With the networking of several billion devices over the coming years, the Internet of Things (IoT) places new requirements on the security of devices, infrastructure and data. Software measures alone often do not provide sufficient protection. Security solutions of the OPTIGA™ product family from Infineon Technologies offer scalable hardware-based security for embedded systems and permit reliable protection for components and the associated services.
A few figures help to illustrate the growing significance of data security in view of IoT. According to market researchers from IDC, by 2020 some four billion people will be networked worldwide, more than 25 billion “smart objects” and embedded systems will be in use, and 50 trillion GB of data exchanged. This increase in networking does however present new security risks, requiring the topics of privacy, data protection and platform integrity to be discussed and addressed. In the “Internet of Things”, how can networked devices and services be protected in both manners, simple and efficient? Against this backdrop, the Infineon Security Partner Network (ISPN) provides device manufacturers and service providers with clear example solutions. The ISPN (Figure 1) makes proven security chip technology more easily accessible to a wide market by means of ‘use cases’ and design solutions. The network partners use this as a basis for developing security solutions tailored to the specific requirements of individual industries and markets such as industrial automation, automotive electronics, IT and smart homes. The offering of the network partners covers the entire supply chain, from consulting and design through to system integration and service management. In the end, the security solutions shown in the ISPN are easy to integrate and manage for the device and system manufacturers. The ISPN partners are selected on the basis of their security expertise and knowledge of the challenges encountered in individual market segments. They present a selection of existing case examples, solution approaches and reference designs in the virtual showroom www.infineon.com/ispn.
Securely anchored
Whether in industrial automation or the smart home – until now, software-based solutions have often been used on their own for device authentication. Software however is composed of written code, which in most cases can be easily read, analysed and copied. And once analysed, it can be modified according to the attacker’s requirements, for example in order to gain access to sensitive information or to manipulate platforms. In other words, software alone cannot be regarded as an effective manner for product authentication, protection of system integrity and intellectual property (IP).
Protection using software thus requires reinforcement by means of hardware as a so-called trust anchor it can rely on. This is because secured hardware offers more effective protection for the processing and storage of code by means of encryption, fault and manipulation detection as well as secured code and data storage. Software becomes trustworthy by combining it with secured hardware. This is proven by extensive experience from the fields of trusted computing (Trusted Platform Module) and the use of embedded Secure Elements (eSE) in mobile phones.
By using state-of-the-art microcontrollers and stand-alone security controllers such as the OPTIGA™ product family (Fig. 2), it is possible to implement a hardware-based trust anchor that protects the system software against attacks. The key to a successful protection involves enabling the ability to be combined with existing systems in the facilities, along with the compatibility with current standards.
Scalable and dedicated security solutions
For many manufacturers, it is important to protect their products against counterfeiting. With its OPTIGA™ Trust, Infineon thus offers a complete solution comprising a chip and software for electronic accessories such as earphones and medical devices. . The chip is based on asymmetric cryptography and, thanks to its compact package (2 mm * 3 mm) and turnkey set-up, can be easily integrated into electronic accessories. In order to check whether or not a part is genuine, the host system sends a challenge to the chip in the accessory. The OPTIGA™ Trust subsequently generates a response using the manufacturer-specific key. If successfully authenticated by the chip, the accessory or replacement part is accepted by the system and can be used without restrictions. This offers two key advantages, since on the one hand it protects the ‘user experience’ anticipated by the consumer and on the other hand it safeguards the manufacturers’ investments in their products.
The OPTIGA™ Trust E also works according to the same principle. Besides that it features an I2C interface as well as an extended temperature range (-40 to +85 °C). This authentication chip with an increased security level is as such designed to be used in industrial applications, where it mainly protects high-value investment goods. By way of example, the OPTIGA™ Trust E has been integrated in a smart power module from Infineon, the MIPAQ™ Pro. Instead of being stored directly in the power module, software codes and sensitive product information are stored in the OPTIGA™ Trust E security controller. With the aid of a special certificate, the chip and as such the power module can be securely authenticated in the network and overall system. This technique is used for example by manufacturers of wind turbines, who within the scope of their customer service, wish to avert damage to the overall system caused by counterfeit replacement parts. To simplify integration for manufacturers, both the OPTIGA™ Trust and the OPTIGA™ Trust E are delivered with code for the host side, which can be integrated easily.
Protection against product counterfeiting by means of authentication is just an initial step in safeguarding the overall system. If application-specific information (e.g. customer data and intellectual property) and the overall operating procedure are to be protected, further security functions are necessary. A solution is provided by the programmable OPTIGA™ Trust P, which can be used to safeguard individual functions and specific systems. The OPTIGA™ Trust P security solution consists of a security controller with a Java card operating system, which can be programmed flexibly for a wide range of applications. This in turn allows the applications to be managed subsequently in the field by the implemented global platform specification.
Comprehensive protection for embedded systems
The OPTIGA™ TPM (Trusted Platform Module) covers the broadest range of security requirements. These security controllers are based on the international standard of the Trusted Computing Group, an association of leading manufacturers from the IT industry. After TPMs have successfully proven themselves for years in computer applications, this technology is now finding its way into new networked systems and devices such as routers, industrial facilities and cars. The corresponding embedded systems also benefit from the generic security functions of the TPM specifications and the many advantages of standardisation.
The products of the OPTIGA™ TPM family are validated and certified by the security evaluation according to the Common Criteria certification process. To permit easy integration into a system, the OPTIGA™ TPM family supports commercial and open source code for Windows and Linux, including derivatives and Infineon tools. The OPTIGA™ TPM family comprises a broad range of security controllers complying with the standards TPM 1.2 or TPM 2.0, which, depending on the application area, are available for various temperature ranges and offer different interfaces such as SPI,I2C and LPC.
Applications in industrial and building automation
One application example of the OPTIGA™ TPM is found in the industrial sector, where TPMs can for example be used in industrial controls for secured data transmission or storage (Figure 3). In such an application, the key factor is the combination of secured hardware and software-based security mechanisms. The use of a TPM supports the monitoring and/or preservation of the system integrity. Using this security controller additionally permits reliable component identification, which in turn checks that components communicate exclusively with reliable and trustworthy components.
Also for secured remote access, e.g. for maintaining the systems or updating the software, the TPM protects the accesses to the system by means of device authentication. The OPTIGA™ TPM also serves as a secured storage for secret keys and protects the implementation of cryptographic operations. For typical applications such as for the SSL/TLS protocol, keys are stored in the secured storage rather than in the memory of the main processor and are only processed internally. This offers the advantage that the secret keys are protected against external security risks such as the Heartbleed bug. In conjunction with TPM and security mechanisms such as encryption, the PLC code is also protected against manipulation. On account of the standardisation, simple integration and/or upgrading is possible, and thus allows it to be integrated into running systems.
Security for Smart Homes
Security in the smart home is enabled by solutions such as the “iBadge” (Figure 4) plug-and-play solution developed by IKV (an ISPN partner). This allows various devices to be interconnected securely within the IoT. This in turn enables users to access their private home network conveniently and securely via smart phone apps and cloud-based services. For example, they can remotely switch on the heating on the way home or keep an eye on everything back home thanks to video surveillance. In addition, the solution offers service providers the advantage that their range of services are secured.
The OPTIGA™ Trust authentication chip is at the heart of the iBadge solution. It can be integrated in smart heating and light control systems as well as surveillance cameras where it works like an identity card. It is used for authorising the devices before they access the network.
The iBadge evaluation board is provided as an IoTSiP (system in package), comprising the microcontroller unit, wireless module, host interface and OPTIGA Trust authentication chip. As a result, manufacturers of IoT devices and traditional home electronics can integrate the iBadge solution simply and quickly into their devices.
As the core component of the system solution, the OPTIGA™ Trust provides a unique chip ID, strong asymmetric authentication (ECC-163), session keys for each application and a dedicated OPTIGA™ Trust Digital Certificate (ODC). The unique identifier and the cryptographic keys are stored on the chip during a highly secured and certified production process.
Security creates added value
In the wake of the Internet of Things, the networking of man and machine is set to constantly increase. Security solutions such as the OPTIGA™ family from Infineon protect data, devices and infrastructure, and are already used in many applications. The numerous and diverse use cases show one thing – namely, that security in embedded systems creates added value. It offers potential for differentiation, makes new business and service models possible and protects sensitive data of manufacturers and users alike. Further information is available at:www.infineon.com/embedded-security.
