Page 10 - 23_EETE_03
P. 10
EMBEDDED WORLD 2023: SECURITY FOCUS
Anchoring Trust to
Enhance IoT Security
W ithout trust, there is no security, and anchoring trust
at the hardware level provides the foundation for all
secure operations of a computing system.
The ubiquity of internet-of-things devices gives
hackers more points of attack. The European Parliament Research
Service predicts that by 2031, there will be a new attack on a
consumer or business every two seconds, costing victims about
€251 billion a year.
The European Commission has placed cybersecurity at the top of
the list of priorities for the EU’s long-term budget. In September, the
EC presented a proposal for the Cyber Resilience Act that established
common cybersecurity rules to bring hardware and software products
to market with fewer vulnerabilities. This legislative initiative is part
of the EU’s “Path to the Digital Decade” for Europe’s digital transfor-
mation by 2030.
“When it comes to cybersecurity, Europe is only as strong as its
weakest link, be it a vulnerable Member State or an unsafe product
along the supply chain,” said Thierry Breton, commissioner for the
Internal Market. “Computers, phones, household appliances, virtual
assistance devices, cars, toys … each and every one of these hundreds
of million connected products is a potential entry point for a cyber-
attack. And yet today, most of the hardware and software products
are not subject to any cybersecurity obligations. By introducing
cybersecurity by design, the Cyber Resilience Act will help protect
Europe’s economy and our collective security.”
Meanwhile, the European Union Network and Information
Security Agency has documented the status of the standardization
process for post-quantum cryptography and introduced a framework
for analyzing existing quantum security solutions, categorizing them
into families and discussing their advantages and disadvantages.
With critical threats ever present and evolving, security never
sleeps. Why is post-quantum cryptography important now? What
can hardware-based security protect that software can’t? How is
hardware root of trust established? How can developers and opera-
tors guarantee system reliability over time? How secure are RISC-V
chips? How can developers ensure end-to-end security for embedded
systems?
The answers to these and other questions are central to identify-
ing and mitigating security risks continuously and comprehensively.
This Special Report relies on interviews with companies like
STMicroelectronics, Intrinsic ID, PQShield, Crypto Quantique, NXP
Semiconductors, Microchip Technology, Codasip, and ABI Research
to explore how hardware-level security can help protect data confi-
dentiality and integrity in IoT systems. ■
—Anne-Françoise Pelé, editor-in-chief of EE Times Europe
IMAGE: SHUTTERSTOCK
