Security platform enables secure IoT applications
Atmel has announced a comprehensive security platform that enables businesses of all sizes to assign certified and trusted identities to devices joining the secure IoT. The Atmel Certified-ID security platform prevents unauthorised reconfiguration of an edge node to access protected resources on the network. This platform is available on the Atmel SmartConnect WiFi, Bluetooth, Bluetooth Smart and ZigBee solutions that connect directly to Atmel Cloud Partners, providing a secure turnkey solution for IoT edge node-to-cloud connection.
The Atmel Certified-ID platform delivers a distributed key provisioning solution, leveraging internal key generation capabilities of Atmel’s ATECC508A CryptoAuthentication device, without invoking large scale infrastructure and logistics costs. This new platform also allows developers to create certified and trusted identities to any device before joining an IoT network.
With billions of devices anticipated by 2020 in the rapidly growing IoT market, security is a critical element to ensuring devices can safely and conveniently access protected assets through the Internet. Today, secure identities are commonly created through a centralised approach where IoT device keys and certificates are generated offline and managed in secure databases in Hardware Security Modules (HSM) to protect the keys. These keys are then programmed into the IoT devices by connecting the HSM to automation equipment during device manufacturing. This approach is indispensable in large deployments consisting of millions of devices. It can also entail significant upfront costs in infrastructure and logistics which must be amortised over a large number of devices for cost effectiveness.
By utilising the unique internal key generation capabilities of Atmel’s ATECC508A device, the new platform enables decentralised secure key generation, allowing distributed IoT device provisioning regardless of scale.
This method eliminates the upfront costs of the provisioning infrastructure which can pose a significant barrier in deploying devices in smaller scales. The new platform enables developers to create secure IoT devices compatible with partner cloud services and the ability to securely join ecosystems.
Atmel is currently working with several cloud service companies including Proximetry and Exosite on the Certified-ID platform. These collaborations allow developers to select from a full suite of ecosystem partners for a secure connection between the edge nodes and the IoT. Other partners will be announced as they are integrated in the Certified-ID platform.
Nuri Dagdeviren, Vice President and General Manager, Secure Products Group, Atmel, commented: “As a leader in the security space with a track record of over two decades, enabling secure networks of all sizes is our mission. Streamlining secure processes and simplifying deployment of real world secure networks will be key to unlocking the potential and enabling rapid growth of IoT. We will continue delivering industry-leading solutions in security, a critical element in enabling billions of ‘things’ to be connected to the cloud.”
Atmel security provisioning tool kits
Atmel now offers security provisioning tool kits to enable independent provisioning for pilot programmes or production runs when used in conjunction with the ATECC508A CryptoAuthentication devices. These devices are pre-provisioned with internally generated unique keys, associated certificates and certification-ready authentication once it is connected to an IoT ecosystem.
Developers will need two kits to securely provision their devices. These include Atmel’s AT88CKECCROOT tool kit, a ‘master template’ that creates and manages certificate root of trust in any ecosystem and the AT88CKECCSIGNER tool kit, a production kit that enables partners to provision IoT devices. The AT88CKECCSIGNER kit allows designers and manufacturers the ability to generate tamper-resistant keys and security certifications requiring hardware security in their IoT applications. These keys provide the level of trust demanded by network operators and allows system design houses to provision prototypes in-house, saving designers overall investment costs.
The tool kits also include an easy-to-use GUI that allow everyone to seamlessly provision their IoT devices with secure keys and certificates without special expertise. With distributed provisioning, developers are not required to use expensive HSM for key management and certificate acquisition fees.
In addition to secure IoT provisioning, the new Certified-ID platform provides high-quality random number generation to guarantee a diverse set of public and private keys. It delivers solutions to a variety of IoT security needs including node anti-cloning protection, data confidentiality, secure boot and secure firmware upgrades over-the-air. The tamper resistance built into the ATECC508A device continues to provide the desired protection even when the device is under physical attack.
The Atmel AT88CKECCROOT and AT88CKECCSIGNER tool kits are available now.