You are here

“What” is Edge-to-Cloud Security? | Cypress Semiconductor

“What” is Edge-to-Cloud Security?

By Michael Schy, Solutions Architect for the Specialist IoT team at Amazon Web Services and Erik Wood, Director of the Secure MCU Product Line at Cypress, an Infineon Technologies Company.

This blog is part of a series on IoT security. The previous blog, Why IoT Security Matters, and Who Can Help?, discussed how newer “smart” IoT devices without embedded security are putting users’ data and safety at risk. California now requires all manufacturers to include built-in security for connected IoT devices sold in the state, with at least nine other states and the EU about to follow suit. Today, IoT manufacturers are facing the challenge of designing high-standard security measures into resource-constrained products.

Today’s IoT edge devices need to adhere to several requirements of power, price, and processing. If that isn’t enough, these connected products should also have the same airtight, A-Class processor grade security that is employed by PCs, smartphones, and cars.

So how do you achieve internet-grade security in a cloud-connected IoT edge device and remain price competitive? The answer lies in secure microcontrollers.

Today’s secure MCUs help IoT manufacturers design products that comply with the latest security legislations and requirements. These devices come preconfigured to support hardware root-of-trust that are ready for field-provisioning and internal processing resource isolation which ensures that if one area is compromised, the entire device is not.

Secure MCUs also implement hardware accelerated cryptography that offers features like True Random-Number Generator (TRNG) and can generate random cryptographic keys from within the device. Essential for necessary security operations like secure boot and authentication, both features also meet the Federal Information Processing Standard (FIPS) 140-2, Level 1.

Hardware Root-of-Trust:

Just as humans use ID cards, unique biometric features, and passwords to protect their transactions, all devices that are trusted to connect to the cloud need a unique hardware-based root-of-trust to prove who they are. The root-of-trust is the device’s identity and it is bound to the owner of the device. Some techniques recommended by Arm’s Platform Security Architecture include eFUSES and the use of Physically Unclonable Function (PUF) “digital fingerprint” technology.

A hardware root-of-trust is the foundation on which all secure operations of a computing system depend. It contains the keys used for cryptographic functions and enables a secure boot process. It is inherently trusted, and therefore must be secure by design. Multiple hardware roots-of-trust may be used for different applications and they can be bound to different application owners. Some examples where these roots-of-trust are used include booting into a secure and trusted state (Secure Boot), secure firmware updates, attestation, and hardware-based transport layer security (TLS).

Hardware roots-of-trust often come in the form of cryptographic keys which must be logically and securely stored for use and used in a secure processing environment.

Secure Boot

Secure Boot means that the MCU boots into an expected and trusted known good state. Booting to a known good state requires that when a system powers on, every step of boot code validates the next before launching it. A root-of-trust validates the first boot step and every follow-on step validates the next layer of firmware until the entire application is running.

Firmware Updates

Conducting a secure firmware update is very important to fix bugs and discovered security vulnerabilities. It is also important for the protection of the application’s IP.

Hardware-Based TLS

Hardware-based TLS is far more secure than software-only, which leaves cryptographic keys exposed. TLS is the common protocol to encrypt data that travels over networks, especially Wi-Fi. It is vital that the keys used for this type of encryption are securely stored on the chip and the encryption processing is done in a secure processing environment.

Attestation

Remote attestation is a method by which an edge device (client) authenticates its hardware and software configuration to a remote host cloud platform (server) or vice versa. The goal of remote attestation is to enable the challenger to determine the level of trust in the integrity of the attestator.

Secure Key Storage

The logically secure storage of keys in the MCU is vital. It’s not only important to isolate keys from access by the non-secure processing environment where the communication stack lives but also important to isolate different sets of keys from various trusted applications within the Secure Processing Environment. Trusted Firmware-M (TF-M) offers a secure partition manager (the secure operating system that manages the secure processing environment) to enable this.

Field Provisioning

Most secure semiconductors, such as those used for payment cards or SIM cards, undergo bulk provisioning at the factory. Because of this, orders made by customers are non-cancellable and often require minimum order quantities. However, this paradigm is shifting to the point where small- to- medium-volume IoT device makers are now able to take advantage of field provisioning without being burdened by strict supply-chain requirements.

Secure and Non-Secure Processing Isolation

Isolating key storage and cryptographic operations, as well as other secure applications, from the communication stack is critical on an MCU. To do this, a secure MCU must offer both a Secure Processing Environment and a Non-Secure Processing Environment. This isolation can be achieved by either virtualizing a single core or by utilizing two distinct, physically separated cores that use Inter-Processor Communication (IPC) to communicate between them.

PSoC 64® Standard Secure AWS Solution

Fortunately, the Arm® Cortex®-M-based MCU industry has created several open-source communities to create the firmware required to support these key capabilities for secure devices. TF-M.org and Linaro are examples of these communities. Infineon has been a leader in these open-source communities supporting the launch of the PSoC 64 product line. One key family member of the PSoC 64 product line is the PSoC 64 Standard Secure AWS solution which implements open-source security software stitched together with Amazon® FreeRTOS, optimized to work right out the box.

This solution comes backed by a rigorous Amazon qualification process; libraries with inputs from Infineon, Arm, and Amazon; the Free RTOS kernel from FreeRTOS.org; access to the Amazon IoT Device Defender service; and a convenient certificate management system. The benefits of this pre-integrated solution include risk mitigation, cost savings, and fast time-to-market.

Conclusion

When it comes to connected devices, security threats are a very real possibility. Both governments and industry have responded with legislation and standards to mitigate risk. Internet-grade security in a low-cost and resource constrained device is hard but achievable. Secure MCU manufacturers, open-source firmware and cloud powerhouses know how to solve the problem. Infineon and AWS have collaborated to make developers’ lives simple by providing products, both on the device and cloud end of the ecosystem, that do all the secure connectivity work for IoT devices intended for connecting to AWS services.

To learn more about the PSoC 64 product line, please email erik.wood@infineon.com. To order the PSoC 64 Standard Secure AWS development kit, click here. To download our latest white paper, please click here.

And be sure to read our next blog, which will dive deeper into the topic of how to securely connect an IoT device to the AWS Cloud.


About the Authors:

Erik Wood is the Director of the Secure MCU Product Line at Cypress, an Infineon Technologies Company.

Erik spent the first 14-years of his career at various wireless sensor network startups. In 2010, he joined a small group of cryptographic security experts led by the world-renowned cryptographic leader, Dr. Whitfield Diffie, to build a startup that designed lightweight cryptography for resource constrained IoT devices. Realizing the challenges in getting customers to pay for non-NIST certified cryptography, Erik transformed the startup into a Security Software Services business, providing power and processing optimized versions of cyphers supported by NIST Suite B. Following which, Erik joined Cypress through the acquisition of Ramtron. At Cypress, Erik started out by working on F-RAM technology for passive RFID and secure memories and was then pulled in to run the product line for secure microcontrollers and differentiated security software.

Erik has more than a decade of experience in global wireless security standards, including serving as the Chair of the US delegation to ISO for Security in RFID, as well as the Chair of the NFC Forum Security Committee. Erik holds a bachelor’s degree in Electrical Engineering from UCLA and a corporate MBA from Santa Clara University.

Michael Schy is a Solutions Architect for the Specialist IoT team at Amazon Web Services and is responsible for IoT architecture programs, partner enablement, design and integration support, and workshops within his team. He has over 30 years of leading-edge technology experience with over 20 years focused on wireless and embedded technologies. Michael has a BSEE from The Ohio State University and an MBA from Northwestern’s Kellogg School of Management. Michael has done a prodigious amount of system, hardware, and software design and implementation work in the cellular, automotive, and IoT industries.

본 사이트의 모든 컨텐츠와 자료는 "있는 그대로" 제공됩니다. CYPRESS SEMICONDUCTOR와 해당 공급자는 그 목적에 관계 없이 이러한 자료의 적합성에 대한 표현을 하지 않으며 상업성, 특정 목적에의 적합성, 권리 및 제3자 지적 재산권의 비침해에 대한 모든 묵시적 보증과 조건을 포함하여(이에 제한되지 않음) 이러한 자료와 관련한 모든 보증과 조건을 부인합니다. CYPRESS SEMICONDUCTOR에서는 명시적 또는 묵시적으로 금반언이나 여타의 다른 방법으로 라이센스를 부여하지 않습니다. 이 사이트의 정보를 사용하려면 제3자의 라이센스 또는 CYPRESS SEMICONDUCTOR에서 제공하는 라이센스가 필요할 수 있습니다.

이 사이트의 컨텐츠에는 특정 사용 지침이나 제한이 포함되거나 그러한 제한이 적용될 수 있습니다. 모든 게시물과 이 사이트 컨텐츠 사용에는 사이트 약관이 적용됩니다. 이 컨텐츠를 사용하는 제3자는 제한 또는 지침을 따르고 이 사이트의 약관을 준수할 것이라는 데 동의합니다. Cypress Semiconductor와 그 공급자는 컨텐츠와 자료, 그 제품, 프로그램 및 서비스를 언제든 수정, 삭제, 개조, 개선, 향상 및 기타 변경하거나 예고 없이 컨텐츠, 제품, 프로그램 또는 서비스를 이동 또는 중단할 수 있는 권리를 보유합니다.