Connection Makes the World Better

Home » Products » Resources » Add a Secure Element to Build Edge-to-Cloud Security into an IoT Design

Add a Secure Element to Build Edge-to-Cloud Security into an IoT Design

September 13, 2019

Cybersecurity remains a universal problem in the design and deployment of any system connected to the public Internet. In the Internet of Things (IoT), security problems are particularly acute as users begin to question the ability of connected devices to securely support applications in smart homes, smart factories, or smart cities. Yet, in facing tighter delivery schedules, IoT device developers often feel they cannot afford the device resources, much less the additional time needed in the past to implement the extensive set of capabilities required for an effective security solution.

Semiconductor vendors are helping to strike a balance by providing easier to deploy security solutions. This article will discuss the problem of security before introducing one such solution from NXP Semiconductors, namely the EdgeLock SE050 secure element (SE). It will then show developers how to use this single-chip device to rapidly implement edge-to-cloud security in their IoT devices.

The IoT security problem
Poorly secured IoT devices have unfortunately proven to be an attractive target for cyberattacks. Once compromised, devices can yield confidential user data as well as provide valuable information needed to build counterfeit copies of the devices. Hackers can also use these exposed devices to create greater havoc, penetrating more deeply into networks to reach other connected devices, systems, and enterprise resources. As a result, the effects of compromised IoT devices ripple through the multiple layers of the IoT hierarchy, even threatening public safety in emerging IoT applications like building automation, industrial systems, transportation, and medical devices.

For developers expected to deliver more efficient IoT designs, security can come as an unwelcome addition to a growing list of requirements already dominated by demand for higher performance and lower power consumption. In fact, effective security depends on a growing list of requirements needed to mitigate threats extending from the edge to the cloud.

Applied in isolation, even familiar techniques such as encryption and authentication are insufficient on their own. IoT security needs to be built on a root of trust designed to ensure that security mechanisms and protocols are protected from compromise. At the same time, security methods increasingly need to be applied at finer granularity to protect not only connections between IoT devices, but also connections between components of an individual IoT design.

The NXP EdgeLock SE050 SE is designed specifically to provide the range of security mechanisms and protocols needed to build edge-to-cloud security into IoT devices.

Robust security solution
Designed as a turnkey solution for IoT device security, the NXP SE050 builds upon NXP’s extensive experience in smart card security to provide a hardware root of trust for IoT designs. The device combines a dedicated microcontroller and secure credential storage with a software stack built on the Java Card OpenPlatform (JCOP) smart card operating system (OS). Independently certified up to the OS level at the Common Criteria (CC) Evaluation Assurance Level (EAL) Level 6 augmented (EAL 6+), the SE050 operating platform offers a rare level of assurance for operation in high threat environments (Figure 1).

  • Categories





  • 0