Building Trust from the MCU
Billions of devices are being connected to the Internet of Things (IoT) and the number of attacks on these devices is increasing rapidly. To reduce the number of attacks, we need to look at embedded microcontrollers (MCU), the orchestrating components in all these devices. MCUs need to ensure security for IoT data at rest and in motion, and protect the IP that operates the device. But how can an MCU vendor create a scalable security solution in a market under extreme price pressure?
Watch as Vincent van der Leest takes just a few minutes to discuss IoT security based on trusting the microcontroller of a device.
Hi everyone, I’m Vincent van der Leest, Director of Product Marketing at Intrinsic ID. And today, we are going to talk about IoT security by building trust from the microcontroller of a device. Every day, more and more devices, such as thermostats and smart watches, are connected to the IoT. The number of attacks on these devices is growing fast, which is a serious threat to everyone involved. It is said that data is the currency of the IoT. But this currency only has value when the data comes from a trustworthy source and has not been tampered with. In some cases, it even needs to remain confidential. So how can we achieve this?
To answer this question, we will focus on one thing all IoT devices have in common: a microcontroller, which manages the operations of a device. This chip is at the center of security of an IoT device. But it is also very constrained in resources and cost. So how can a microcontroller help? To understand this, we will circle back to three properties of cryptography that form the basis for robust security:
- Device authentication which verifies the data comes from a trusted source.
- Data integrity that proves the data has not been tampered with.
- And data confidentiality which ensures no one can eavesdrop on the data.
All these security functions require cryptographic keys that are derived from the device identity. To establish trust in a device, this identity needs to be unclonable and immutable. But how can we get such a strong device identity on a microcontroller in a cost-effective way?
This is where SRAM PUFs come in. An SRAM PUF is best described as a unique, chip fingerprint from within derived from tiny variations in the chip’s silicon. It creates an unclonable and device-unique root key from which all other keys of the device are derived. With SRAM PUFs, keys are never stored and cannot be copied from one device to the next, which makes them invisible and inaccessible to attackers. This also holds for all other sensitive data on the device which is protected with this key. This way, SRAM PUFs offer a best-in-class combination between security, cost and flexibility.
Security is high because keys are never stored. While costs are low because no key injection or special security hardware are needed. Meanwhile, manufacturing flexibility is high because keys can be provisioned at any stage in the device’s life.
SRAM PUFs offer an unparalleled anchor of trust for device authentication, data integrity and confidentiality, and even for preventing counterfeiting of valuable IP.
Proven in over 150 million devices, SRAM PUFs can be added to any device either as a hardware or software implementation so they are the perfect way to protect the rapidly growing IoT.
Thank you all for watching. And look for more videos from Intrinsic ID.