Dr. Martin Scott, the senior VP and GM of Rambus’ Cryptography Research Division, recently participated in a Silicon Summit Internet of Things (IoT) panel hosted by the Global Semiconductor Alliance (GSA). Additional speakers included Rahul Patel of Broadcom, James Stansberry of Silicon Labs and Gregg Bartlett of Globalfoundries.
“The industry has undergone significant changes over the past 30 years. We now live in an exciting new world, one where everything is connected, with 50 billion connected devices expected by 2020,” Scott told conference attendees.
“However, it is important for us to address the inevitable security vulnerabilities that go along with the rapid deployment of smart edge nodes and sensors. According to IDC, 90% of all IT networks will have an IoT-based security breach within two years.”
To make matters worse, says Scott, there is fresh motivation for those seeking IoT-related vulnerabilities.
“Money, greed and the desire for power are some of the usual suspects, although there are also people who are interested in exploiting security vulnerabilities and causing national harm as a way to express an ideology,” he continued. “The good news? Silicon, in the form of a hardware-based root-of-trust, can go a long way in helping to secure the IoT.”
As Scott notes, all endpoints are not created equal.
“Obviously, a refrigerator isn’t analogous to critical national infrastructure such as a power grid or pumping station. Nevertheless, the security of any complex system is defined by its weakest link,” he explained. “Imagine if someone gained unauthorized access to a home WiFi network via a smart refrigerator or washing machine. Once on the network, an attacker could theoretically assume control of a wide range of sensitive devices and systems, including pacemakers, insulin pumps and even connected cars.”
If a system relies on software, says Scott, it is inherently hackable. In contrast, a hardware-based approach, such as one offered by Rambus’ CryptoManager, is one of the most secure ways to protect sensitive keys, data and infrastructure. As we’ve previously discussed on Rambus Press, CryptoManager was designed to bolster both efficiency and security at the very beginning of the supply chain.
Indeed, the CryptoManager Security Engine can best be described as a silicon core integrated into a SoC that provides a hardware-based root-of-trust for the secure provisioning, configuration, keying and authentication of SoCs during chip and device manufacturing.
Meanwhile, the CryptoManager Infrastructure includes hardware appliances to automate and secure in-factory operations for the protection, distribution and authorization of cryptographic keys at all levels of the chip manufacturing processes.
In addition to helping address security needs for advanced mobile devices, CryptoManager enables a number of features, including dynamic provisioning for cost effective device personalization. Simply put, CryptoManager provides a single UI across factory locations, real-time visibility into operations and remote feature activation.
This means chip and handset makers can meet device personalization demands, reduce operating costs and accelerate time-to-market. Mobile device manufacturers can also more efficiently align the IC supply chain with future demand for diverse smartphone features – all while ensuring the security of secret keys and sensitive data.
Interested in learning more about CryptoManager? You can check out our official product page here, read a recent IDC analysis about the platform here and browse our CryptoManager article archive here.