Secure Thingz, vendor of device security, embedded systems and lifecycle management, announced Wednesday that it is bridging the security gap in the IoT market by making security solutions easier to implement, starting with availability of its Embedded Trust and C-Trust software tools.
Building in security from the start of the design process is acknowledged as the optimal approach to tackling security challenges, and it starts with the creation of a security context that defines the application security.
Embedded Trust is a security development environment, which simplifies the configuration of security, from the root of trust and key storage for a connected device to the creation of security profiles and projects. It leverages the secure hardware created by silicon providers, such as Microchip, Renesas Electronics, NXP Semiconductors and Cypress, to provide low-level trust anchors and secure services needed for IoT solutions.
Last year, Secure Thingz was acquired by IAR Systems Group AB and focuses on delivering advanced security solutions into the emerging industrial Internet of Things, critical infrastructure, automotive and other markets. The Secure Deploy architecture has been developed to solve the major security issues challenging the IoT. Secure Thingz solutions ensure a cost-efficient root of trust in low-cost microcontrollers to deliver a core set of critical services through the product lifecycle, alongside secure deployment, production and update infrastructure.
Implementation of good security has traditionally been a challenge as it is not a core competency of most developers. With that in mind, Secure Thingz and IAR Systems are introducing C-Trust, a new product that streamlines security implementation by making it part of a developer’s existing workflow.
Extending security implementation from Embedded Trust to every application developer, C-Trust is offered as an extension to embedded development toolchain IAR Embedded Workbench. The integration enables designers to include security development as part of their day-to-day development workflow and more easily implement “security from inception” into their IoT device design.
To address these next-generation security requirements, Embedded Trust delivers a set of security features and capabilities at the inception of the project, including secure device support leveraging hardware trust anchors; integrated identity, ownership and certificate management, scalable Secure Boot Manager enabling secure lifecycle management; secure deployment with integrated manufacturing mastering; and release management with versioning and update infrastructure.
Embedded Trust enables companies to define how their certificate hierarchies will span across multiple product ranges, while enabling the creation of a product device framework that can be dynamically resolved and injected at manufacturing time. It enables customization of a Secure Boot Manager to achieve the level of security suitable necessary for all kind of device applications.
C-Trust enables application developers to deliver code that is secured and encrypted. The development team leverages C-Trust to import the organization’s security configuration profile, without potentially compromising it.
By enabling security implementation into the workflow and supporting the hardware of various semiconductor providers, the Secure Thingz solutions gives choice to the device companies and their developers to define the security that is best suited for their intended application. This approach will lead to a more secure IoT.
“More and more companies are recognizing that the continued growth and success of the IoT market is predicated on a need for increased, scalable security,” said Haydn Povey, founder and CEO of Secure Thingz. “With Embedded Trust, we are providing a state-of-the-art security solution, then making it easier for developers to implement through C-Trust. Leveraging the expertise of Secure Thingz, IAR Systems and leading semiconductor companies, we are building a secure and sustainable future for connected devices, and transforming an entire industry.”
Currently, a lack of strong security is seen as inhibiting broader proliferation and adoption of IoT devices. According to ABI Research, by 2022, an estimated 70 percent of the world’s 57 billion connected devices will be targeted for the IoT, yet today, less than four percent of new devices have embedded security. Furthermore, the huge lack of availability of software developers with cybersecurity skills continue to limit the availability of solutions, better tools and infrastructure for the engineering majority to leverage.
“With the rapid proliferation of IoT nodes, the pressure on time to market leaves customers limited opportunity to sufficiently explore their options for security,” said Rod Drake, vice president of Microchip’s MCU32 business unit. “Microchip recognizes customers have scalable requirements when it comes to securing applications, and we are working with them to integrate security early in the design cycle. Our partnership with Secure Thingz eases and expedites the security design process for customers.”
“Security is the biggest design challenge facing our customers today. Designing a reliable and secure complex embedded system brings many challenges, and companies will increasingly need to make security a foundation of their product and design philosophy,” said Daryl Khoo, vice president of Product Marketing, IoT Platform Business Division, Renesas Electronics Corporation. “The Renesas and Secure Thingz partnership actually starts with having robust, safe and secure MCUs from Renesas, along with Secure Thingz solutions to help our customers accelerate IoT growth by enabling collaboration across the supply chain for easier delivery and implementation of secure, embedded applications through an end-to-end solution.”
“The internet is changing the way we interact with devices, and NXP wants to ensure our customers are prepared with everything they need to develop smart, connected and secure things for the IoT,” said Joe Yu, vice president and general manager, Low-power MPU and MCU product lines at NXP. “NXP’s end-to-end portfolio, insight and partner ecosystem empower our customers to design cutting-edge solutions. NXP is committed to enabling secure connections for a smart world, and we are pleased to work with Secure Thingz to make security easier to implement.”
