Will Holograms Help Secure the IoT? One Company Thinks So


Even as more and more reports are surfacing highlighting the growing “attack surface” associated with the expansion of the IoT, security solutions are being created that are not only outside the box (for example use of blockchain technologies) but outside our current sphere of definitions when it comes to keys and encryption.

Trustonic has, according to their data, provisioned security keys into over 1.2 billion devices to date. Their provisioning of devices embeds a “Root of Trust” which verifies each and every message coming from each and every specific device, and earlier this month announced an extension of their core technology with “Digital Holograms™.”

Richard Hayton, CTO of Trustonic explained these holograms enable web services to determine the full lifecycle of an IoT device, to discern its authenticity and rights to access the cloud service. “These holograms extend our key provisioning scheme, adding an extra aspect of defense through more granular root of trust personalization.”

When we asked why the current approach isn’t enough, Hayton explained that the IoT ecosystem is young and fragmented, and that traditional security is hard. Unless you make security simple, many manufacturers will simply attempt to do without.

“The Root of Trust and X.509 certificate are sufficient to secure one-time events, for example that the device was produced in a trusted factory with a key injected, but due to the complexity of its value chain, IoT requires more sophistication.  However, in IoT applications, the same basic chip design or low-level module may be used in countless different devices from different manufacturers.”

This makes sense, particularly given the growing, dynamic IoT ecosystems fueling the maturation of large-scale, commercially viable IoT systems.

“For IoT, attestation of a whole series of manufacturing events is required,” Hayton said, “not just attestation of a single event.”

Curious about the choice of the word hologram, which many of us associate with virtual humans created through the transmission of dimensional light, Paul Butterworth, Strategic Marketing Director at Trustonic explained, “Holograms have long been used to verify the authenticity of physical products, like credit cards, and more. Holograms provide a literal multidimensional identity; our Digital Holograms do the same thing, adding layers of security beyond the initial key.”

In summary, Digital Holograms are secure serial numbers, which are distributed by Trustonic to OEMs, ODMs and others in the device manufacturing and distribution worlds, to represent a specific manufacturing or lifecycle event. They are later associated with a particular device.

For example, to record that a device has been assigned a specific model number, has passed through a QA process or been recalled or serviced, the product manufacturer can then add a new Digital Hologram.

Digital Holograms are injected into the device during the manufacturing process and are stored securely. For example, on an ARMv8-M based device, they would typically be stored in a region of the flash protected by TrustZone. They are chained together it a blockchain, to prevent anyone from tampering with a. device’s history.

Can Digital Holograms be stolen or otherwise breached?

According to Hayton, “Digital Holograms are single use only, and once they are bound to a specific device they are cryptographically protected against re-use or theft.

Multiple Digital Holograms can be embedded in the original manufacturing process, or at another point in the subsequent lifecycle. “What makes this approach different is that it solves for individual events,” Hayton said. “We’ve worked closely with smart product manufacturers and their partners to even solve for quality assurance in the security process. If a step is missed, for example, due to IP theft or overproduction, the faulty / counterfeit devices will miss one or more of the required Digital Holograms and the omission can easily be detected – either during a later stage of production or once the device is deployed in the field.”

Trustonic has also taken compliance into consideration; as pathways are lit up, the journey a device takes from inception to provisioning is recorded, enabling auditing with clear evidence and reporting.

Trustonic maintains meta data on all devices and Digital Holograms and can report back to the web service to confirm the series of manufacturing and lifecycle events that the device went through.

“The attestation message is cryptographically linked to a custom payload which enables the device to not only attest that it is genuine, but also that a specific message originated from it,” Hayton explained, “which we believe is completely unique to the market.”

The company continues to demonstrate how devices can automatically enroll with an AWS web service, for example, using attestation to prove the AWS Certificate Signing Request originated from a legitimate device, which triggers a corresponding TLS certificate to be automatically provisioned.

This was demonstrated on devices using both an ARM Cortex-A9 processor (the ARTIK 530) and an ARM Cortex-M23 processor (the Nuvoton M2351).

“We’re very active across any number of IoT security initiatives, building on our success in locking down smartphones and other pre-IoT endpoints,” Hayton said. “We’re leveraging the blockchain and see it as a significant advance, particularly when it comes to securing ecosystems where data is shared with many systems through APIs. We’re also confident that we are now aligned with the ‘silicon economics’ of consumer and industrial IoT. As the ecosystem scales up into millions and billions of end-points, the pricing of the tech that brings trust must work from a business perspective, to ensure smart end-points with affordable sensors, chips and software licensing models can be mass produced.” 

Edited by Ken Briodagh
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

Contributing Writer

Related Articles

From Semtech and Connected Development, the XCVR Development Board and Reference Design for IoT

By: Alex Passett    6/2/2023

Based on Semtech's LoRa SX126x Series, the XCVR Development Board and Reference Design simplifies design processes and reduces time-to-market for IoT …

Read More

At the KORE of Sustainability: Actioning Environmental Improvements in IoT

By: Alex Passett    6/1/2023

For KORE, smaller packaging means a decrease in plastic carbon emissions. This is just one measure KORE is taking to improve sustainability measures i…

Read More

ESG in IoT: Semtech Furthers Commitments to Global Sustainability

By: Alex Passett    6/1/2023

Semtech recently released its inaugural Corporate Sustainability report, detailing its operational impacts and how they affect sustainably supply chai…

Read More

Laird Connectivity Sensors and Iridium Edge Solar: A Partnership for Asset Ecosystems in IoT

By: Alex Passett    5/30/2023

Iridium Communications and Laird Connectivity are integrating respective technologies to enable longer-term IoT asset tracking, monitoring and managem…

Read More

A New Series of Versatile LoRaWAN Modules from Laird Connectivity

By: Alex Passett    5/30/2023

Laird Connectivity revealed its RM126x series of LoRaWAN (Long Range Wide Area Network) modules for customers looking for uncomplicated ways to improv…

Read More