You are here

Secure Provisioning a Necessary “Provision” for Your IoT Journey | Cypress Semiconductor

Secure Provisioning a Necessary “Provision” for Your IoT Journey

Back in the American “Old West,” settlers wouldn’t set off on a lengthy journey without the proper provisions at hand. Uncertain of weather and road conditions ahead, they packed plenty of food and supplies, making sure they were well prepared to get their covered wagons from one town to the next.

In a similar way, makers of IoT devices must prepare themselves to deal with complex issues as they set off to build products for the market. These include such things as connectivity, power management, monetization, and even choosing the right ecosystem partner for connecting to the cloud. But perhaps the biggest roadblock they will face is security.

Security is an end-to-end proposition that impacts the entire lifecycle of a product—and, it is only as strong as its weakest link. Undoubtedly, there are extra costs to secure an IoT product, but not securing a product is likely to cost a company so much more, from a tarnished reputation to bankruptcy.

To securely manufacture an IoT device, keys must be installed securely in the MCU, stored securely, and made accessible only to trusted software. The equipment required for provisioning secure MCUs follows custom software programming protocols in secure facilities that are expensive to maintain. Only companies producing millions of units could justify such a capital outlay.

Cypress’ secure provisioning capabilities gives manufacturers the same standard of security in provisioning that payment card manufacturers enjoy. The platform consists of three elements: the PSoC® 64 Secure MCU, The SentriX™ security provisioning platform from Data I/O, and access to secure programming facilities from Arrow Electronics. This cryptographically secured solution can be offered to low-volume device makers at a fraction of the cost of custom provisioning processes, because equipment and facilities expenses can be shared.

Using unique authentication software built into every Cypress PSoC 64 Secure MCU, the SentriX programming equipment can validate the authenticity of each PSoC 64 unit before programming secure firmware into it. This eliminates the need for custom authentication protocols. Additionally, Arrow’s secure programming facility uses a standard programming and key-generation process for every customer’s PSoC 64-based product. If we cryptographically bound the identity to customers during manufacturing, rather than in the supply chain, each order would require a minimum order quantity (MOQ) and be non-cancellable. PSoC 64 provisioning eliminates this business challenge.

This secure provisioning solution protects against cloning and malicious software programming. If an attempt were made to program a PSoC 64 device with unauthorized equipment or firmware, the PSoC 64 would reject it. Likewise, cloning or counterfeiting is impossible because user code is stored in Arrow’s secure programming facility.

If you’re like most engineers, your IoT product development journey is sure to be riddled with plenty of surprises and uncertainty. As you hitch up your team, be sure your provisions include a solution for secure provisioning, such as the one described above. For more information about PSoC 64, please visit us at www.cypress.com/PSoC64.

ALL CONTENT AND MATERIALS ON THIS SITE ARE PROVIDED "AS IS". CYPRESS SEMICONDUCTOR AND ITS RESPECTIVE SUPPLIERS MAKE NO REPRESENTATIONS ABOUT THE SUITABILITY OF THESE MATERIALS FOR ANY PURPOSE AND DISCLAIM ALL WARRANTIES AND CONDITIONS WITH REGARD TO THESE MATERIALS, INCLUDING BUT NOT LIMITED TO, ALL IMPLIED WARRANTIES AND CONDITIONS OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT OF ANY THIRD PARTY INTELLECTUAL PROPERTY RIGHT. NO LICENSE, EITHER EXPRESS OR IMPLIED, BY ESTOPPEL OR OTHERWISE, IS GRANTED BY CYPRESS SEMICONDUCTOR. USE OF THE INFORMATION ON THIS SITE MAY REQUIRE A LICENSE FROM A THIRD PARTY, OR A LICENSE FROM CYPRESS SEMICONDUCTOR.

Content on this site may contain or be subject to specific guidelines or limitations on use. All postings and use of the content on this site are subject to the Terms and Conditions of the site; third parties using this content agree to abide by any limitations or guidelines and to comply with the Terms and Conditions of this site. Cypress Semiconductor and its suppliers reserve the right to make corrections, deletions, modifications, enhancements, improvements and other changes to the content and materials, its products, programs and services at any time or to move or discontinue any content, products, programs, or services without notice.