- Thierry Spanjaard
IoT complexity should not threaten security
The Internet of Things is at the center of everyone’s hopes as well as concerns now! No one doubts any more about the development of the IoT market, as can be witnessed by their numerous applications. At the same time, the multiplication and the diversity of IoT devices triggers an exponential growth of security threats. The SIM concept has demonstrated for decades that it was able to deliver the most suitable combination between security and cost to the telecom industry. Now, the secure transactions industry is at work structuring its answers to the need of security for the IoT market.
Variety of designs, from hardware to software
G+D Mobile Security in a partnership with SIMCom, announces a reference design for safe automotive telematics control units that supports the mutual authentication of vehicle and cloud services in order to prevent cyber criminals from taking control of the car while driving. The reference design combines SIMCom's SIM 7800 LTE module, developed for the automotive industry, with the integrated Sm@rtSIM CX 97 In-car eSE security element by G+D Mobile Security.
Idemia covers consumer and industrial IoT, delivering its M2M SIM card that saves power consumption and extends battery life, combined with strong authentication. Idemia partners with Sierra Wireless to demonstrate energy saving and security in line with IoT evolution and standards. Idemia claims having the most innovative LPWA solutions with the lowest power consumption on the market, in order for IoT devices deployed now to run on battery for more than 10 or 15 years on 4G and 5G networks.
Tiempo Secure, a semiconductor expert focusing on high-end secure products, introduces its CC EAL5+ grade Secure Element IP, which brings to SoCs (System on Chip) the same functionality as a discrete eSIM. Tiempo’s hardware IP macros bring to SoC designers the ability to include eUICC or eSIM functions directly in their design, while having the same set of countermeasures (in software, hardware logic and hardware layout) as a dedicated hardware eSIM.
As a physical eSIM is not always a solution adapted to all market demands, Trusted Objects, a specialist in IoT security, is expanding its offer with its TS Defender secure software solution. Trusted Objects’ TS Defender is a secure software library for generic MCU that provides enhanced security on LPWANs. This software solution implements software countermeasures against the most common physical side-channel attacks.
Focus is on remote management
Unsurprisingly, the eSIM is indeed the solution to bringing security to the IoT world and the needed remote management functions lead to an increasing complexity. The GSMA has issued a “Remote Subscription Provisioning” specification covering these aspects.
Gemalto’ focus on the IoT Device Lifecycle Management goes though the company’s offer to embed its device lifecycle management features "as-a-service" into Cinterion® modules and terminals . Unique device identities, strong authentication, end-to-end encryption and secure data storage are key elements to provide the needed level of security while minimizing interventions. Gemalto’s remote management of M2M modules and terminals includes secure remote updates to ensure that only trusted software can run on IoT devices.
G+D Mobile Security announces its partnership with Arm to provide GSMA-compliant remote provisioning and management of mobility provider data and the ability to transfer IoT device profiles using eSIM. G+D Mobile Security's eSIM management solution enables secure activation, provisioning, management and deactivation of eSIM profiles on mobile devices. The solution includes SM-DP (Subscription Manager - Data Preparation) and SM-SR (Subscription Manager - Secure Routing) services, that will enable Arm not only to onboard mobile network operators worldwide and provide subscriptions, but also to download and activate profiles through the Arm® Pelion™ IoT platform.
achelos IoT introduces its solutions for eSIM subscription management in consumer and IoT devices as well as new GSMA services to assess and to improve the security of IoT systems according to GSMA guidelines. Achelos offer includes a fully automated lifecycle management of connectivity in IoT devices, from service bootstrap to end-of-life along with SM-DP+ which covers Data Preparation and SM-DS, for Discovery Server products.
The IoT business is booming, its complexity is exponential. Our answer to its security needs has to be hyperexponential.