Will Holograms Help Secure the IoT? One Company Thinks So


Even as more and more reports are surfacing highlighting the growing “attack surface” associated with the expansion of the IoT, security solutions are being created that are not only outside the box (for example use of blockchain technologies) but outside our current sphere of definitions when it comes to keys and encryption.

Trustonic has, according to their data, provisioned security keys into over 1.2 billion devices to date. Their provisioning of devices embeds a “Root of Trust” which verifies each and every message coming from each and every specific device, and earlier this month announced an extension of their core technology with “Digital Holograms™.”

Richard Hayton, CTO of Trustonic explained these holograms enable web services to determine the full lifecycle of an IoT device, to discern its authenticity and rights to access the cloud service. “These holograms extend our key provisioning scheme, adding an extra aspect of defense through more granular root of trust personalization.”

When we asked why the current approach isn’t enough, Hayton explained that the IoT ecosystem is young and fragmented, and that traditional security is hard. Unless you make security simple, many manufacturers will simply attempt to do without.

“The Root of Trust and X.509 certificate are sufficient to secure one-time events, for example that the device was produced in a trusted factory with a key injected, but due to the complexity of its value chain, IoT requires more sophistication.  However, in IoT applications, the same basic chip design or low-level module may be used in countless different devices from different manufacturers.”

This makes sense, particularly given the growing, dynamic IoT ecosystems fueling the maturation of large-scale, commercially viable IoT systems.

“For IoT, attestation of a whole series of manufacturing events is required,” Hayton said, “not just attestation of a single event.”

Curious about the choice of the word hologram, which many of us associate with virtual humans created through the transmission of dimensional light, Paul Butterworth, Strategic Marketing Director at Trustonic explained, “Holograms have long been used to verify the authenticity of physical products, like credit cards, and more. Holograms provide a literal multidimensional identity; our Digital Holograms do the same thing, adding layers of security beyond the initial key.”

In summary, Digital Holograms are secure serial numbers, which are distributed by Trustonic to OEMs, ODMs and others in the device manufacturing and distribution worlds, to represent a specific manufacturing or lifecycle event. They are later associated with a particular device.

For example, to record that a device has been assigned a specific model number, has passed through a QA process or been recalled or serviced, the product manufacturer can then add a new Digital Hologram.

Digital Holograms are injected into the device during the manufacturing process and are stored securely. For example, on an ARMv8-M based device, they would typically be stored in a region of the flash protected by TrustZone. They are chained together it a blockchain, to prevent anyone from tampering with a. device’s history.

Can Digital Holograms be stolen or otherwise breached?

According to Hayton, “Digital Holograms are single use only, and once they are bound to a specific device they are cryptographically protected against re-use or theft.

Multiple Digital Holograms can be embedded in the original manufacturing process, or at another point in the subsequent lifecycle. “What makes this approach different is that it solves for individual events,” Hayton said. “We’ve worked closely with smart product manufacturers and their partners to even solve for quality assurance in the security process. If a step is missed, for example, due to IP theft or overproduction, the faulty / counterfeit devices will miss one or more of the required Digital Holograms and the omission can easily be detected – either during a later stage of production or once the device is deployed in the field.”

Trustonic has also taken compliance into consideration; as pathways are lit up, the journey a device takes from inception to provisioning is recorded, enabling auditing with clear evidence and reporting.

Trustonic maintains meta data on all devices and Digital Holograms and can report back to the web service to confirm the series of manufacturing and lifecycle events that the device went through.

“The attestation message is cryptographically linked to a custom payload which enables the device to not only attest that it is genuine, but also that a specific message originated from it,” Hayton explained, “which we believe is completely unique to the market.”

The company continues to demonstrate how devices can automatically enroll with an AWS web service, for example, using attestation to prove the AWS Certificate Signing Request originated from a legitimate device, which triggers a corresponding TLS certificate to be automatically provisioned.

This was demonstrated on devices using both an ARM Cortex-A9 processor (the ARTIK 530) and an ARM Cortex-M23 processor (the Nuvoton M2351).

“We’re very active across any number of IoT security initiatives, building on our success in locking down smartphones and other pre-IoT endpoints,” Hayton said. “We’re leveraging the blockchain and see it as a significant advance, particularly when it comes to securing ecosystems where data is shared with many systems through APIs. We’re also confident that we are now aligned with the ‘silicon economics’ of consumer and industrial IoT. As the ecosystem scales up into millions and billions of end-points, the pricing of the tech that brings trust must work from a business perspective, to ensure smart end-points with affordable sensors, chips and software licensing models can be mass produced.” 

Edited by Ken Briodagh

Contributing Writer

Related Articles

IoT Partner Programs Switching to Renewable Energy Markets

By: Greg Tavarez    5/26/2022

IoT edge-cloud and big data suppliers partnering with the partner program parents in the renewable energy and utility sector are expected to increase …

Read More

Microsoft Named Global IoT Platform of the Year

By: Greg Tavarez    5/26/2022

Frost and Sullivan recently recognized Microsoft with the Global IoT Platform of the Year Award for 2021 for its overall performance in the IoT indust…

Read More

The Promise of IoT: Unlimited Actionable Data

By: Erik Linask    5/25/2022

The promise of IoT is to be able to use anything and everything as a source of data, bring it together and turn it into actionable results .

Read More

How Are Executives Reacting to Supply Chain Challenges?

By: Greg Tavarez    5/25/2022

Blue Yonder's "2022 Supply Chain and Logistics Executive Survey" found 88% of businesses faced supply chain disruption over the last year.

Read More

KORE Opens New Facility to Support Growth of Managed IoT Business

By: Greg Tavarez    5/25/2022

KORE's new Pittsford location will be vital to the growth of KORE's IoT managed services, especially in the connected health industry, a growing IoT i…

Read More