feature article
Subscribe Now

Using Not-a-Blockchain to Secure Embedded Devices

Nonprofit Iota Foundation Delivers Open-Source Secure Access

“Most people want security in this world, not liberty.” — H. L. Mencken

Mention “distributed ledger technology” and you’ll either get a blank stare or someone will shout, “Blockchain!” The underlying mathematics behind cryptocurrencies and blockchain can, like any technology, be used for different purposes. The headlines tend to emphasize those that affect consumers, but there are a lot of other ways we can employ distributed-ledger technology without setting up massive cryptocurrency server farms. 

Iota Foundation is about as far from cryptocurrency mining as you could possibly get – and yet oddly connected. It’s a nonprofit organization dedicated to developing and distributing open-source software, so it doesn’t even make money, never mind making money. The group is made up of 100 full-time engineers spread across the world with the singular goal of leveraging their combined expertise in distributed ledgers for the good of all programmer-kind. 

Ironically, the founders of the organization include the early pioneers in Ethereum and other cryptocurrencies, so their technical bona fides are solid as a bank vault. They felt that the underlying technology – the distributed ledger – could be used for more than just tracing transactions, however. Blockchain and its spinoffs are all fine, but there are still more opportunities to explore. Enter Iota. 

As the clever name might suggest, Iota is focused on IoT: the Internet of verifiable, secure, connected, open-source, high-volume, reliable Things. The most recent product to emerge from the group is called Iota Access, a way to use distributed-ledger technology to control access to remote IoT devices. They give the example of a remote lock (e.g., a building lock or a car lock) that can be opened and closed remotely, but only by authorized agents. Right now, that would probably be handled by a smartphone app communicating through some central cloud server, probably managed by the lock manufacturer. That’s fine – except when the cloud service fails. 

That’s not a hypothetical. Tesla owners were locked out of their own cars for a few hours last week. The problem, of course, was with Tesla’s centralized server that manages all remote accesses. Whether it was a hardware failure or a software failure (the company isn’t saying) doesn’t matter. The point is there’s a single point of failure. Distributed ledgers sidestep exactly that problem. 

Iota is careful to avoid the word “blockchain” in its discussions, which is both confusing and helpful. The group’s underlying technology is technically a directed acyclic graph (DAG), which is subtly different from blockchain. On the other hand, “blockchain” makes a convenient and easily understood (or easily misunderstood) shorthand for what the group does. It simplifies the elevator pitch, even if it elides some of the technical nuances. If Iota were seeking VC funding, calling it blockchain would be a surefire way to make money rain down. 

Mathew Yarger is Iota’s head of Mobility and Automotive development, and he likes to call it the “Iota Tangle” and “beyond blockchain.” It’s more of a mesh, and therefore not susceptible to single points of failure. “That’s our Layer 1,” he says of Iota’s foundational technology stack. “Iota Access is our Layer 2.” He also points out that Iota developers work to make their software smaller and simpler, not bigger or more bloated. “We’re focused on utility, not trending up and getting heavier.” 

Abandoning a central point of control/failure and moving to distributed access sounds good, but that just pushes the responsibility elsewhere. In Iota’s view, that’s the job of the endpoint device. For a door lock, the intelligence resides in the lock, not in the cloud. For a car lock, it’s somewhere inside the car. 

That’s swell, but most of us have no experience dealing with blockchain – oops, with directed acyclic graph distributed ledger technology – so where do we start? Clearly, this is a security issue, so hacking something together and figuring it out on the job isn’t a real option. We need good, solid code and we need it from somebody who knows what they’re doing. Hence, Iota Access. 

The group has already begun working with STMicroelectronics and its line of microcontrollers, as well as a handful of other product and service vendors. The idea is to eventually offer Iota Access with chips, software stacks, or development systems anywhere IoT developers might find it. It’s all open-source, so it’s also available through the usual channels

You see? Blockchain isn’t just about mining Bitcoin on the side. It can bridge the physical and digital worlds without inserting a centralized third-party authentication authority. Kind of the same thing, but different. 

 

featured blogs
Jan 18, 2021
The DIY electronics portion AliExpress website can be a time-sink for the unwary because one tempting project leads to another....
Jan 17, 2021
https://youtu.be/mKoW8ji9_g8 Made in my kitchen (camera Ziyue Zhang) Monday: Young People Program at DATE 2021 Tuesday: IEDM Opening Keynote Wednesday: Cadence/Arm Event on Optimizing High-End Arm... [[ Click on the title to access the full blog on the Cadence Community site...
Jan 14, 2021
Learn how electronic design automation (EDA) tools & silicon-proven IP enable today's most influential smart tech, including ADAS, 5G, IoT, and Cloud services. The post 5 Key Innovations that Are Making Everything Smarter appeared first on From Silicon To Software....
Jan 13, 2021
Testing is the final step of any manufacturing process, and arguably the most important, and yet it can often be overlooked.  Releasing a poorly tested product onto the market has destroyed more than one reputation for quality, and this is even more important in an age when ...

featured paper

Common Design Pitfalls When Designing With Hall 2D Sensors And How To Avoid Them

Sponsored by Texas Instruments

This article discusses three widespread application issues in industrial and automotive end equipment – rotary encoding, in-plane magnetic sensing, and safety-critical – that can be solved more efficiently using devices with new features and higher performance. We will discuss in which end products these applications can be found and also provide a comparison with our traditional digital Hall-effect sensors showing how the new releases complement our existing portfolio.

Click here to download the whitepaper

Featured Chalk Talk

Series 2 Product Security

Sponsored by Mouser Electronics and Silicon Labs

Side channel attacks such as differential power analysis (DPA) present a serious threat to our embedded designs. If we want to defend our systems from DPA and similar attacks, it is critical that we have a secure boot and root of trust. In this episode of Chalk Talk, Amelia Dalton chats with Gregory Guez from Silicon Labs about DPA, secure debug, and the EFR32 Series 2 Platform.

Click here for more information about Silicon Labs xGM210P Wireless Module Starter Kit