How to Make IoT Devices More Secure?
As exciting as the world of IoT may be, it comes with risks, particularly with regards to device and data security. In fact, one of the hardest tasks that IoT device designers face is enabling the security protocols and practices necessary to ensure that they’re creating products that are not only functional and valuable but safe to use.
Unfortunately, the security track record for many previous IoT devices is not good. We've undoubtedly all read or seen stories about costly network intrusions or other nefarious digital activities whose root cause ends up being traced back to some type of connected device with poor (or even no) security. The problem had become so bad that it inspired multiple governments around the world to create legislation demanding that digital devices adhere to certain security protocols.
The end result is an enormously complex patchwork of legal requirements and regulatory demands being placed on IoT devices that make it difficult for anyone to track. For IoT device makers—many of whom understand how challenging it is to enable good security in their devices—these legislative demands are essentially adding insult to injury.
But as frustrating and onerous as all the various regulatory requirements for IoT devices may be, the simple truth is they exist for a valid reason. Bringing connected devices into our homes and businesses unquestionably does increase the potential attack surface that hackers and other cybercriminals can leverage for things like ransomware and other dangerous outcomes. And many of the early IoT devices were so badly lacking in security capabilities that they probably shouldn’t be in active use anymore.
Thankfully, a number of companies and industry organizations have stepped up their efforts to create products, frameworks and certification programs to help IoT device makers navigate the often choppy waters of IoT security. The ioXt (Internet of Secure Things) Alliance, for example, has put together numerous device security profiles to help engineers and designers meet all the necessary requirements and follow security best practices for their devices. The organization consists of over 450 executives from more than 35 companies and includes Google, Amazon, Facebook (now Meta), T-Mobile, Comcast and Silicon Labs. In addition, chip IP industry leader Arm has created the PSA Certified program, a certification program that provides a security checkmark of approval across several different levels. Companies like Silicon Labs now seek these certifications to show their commitment; for instance their EFRxG21B SoCs with Secure Vault are the first chips in the world to achieve Arm PSA Level 3 certification – PSA Certified's highest level of IoT security protection. These and other efforts go a long way towards standardizing and improving security practices and implementations across a wide range of connected IoT devices.
Another benefit of these types of security profiles and certifications is that component makers can do the hard work of ensuring that their chips meet the necessary requirements and then device makers who choose to use those chips in their designs can “inherit” the benefits of their labor. So, for example, if a company builds a smart light bulb or other device using an ioXt or PSA-certified component, the majority of the work necessary to get the device certified is already done. All the device manufacturer needs to do is a simple delta certification against the existing ecosystem security profile for that device category and their work is done. Not only does this give the manufacturer the ability to market the benefits of their security capabilities, it ensures that end-users of the device will have better, safer experiences.
Part of the challenge that the IoT industry has faced is that requirements and expectations around security have shifted and matured a great deal over the past few years. One key example is the move to Zero Trust principles. While in the past, devices behind a gateway or firewall were presumed to be trustworthy, experience has shown that isn't the case. With Zero Trust-driven security practices, no devices are presumed to be trustworthy—regardless of their location on the network—and their device identity needs to be authenticated before they're allowed to join and send data over a network.
This type of profoundly different approach to security isn't something that many existing devices can easily adapt to. Instead, it needs to be built into the device (and the chips powering them) from the start. In order to address this need, companies have made enhancements to their manufacturing practices in order to enable this. Silicon Labs, for example, has started something they call CPMS (Custom Part Manufacturing Service) to securely provision chips with unique digital identities and digital certificates using their Secure Vault technology. These essentially function as a root of trust for the chip (and any device that uses it), allowing customers to provision their chips securely themselves before the chips even leave the factory. This way, customers have a footprint they can track throughout the entire chips' journey.
It's clear that IoT security challenges aren't going to be disappearing anytime soon, but it is good to see multiple efforts to make those issues surmountable.
- +1 Like
- Add to Favorites
This document is provided by Sekorm Platform for VIP exclusive service. The copyright is owned by Sekorm. Without authorization, any medias, websites or individual are not allowed to reprint. When authorizing the reprint, the link of www.sekorm.com must be indicated.
Recommend
EFR32BG22 Wireless SoC Enables IoT Devices to Operate 10+ Years on 1 Conin Cell Battery | Silicon Labs
2020-05-23 - New Product Introduction Equipped with an Arm® Cortex®-M33 core, BG22 SoCs achieve extremely low power levels while in an operational sleep state down to 1.4 µA. These devices are Bluetooth 5.2 compliant, support direction finding and low-power Bluetooth mesh networks and integrate enhanced security features such as Secure Boot with Root of Trust (RTSL).
The xG27 SoC Is Small (In Size) but Mighty for Connected Health Applications
2023-03-13 - Product Introduction Today, we’re excited to announce a new family of low-power SoCs that enables secure, energy-friendly multiprotocol wireless networking for IoT devices, the EFR32xG27, which includes the MG27, our multiprotocol SoC and the BG27, our Bluetooth LE SoC. The BG27 enables device makers to add high-performance and secure low-power Bluetooth LE on tiny form-factor devices, expanding the possibilities of smart connected medical devices and wearables.
Silicon Labs Low-Power Wi-Fi Ideal for Energy Efficient IoT Devices
2022-05-17 - Manufacturer News With widespread technology like Wi-Fi gaining traction with IoT devices, standalone or in a multiprotocol mode, it provides the immense potential to transform industries. Silicon Labs Low-Power Wi-Fi Ideal is used for energy-efficient IoT Devices.
EFR32MG1 Mighty Gecko Multi-Protocol SoC Family Data Sheet
June, 2022 - Datasheet
EFR32MG1P131F256GM48-C0,EFR32MG1B232F256GM48-C0,EFR32MG1B132F256GM48-C0,EFR32XG1P132F256GM32-C0R,EFR32MG1P233F256GM48-C0,EFR32MG1P232F256IM48-C0,EFR32MG1P132F256IM48-C0,EFR32MG1V132F256GM32-C0,EFR32MG1P231F256GM48-C0,EFR32MG1P132F256IM32-C0,EFR32MG1P232F256IM32-C0,EFR32MG1B132F256GM32-C0,EFR32MG1B232F256GM32-C0,EFR32MG1V132F256GM48-C0,EFR32MG1P132F256GM48-C0,EFR32MG1B232F256IM48-C0,EFR32MG1P233F256IM48-C0,EFR32MG1P232F256GM48-C0,EFR32MG1P133F256GM48-C0,EFR32MG1P232F256GM32-C0,EFR32MG1,EFR32MG1P132F256GM32-C0
EFR32MG27 Wireless Gecko SoC Family Data Sheet
August, 2023 - Datasheet
EFR32MG27C230F768IM32-B,EFR32MG27C140F768IM32-B,EFR32MG27,EFR32MG27C140F768IM40-B,EFR32MG27C230F768IM40-B,EFR32XG22,EFR32,EFR32MG27C140F768IM40-AR
查看更多版本
EFR32BG27 Wireless Gecko SoC Family Data Sheet
June, 2023 - Datasheet
EFR32BG27C230F768IM32-B,EFR32BG27C140F768IM32-B,EFR32BG27C320F768GJ39-AR,EFR32BG27,EFR32XG27,EFR32BG27C140F768IM40-B,EFR32BG27C230F768IM40-B
EFR32FG25 Gecko Wireless SoC Family Data Sheet
January, 2023 - Datasheet
EFR32FG25B111F1152IM56-B,EFR32FG25B222F1920IM56-B,EFR32FG25B121F1152IM56-B,EFR32FG25A111F1152IM56-B,EFR32XG2,EFR32FG25B221F1920IM56-B,EFR32FG25B222F1920IM56-BR,EFR32FG25B211F1920IM56-B,EFR32FG25A221F1920IM56-B,EFR32FG25A211F1920IM56-B,EFR32FG25A121F1152IM56-B,EFR32FG25 FAMILY,EFR32FG25B212F1920IM56-B,EFR32,EFR32FG25
查看更多版本
EFR32FG1 Flex Gecko Proprietary Protocol SoC Family Data Sheet
June, 2022 - Datasheet
EFR32FG1P133F256GM48-C0,EFR32FG1P132F128GM48-C0,EFR32FG1P131F256GM32-C0,EFR32FG1V032F256GM32-C0,EFR32FG1V132F256GM32-C0,EFR32FG1V131F32GM32-C0,EFR32FG1V132F64GM48-C0,EFR32FG1V131F256GM48-C0,EFR32FG1P131F64GM32-C0,EFR32FG1P131F256IM32-C0,EFR32FG1P132F64GM32-C0,EFR32FG1V131F128GM48-C0,EFR32FG1V131F32GM48-C0,EFR32FG1V131F64GM32-C0,EFR32FG1V032F128GM32-C0,EFR32FG1,EFR32FG1P132F64GM48-C0,EFR32FG1V132F128GM32-C0,EFR32FG1P131F128GM32-C0,EFR32FG1V132F256GM48-C0,EFR32XG1P132F256GM32-C0R,EFR32FG1P131F256GM48-C0,EFR32FG1V131F64GM48-C0,EFR32FG1V132F128GM48-C0,EFR32FG1P132F128GM32-C0,EFR32FG1P132F256GM32-C0,EFR32FG1P131F256IM48-C0,EFR32FG1P131F128GM48-C0,EFR32FG1V132F32GM32-C0,EFR32FG1P133F128GM48-C0,EFR32FG1P132F256GM48-C0,EFR32FG1V131F128GM32-C0,EFR32FG1P133F64GM48-C0,EFR32FG1P131F64GM48-C0,EFR32FG1V132F64GM32-C0,EFR32FG1V131F256GM32-C0,EFR32FG1V132F32GM48-C0
2507071655 SiWG917 SoC Data Sheet v1.1 and Errata v0.3 Release
2025/07/17 - Technical Documentation
SIWG917
查看更多版本
EFR32FG22E Wireless Gecko SoC Family Data Sheet
May, 2024 - Datasheet
EFR32FG22E121F512IM32-C,EFR32FG22E121F512IM40-C,EFR32FG22E121F512GM32-CR,EFR32FG22E
Electronic Mall
Integrated Circuits
Discrete Components
Connectors & Structural Components
Assembly UnitModules & Accessories
Power Supplies & Power Modules
Electronic Materials
Instrumentation & Test Kit
Electrical Tools & Materials
Mechatronics
Processing & Customization
