Page 27 - EE Times Europe Magazine

Page 27 - EE Times Europe Magazine | April2019

P. 27

EE|Times EUROPE 27

INTERNET OF THINGS
IoT Security Requires ‘Multi-Tiered

Approach,’ Says ST’s Scarlatella

By Maurizio Di Paolo Emilio

he IoT ecosystem has undergone secure industrial IoT is developing a multi- number of access points for a possible attack
explosive growth, thanks to the rapid tiered approach where all parts of the system on the corporate information system.
proliferation of voice assistants and are watching and protecting each other from “An important security factor in accelerating
T connected devices (such as intelligent attempts to break the system. the growth of the IIoT is giving the ultimate
thermostats and security cameras) and even “As a chip company, ST has gotten pretty customer the confidence that their systems
intelligent infrastructure. Today, connected good at securing the information on, and and valuable user data are extremely well-pro-
devices are integrated into critical manage- the operation of, our chips. As developers tected from intrusion,” said Scarlatella. “With
ment systems for air traffic control, energy introduce their own programs and start con- our Secure GP MCUs and Secure Elements and
networks, environmental controls, and many necting these chips to others, the potential the ecosystem around them, we give designers
other high-value systems. for new vulnerabilities increases. Therefore, and our customers a set of tools they can use
As connected devices on the internet of as a system is only as good as its weakest to build these kinds of systems.
things become even more widespread, safety security, it is critical that developers recog- “With the STM32Trust initiative, we
becomes a central issue. This will inevita- nize the importance of security, build their provide a complete set of cryptographic
bly lead regulators to insist that developers systems with secure components, and follow libraries — reference components to build a
respond accordingly with appropriate security industry best practices.” secure software update system. We pay strong
measures for a consumer audience increas- But the rise of the IoT has also been attention to certification, such as the Arm
ingly aware of the positive and negative accompanied by a dizzying increase in PSA [Platform Security Architecture] and
aspects of ubiquitous connectivity. cyberattacks, with malicious users trying SESIP [the Security Evaluation Standard for
IoT devices are used to acquire, process, to exploit vulnerabilities in devices man- IoT Platforms].
and transmit data and to control processes. ufactured with little or no cybersecurity “That said, while we continue to reduce
They are designed for everyday use by con- protection. Increasing the number of devices the risks, security comes at a price, whether
sumers, who, attracted by the innovation and connected to the network also increases the that price is in convenience and usability
many features of these products, or in cost,” he added. “And
often undervalue the security unfortunately, the truth is that a
aspects. This becomes worrisome secure system almost always has
for an industrial vision in which a higher upfront cost than one
security is important both for the without security — until you’ve
physical safety of workers and for had a serious problem. In the
safeguarding production against longer term, the reduced liability
tampering. With the ubiquitous and secure product upgrades will
connectivity of the IoT, the bring their benefits.”
concern over potential breaches The IoT market represents an
extends beyond data collection, extraordinary opportunity for all
data sharing, and tampering by products that integrate a sensor,
third parties to the possibility processor, and connectivity
that malicious parties can “take functions: portable or mobile
control” of connected objects. devices, along with solutions
“Security is now, and has for entertainment, automotive,
always been, a moving target,” agriculture, energy, health care,
said Michele Scarlatella, director industry, and much more. The
at Strategy, Technology, & type of processing used within
Systems Architecture in the the devices is strongly influ-
Microcontrollers and Digital ICs enced by the feedback needed
Group at STMicroelectronics. for the target application. For
“As the industry develops more example, some smart processors
and better ways to protect data perform a limited amount of
and systems using offensive, processing on simple data sets,
defensive, and observational such as temperature, humid-
measures, the bad guys continue ity, or pressure. Others, more
to find ways to bypass or break complex, are required to handle
the protections. While we’ve high-resolution audio or video
developed the capabilities for an data, to correlate environmental
incredible level of protection, information with self-learning
that level presents challenges in databases, or to communicate
convenience, usability, and cost. within distributed mission-
“Ultimately, the key to a truly Figure 1: STM32MP1 block diagram (Image: STMicroelectronics) critical networks.

www.eetimes.eu | APRIL 2020

22 23 24 25 26 27 28 29 30 31 32