IoT devices are potential entry points to wider IoT ecosystems, making security essential. The Secure Technology Alliance’s IoT Security Council recently published a white paper called “Embedded Hardware Security for IoT Applications,” which outlines how to use embedded hardware to secure IoT applications.
The current trend indicates an increased need and market opportunity for embedded hardware in IoT ecosystems. Embedded hardware security can deliver significant benefits; here are just a few:
- Robust, tamper-resistant storage of cryptographic keys
- Integrated cryptographic functions
- A proven, standardized means for securing communications between the device, the security-focused hardware element, and external entities such as mobile network servers and other systems interfacing to the IoT ecosystem
- Protection against both virtual and physical attacks (such as power analysis or tampering), with appropriate up-to-date shielding techniques
- Portability among devices, for example as when implemented as a UICC
- Support for authorized and authenticated device lifecycle management (e.g., downloading, activating, changing and deleting the subscriptions)
When it comes to determining which mechanisms to implement, it will depend on the security requirements of the specific IoT application. To learn how to choose the appropriate security mechanism, read the full white paper here.