As cybercriminals find new ways to gain access to devices, new secure embedded hardware can block their points of entry.
In the ongoing push for more secure IoT devices and applications, the hardware choices for embedded security are growing dynamically.
ABI Research forecasts shipments for secure hardware serving digital authentication and embedded security will reach 5.3 billion by 2024, double the number of shipments in 2019.
Michela Menting, Digital Security Research Director at ABI Research, explains:
“Hardware-based security offers better protection from manipulation and interference than its software-based counterpart because it’s more difficult to alter or attack the physical device or data entry points. Yet, less than 10% of IoT devices are currently being protected with hardware security.”
Fortunately, hardware security technology development is accelerating rapidly, and the technologies being adopted today in IoT markets come in a range of form factors. Some are adapted from existing security solutions, such as Trusted Platform Modules (TPMs) and Trusted Execution Environments (TEEs), NFC embedded Secure Elements and Authentication ICs, while others are emerging from IoT market demand, such as embedded SIM and Secure Microcontrollers.
This range provides OEMs a choice in security feature sets that can be adapted to their specific use cases. Higher-level security demands will likely incorporate TPMs or TEEs (e.g. for automotive) to manage encryption keys or run secure operating systems. Conversely, for devices that only need basic security functionalities, an eSIM or authentication IC (e.g. consumer devices) for a simple identifier or for brand protection purposes should suffice.
“Certainly, this dynamism means there is plenty of opportunity in the market for new secure hardware technologies targeted at the IoT. The emergence of iSIM, secure microcontrollers with TEE functionality, and even hybrid dual-core micro and application processors are a testament to the growing demand for embedded security, comments Menting.”
To corner the market on these new technologies, vendors are competing aggressively to offer a slew of complimentary development and connectivity services, allowing faster R&D processes and cutting go-to-market timeframes. The focus of these services is to provide seamless and interoperable links with third parties further down the value chain, such as IoT enablement platform and cloud providers.
The efforts in R&D in technology advancement for hardware security for the IoT has been driven in large part by companies such as NXP, Infineon, STMicroelectronics, Renesas, Arm, Qualcomm, Samsung, Intel, Microchip, Maxim, Nuvoton, MediaTek, Texas Instruments, Gemalto, G+D, IDEMIA, Rambus, Synopsis, Silex IP, MIPS, Intrinsic ID, and Kudelski IoT Security, among others.
“Embedded security technologies provide an effective anchor from which trust can be established, and from where new supporting platforms and services, such as device lifecycle management, can be supported. As such, they are seeing a high adoption rate in IoT applications,” Menting concludes.