feature article
Subscribe Now

Find Your Security in the Cloud

Sequitur Labs Adds “Trust as a Service”

Sometimes the biggest engineering challenge is overcoming NIH. The dreaded “not invented here” syndrome has derailed many a project, cost untold millions, wasted months, and produced inferior products. NIH is like our own children: it’s hard not to fall in love and overlook the flaws. 

Sometimes what we need is a whack on the head and someone to tell us, “This is not your core competence! Give it up and let an expert do it!” It’s tough love in the engineering lab. 

Nowhere is this more evident than in the category of security. Ten years ago, most of us didn’t care about designing-in security measures. Now it’s a requirement. Yet very few hardware or software developers have any real expertise with security, nor do most of us have any interest in it, either. It’s a necessary evil, not an opportunity to innovate. It’s also a good way to look bad in front of your boss and your peers. If your homegrown security measures somehow work, nobody cares because success was expected. But if your product ever gets hacked, you’re the goat. It’s a lose-lose situation. 

That’s why outsourced security companies exist. Companies like Sequitur Labs, which has long offered its EmSpark package of security measures for embedded and IoT devices. The twelve-person company toils away on security measures because they know nobody else wants to. Now, they’ve augmented their security software with cloud-based services. 

The new EmPower service offers a package of features to remotely manage devices in the field. EmPower handles over-the-air firmware updates, protects sensitive intellectual property, manages keys and certificates, detects threats, and collects interesting data from your devices to monitor their health and welfare. It doesn’t even need the EmSpark software layer to work, though that helps. 

Like EmSpark, EmPower runs on relatively low-end microprocessors from ARM’s Cortex-A range, including chips from NXP, STMicro, Microchip, and (surprisingly) nVidia. Nearly any CPU with ARM’s TrustZone is a potential target. But, unlike EmSpark, EmPower can also run on low-end MCUs that don’t have TrustZone. You won’t get all the same features that the two-product combination can deliver, but it’s better than nothing. 

Sequitur Lab’s VP of Marketing, Larry O’Connell, makes the point that security is (a) necessary, and (b) harder than it looks. It’s tough enough for most programmers to develop, test, and deliver working code that does what it’s supposed to under normal circumstances. Operating smoothly in the face of malicious hacking is exponentially tougher, largely because we don’t even know what we’re fighting against. Do we worry about RF-based side-channel attacks? Code injection? Hidden exploits in the operating system, code libraries, drivers, or hardware? Are production methods really secure, and are firmware updates reliable? The list goes on and on, and most of us are ill equipped to recognize, much less fix, such an array of vulnerabilities. 

Moreover, every processor is different, so nailing down one product design may not help much with the next one. And the threats change over time, too. There’s a reason PC antivirus programs are subscriptions, not one-time purchases. With EmSpark, he says, programmers deal only with its software interface, not with the underlying hardware, so experience transfers from one project to the next. 

Layering EmPower’s cloud services on top of EmSpark adds “entire life cycle management, from initial boot up until the product is removed from service,” says O’Connell. 

If security concerns are going to be with us — and it looks like they will — it makes sense to either develop some in-house expertise or outsource it to someone who already has. Given that most embedded and IoT product developers already have their hands full developing their products, the latter course makes a lot of sense.

One thought on “Find Your Security in the Cloud”

  1. engineers drawn out of their realm of the entirely-predictable to play in the wild world of what is done with the bits do so to their disadvantage

Leave a Reply

featured blogs
Jul 22, 2021
The HotFix 019 (QIR 3, indicated as 2021.1 in the application splash screens) update for OrCAD® and Allegro® is now available at Cadence Downloads . This blog post contains important links... [[ Click on the title to access the full blog on the Cadence Community si...
Jul 21, 2021
It's a funny old thing to find yourself in possession of a USB-C dock when you don't have a host machine that sports a USB-C connector with which to drive it....
Jul 21, 2021
We explain how virtual prototyping eliminates ASIC design bugs before RTL, and how chip architecture design modeling correlates key performance attributes. The post Take the Guesswork Out of Designing Your New Product Architecture appeared first on From Silicon To Software....
Jul 9, 2021
Do you have questions about using the Linux OS with FPGAs? Intel is holding another 'Ask an Expert' session and the topic is 'Using Linux with Intel® SoC FPGAs.' Come and ask our experts about the various Linux OS options available to use with the integrated Arm Cortex proc...

featured video

Breakthrough FPGA news from Intel

Sponsored by Intel

As part of the numerous portfolio announcements associated with the launch of the 3rd Gen Intel® Xeon® Scalable processor, Intel also disclosed some breakthrough FPGA news: Intel® Agilex™ FPGAs now deliver industry-leading power efficiency and performance.

Click here for more information about Intel® Agilex™ FPGAs.

featured paper

Intel® Agilex™ FPGAs target IPUs, SmartNICs, and 5G Networks White Paper

Sponsored by Intel

Security challenges in the form of cyberattacks and data breaches loom ever larger as attacks on high-speed networks multiply. Massive amounts of data are at risk but so are physical resources, including critical physical infrastructure. Cryptography and authentication represent potent countermeasures. The latest members of the Intel® Agilex™ FPGA and SoC FPGA families feature hardened crypto blocks paired with MACsec soft IP to help mitigate the risks and limit the effects of these cyberattacks.

Click to read more

featured chalk talk

Benefits and Applications of Immersion Cooling

Sponsored by Samtec

For truly high-performance systems, liquid immersion cooling is often the best solution. But, jumping into immersion cooling requires careful consideration of elements such as connectors. In this episode of Chalk Talk, Amelia Dalton chats with Brian Niehoff of Samtec about connector solutions for immersion-cooled applications.

Click here for more information about Samtec immersion cooling solutions