In an era increasingly defined by the ubiquity of interconnected IoT systems – from household gadgets like smart thermostats and digital door locks to critical medical and industrial applications – the demand for robust cybersecurity within embedded systems has escalated.
Addressing this need, Microchip Technology has enhanced its Trust Platform portfolio with the integration of the ECC608 TrustMANAGER and Kudelski IoT’s keySTREAM, a Software as a Service (SaaS), aimed at bolstering IoT product security while simplifying their setup and management.
The ECC608 TrustMANAGER, empowered by keySTREAM, transcends traditional security models by enabling dynamic management and updating of security credentials directly in the field. This capability allows for the provisioning of custom cryptographic credentials directly at the endpoint, sidestepping the need for supply chain customisation and enabling end-user management. keySTREAM delivers a device-to-Cloud solution that secures key assets end-to-end within an IoT ecosystem across the product’s lifecycle, ensuring comprehensive security from inception to decommission.
At its core, the ECC608 TrustMANAGER is built around a secure authentication IC dedicated to the storage and protection of cryptographic keys and certificates, overseen by the keySTREAM SaaS. This collaborative approach between hardware and software facilitates the creation of a self-serve root Certificate Authority (root CA), alongside a public key infrastructure (PKI) secured by Kudelski IoT. This framework supports the generation and management of a dynamic certificate chain and in-field device provisioning upon their initial connection. Devices, once registered in the SaaS account, are seamlessly activated within the user’s keySTREAM service through in-field provisioning.
Nuri Dagdeviren, Corporate Vice President of Microchip’s security computing group, remarked: “As the volume of connected devices rapidly increases and security standards and regulations tighten, IoT designers are seeking more efficient ways of managing their devices once products are in their customers’ hands.” He further emphasised the value of their partnership with Kudelski, noting that incorporating keySTREAM with the ECC608 TrustMANAGER equips customers with the tools to “manage, scale and update IoT ecosystems efficiently via a Cloud-based security SaaS for in-field provisioning and certificate management.”
The evolving landscape of security standards and regulations increasingly mandates the upgradability of IoT devices’ security infrastructure, a challenge traditionally met with physical hardware upgrades. The ECC608 TrustMANAGER automates and scales this process, ensuring secure, efficient device management across their lifecycle and facilitating effortless ownership transitions through digital security key updates.
Hardy Schmidbauer, Senior Vice President of Kudelski IoT, highlighted the collaboration’s significance, stating; “The ECC608 TrustMANAGER with keySTREAM marks a pivotal moment in our quest to secure the IoT landscape and make provisioning easier… By leveraging Microchip’s renowned semiconductor technologies alongside Kudelski IoT’s security services, we are poised to deliver protection and a new ease of provisioning for IoT device manufacturers.”
This model of dynamic in-field provisioning and device management not only aligns with IoT security standards but also adapts seamlessly to the continuous evolution of security requirements. The keySTREAM SaaS facilitates ongoing security updates, protecting against emerging threats without necessitating manufacturing customisation.
As the inaugural security IC in Microchip’s TrustMANAGER series, the ECC608 represents a significant advancement in IoT security. To explore the capabilities of the ECC608 TrustMANAGER and the keySTREAM use case, Microchip invites users to download the Trust Platform Design Suite.