

Device manufacturing is a complexity the folks at Infineon remove from their customers because they enable secure credentials on the device from the manufacturing point that can act as a security measure through the manufacturing supply chain, not only of their devices, but also of the customer’s products, offering them true providence to look back and make sure that they have a true, genuine, Infineon device. 

Secure transactions involve taking those credentials, storing them, and using them effectively. And then the cloud ecosystem (AWS, Azure, Google Cloud, etc.) uses those by leveraging pre-built software libraries that let Infineon customers secure those devices to their clouds.

Device upgradeability is where you have patches and quality improvements. This is a requirement for things like the Radio Equipment Directive in Europe and the Cyber Resiliency Act that’s coming from Europe. In this case, you not only have to have upgradeability in terms of firmware updates and doing those with signed images and being able to authenticate those signed images at the Edge on the device, but you also must have business processes in place so that you produce and publish your security bill of materials. You respond when problems come in, or there are published attacks, or somebody notifies you of an area of risk. And then you must have a communication strategy to get that information out to the customers and allow them to make improvements in a time-sensitive way.

Privacy is a very big deal when it comes to IoT. Many of Infineon’s devices in the IoT are in products that have user-sensitive medical information or other healthcare-related data. Even information about maintenance and other sensitive data is something that needs to be protected, and Infineon enables that to happen.

And then there are new features and interesting business models. For example, suppose you have an Edge device in the field that’s acting with a certain set of firmware as one type of value proposition. By changing the firmware, you can not only change the value proposition of the device, but you can also change its credentials and therefore its owner. Now suppose you introduce the concept of a broker who controls who owns what. That broker represents a new business model that leverages security for its income and revenue stream.

Earlier, I noted that Edge Protect is available in four categories. The idea is to provide customers with a set of feature choices that are directly tied to regulation standards and important industry certifications, thereby reducing their liability and allowing them to sell in every market. A high-level summary of these categories is as follows:

Category 1: CRA/RED/PSA Certified Level 1v2 compliant and requires a root of trust (RoT), secure boot, firmware updates, and debug access protection to secure OEM IP.

Category 2: Everything in Category 1 plus Arm Trust Zone processing isolation, the TF-M security services stack and sufficient internal memory or a secured, external-flash, serial-memory interface, and PSA Certified Level 2 compliant.

Category 3: Everything in Category 2 plus hardened accelerated crypto operations and fault sensors, and PSA Certified Level 3 compliant.

Category 4: Everything in Category 3 plus a hardware-isolated, lockstep redundant, embedded-secured enclave at an AVA.VAN.4 security rating for secure boot, key storage, crypto operations, and debug access control.

Summary of Edge Protect categories (Source: Infineon)

These categories were created with a focus on Global Regulations (features, security assurance, and response services to help customer comply and sell their products), Industry Certifications (prevailing component security certifications that customers care about and support end product certifications), Customer Use Cases and Feedback (application-based threat modeling for IoT device and device uses and direct customer learning), and Differentiation (leveraging Infineon’s embedded security brand, IP, and expertise to drive embedded-security leadership).

Last, but certainly not least, Edge Protect is compatible with Infineon’s latest ModusToolbox 3.1, which is a modern, extensible development environment that supports a wide range of Infineon microcontroller devices, including the PSoC and AIROC product families of connected processors that are the focus of this column.

On the one hand, I hate that the world is polluted by nefarious scoundrels who know no bounds and have scant respect for other people’s precious data. On the other hand, I’m happy that companies like Infineon are developing solutions like Edge Protect that will make it easier for IoT developers to secure our Edge devices. What say you about all of this?

Leave a Reply

featured blogs
Oct 9, 2024
Have you ever noticed that dogs tend to circle around a few times before they eventually take a weight off their minds?...

featured chalk talk

Shift Left Block/Chip Design with Calibre
In this episode of Chalk Talk, Amelia Dalton and David Abercrombie from Siemens EDA explore the multitude of benefits that shifting left with Calibre can bring to chip and block design. They investigate how Calibre can impact DRC verification, early design error debug, and optimize the configuration and management of multiple jobs for run time improvement.
Jun 18, 2024
27,269 views