Avnet Silica, an Avnet company, continues to tackle the subject of Internet of Things (IoT) security head on, with the introduction of a complete security reference design to accompany its flexible, multi-faceted Visible Things development platform.
Inherent to IoT is the transfer of data over numerous different networks (WLAN, WAN, IP core, the cloud, etc.), each with their own distinctive protocol stacks and security mechanisms. Generally, IoT-enabled devices (sensors, robots, etc.) need to connect to industrial networks using low power wireless connectivity technologies (like Bluetooth, 802.11, Z-Wave, etc.). It is, however, likely to be another five to six years before these will have IP capabilities. Standard transport layer security (TLS), which relies on IP, therefore cannot be applied.
Thanks to its partnership with embedded software specialist Ubiquios, plus related firmware support from Trusted Objects, Avnet Silica is ensuring that non-IP network vulnerability is fully addressed. A streamlined microcontroller stack has been developed through this cooperation, which forms the basis of the new IoT security reference design. The reference design is X509 certificate compliant, but this aspect has been rationalised, so that it respects the power and data limitations of Bluetooth 4.1 and other non-IP wireless protocols, while simultaneously being able to maintain the highest degrees of system security.
In addition, the reference design simplifies the provisioning of devices in the field (whether it is within an IP or non-IP context), making the procedure dramatically quicker to complete. This increases the operative’s production, as more devices can be dealt with in a day. It also means that the operative does not need such a high level of training in order to complete the task. Furthermore, as the end device can be identified directly from the server, it is straightforward to renew the local key remotely. This avoids having to send an operative back out into the field to renew that key manually (which in reality rarely happens, due to the costs involved, thereby undermining protection provided over time).
“The more assets that a company has connected to the Internet, the greater their exposure will be to potential security threats. Though covering everything from the server down to the gateway may not prove to be a major problem, there are serious challenges for engineers at the network edge,” stated John Jones, director of Innovation at Avnet Silica. “As our new security reference design is not restricted to IP nodes managed by the standard TLS process, IoT devices can thus be connected to IP-based infrastructure without security being compromised. By delivering an X509 certificate compliant solution, it is completely aligned with what IT directors expect, but in a stripped down format that is practical for low power wireless connectivity. The microcontroller stack design dispenses with the need for high performance microcontrollers at gateways. This makes the system more cost effective and energy efficient, as well as being much easier to implement.”