Safeguarding IoT Devices With SESIP And PSA Certified Root Of Trust IP

How to reduce the potential hardware attack surface as increasingly powerful devices process more data in more places.


IoT is everywhere. By the end of 2024, it’s forecasted that there will be a staggering 207 billion IoT devices in the world, that’s 25 each for every human being on Earth. The connectivity of IoT devices brings great value for consumers and businesses alike, but with great connectivity comes greater vulnerability to a wide variety of malicious attacks from cyber criminals.

IoT devices are deployed in diverse environments, ranging from homes and cities to industrial settings, each presenting unique security challenges. If we look at smart home devices, some examples of security threats include: man-in-the middle attacks, where an attacker breaches, interrupts or spoofs communications between two systems; data and identity theft, where personal information is exploited for fraudulent financial transactions; and device hijacking, where an attacker hijacks and effectively assumes control of an IoT device.

Increasingly powerful silicon is at the nerve center of IoT devices, enabling them to collect, process, and transmit data. As IoT continues to evolve, prioritizing security at the chip level will be essential to harnessing the full potential of these devices while safeguarding the confidentiality, integrity, authenticity and availability of IoT systems.

A comprehensive approach to hardware-level security should include several key elements including secure boot, mutual authentication, and secure communication. Secure boot utilizes cryptographic code signing techniques, ensuring that a device only executes code generated by the device OEM or another trusted party. Use of secure boot technology prevents hackers from replacing firmware with malicious versions, thereby blocking an avenue of attack.

With mutual authentication, every time a smart home device connects to the network it should be authenticated prior to receiving or transmitting data. This ensures that the data originates from a legitimate device and not a fraudulent source. Security protocols such as TLS (Transport Layer Security), DTLS (Datagram TLS), EAP (extensible Authentication Protocol) and Kerberos use certificates and cryptographic algorithms for two-way authentication. Cryptographic algorithms, such as Hash-Based Message Authentication using Secure Hash Algorithms (SHA), use symmetric keys and the Elliptic Curve Digital Signature Algorithm (ECDSA) uses asymmetric keys.

Secure communication, or encryption, protects data in transit between a device and its service infrastructure (the cloud). Encryption ensures that only those with a secret decryption key can access transmitted data. For example, a smart thermostat that sends usage data to the service operator must be able to protect information from digital eavesdropping. The data plane part of the previously mentioned protocols typically uses the AES symmetric key algorithm for confidentiality protection.

Security evaluation standards have evolved to establish an objective basis of determining if chips and IP provide the requisite security to safeguard devices, key materials and data for the IoT market. GlobalPlatform offers the Security Evaluation Standard for IoT Platforms (SESIP), an optimized security evaluation methodology designed for IoT devices. In addition, Arm and its ecosystem partners have established the Platform Security Architecture (PSA) and a supporting evaluation and certification scheme: PSA Certified.

The Rambus RT-130 Root of Trust silicon IP core is SESIP Level 2 Certified and is a PSA Level 2 Certified RoT Component. Providing the hardware-level foundation for security enabling functions such as secure boot, secure execution of applications, tamper detection and protection, and secure storage and handling of keys, the Rambus RT-130 Root of Trust IP core has been designed with power and space-constrained SoCs or FPGAs in mind. It provides a variety of cryptographic accelerators including AES, SHA-2/3, RSA and ECC, True Random number generation and secure handling of keys and assets.

Selecting an IP core that has already been evaluated to meet market-specific security requirements can bring tremendous benefits when it comes to reducing time-to-market and security evaluation costs. In the case of the RT-130, Rambus can offer dedicated certification support packages to its licensees that provide related certification documentation, test scripts, and dedicated support to achieve FIPS 140-3, SESIP and PSA certification when embedded in an SoC or FPGA.

Additional Resources:

Leave a Reply

(Note: This name will be displayed publicly)