The evolution and DNA of the Internet of Things

The Internet of Things (IoT), as noted in previous Bits & Pieces articles, is really just a concept at this point because the “things” are undefined. As those “things” become more defined, the IoT’s things stop being just things and become something. So, the main question right now: What are those things going to be? Perhaps the IoT should more accurately be called the “IoXT” with “X” being the variable describing what that particular thing actually is. An example could be the Internet of wearable fitness trackers, factory robots, home automation, smart appliances, vehicle to vehicle communication, traffic control… well, you get the picture. The X can (and will) be many different things.

Clearly, for the IoT to be meaningful, the X must be identified in detail. The IoT must evolve from the ultra-general (i.e. “things”) to specific applications, components, systems, and integrated circuits, among others. There appears to be an emerging need for a classification hierarchy to describe the IoT as it differentiates and evolves. The Linnaeus classification model that is used in biology to describe living “things”, comes to mind. The same classification process can apply to silicon-based things and not just carbon-based things (beings).

Do you see the connection?

                           

In a silicon-based classification regime, the term “IoT” would probably lie somewhere between phylum and family. Though it is not entirely clear exactly where yet, that does really not matter at this point; however, what matters is that engineers and product managers must push product definition to the genus and species levels for the IoT to ever truly matter.

In the early stages of IoT’s evolution, there could easily be a type of Cambrian explosion with the genesis of an insane number of new devices covering a wide spectrum of applications that from the truly inspired to the ridiculous. Economic Darwinism would later surely take over to narrow down the numbers overtime with many going extinct and others continuing to adapt into world-changing “things.”

Because the IoT’s silicon building blocks (i.e. the DNA of IoT) are getting into place, it will become very easy to create, modify, and adapt countless smart, sensing, secure, communicating devices. That ease of design is what is making IoT’s potential staggering, and why so many companies (especially silicon companies) are aggressively pursuing the IoT market.

As for the numbers, Gartner believes 26 billion devices will have connectivity by 2022, while Ericsson and Cisco both forecast the number being even higher at 50 billion units by 2020 and 2022, respectively. McKinsey Global Institute (MGI)  expects IoT to have an economic impact of $2.7 to $6.2 trillion by 2025. Gartner notes that IoT suppliers will generate incremental product and service revenue exceeding $300 billion in 2020, resulting in over $1.9 trillion in global economic value-add in diverse end-markets. According to IDC, the installed base of IoT will be 212 billion by the end of 2020, with 30.1 billion of that being connected autonomous things.

The following chart from McKinsey Global Institute details their view of the impact from various economic categories. Note that healthcare is the largest, which makes perfect sense given the affinity of bio-sensors, continuous monitoring, wearable devices, and wireless communication. Subsequently, it is no accident that the major mobile platform and consumer product companies are pursuing bio-metric capabilities for wearable products.

With an increasing demand for medical care as populations age in Western countries, remote telemedicine to cover under-served populations makes great sense. Telemedicine could easily revolutionize medical care, and connected-sensing devices could revolutionize telemedicine. There is little to hold the growth of medical sensing and communicating networks back, especially since governmental agencies are on a mission to extend the provision of health care universally. Perhaps this is a perfect storm.

Health networks will be joined by networks of many types; each of those will be driven by the ability to create IoT devices from their four main building blocks:

1. Brains (MCU)
2. Wireless Communications
3. Sensors of Various Types
4. Security.

Devices with those fundamental IoT building blocks will differentiate on each of those four axes depending upon what they need to do. Some of the types of networks that could show up and drive the IoT’s evolution are noted below:

• M2M:  Machine to Machine network
• V2V: Vehicle to Vehicle network
• Personal medical network
• PAN: Personal area network (wearable network)
• Home entertainment network
• Personal social network.
• Home automation/security network
• Personal fitness network.
• Car infotainment network
• Highway sensor network
• Hazardous material sensing network
• Smart appliance network
• Augmented reality network
• Multi-screen network
• Energy management network

There are of course others, too.

One last thing: The dirty little secret of the IoT is that there probably cannot be such a thing as the Internet of Things if those things are not secure. That is where devices like Atmel CryptoAuthentication ICs play an important, if not catalytic role. Making sure that the nodes in the various networks are authentic and that the data being transmitted have not been tampered with is what CryptoAuthentication devices do. It is easy to see why security is important when there are billions of things keeping track of you, right?

So, authentication may in actual fact be the sine qua non (“without which there is nothing”) of the IoT.

Or, to put it another way: No security? No IoT for you.

 

ATECC108 deep dive: Part 1

Earlier this summer, Atmel expanded its already formidable CryptoAuthentication portfolio with the ATECC108 solution, an elliptical curve cryptography (ECC) product. Today, we at Bits & Pieces will be taking you through our first ATECC108 deep dive.

As discussed in previous blog posts, the ATECC108 is the latest addition to Atmel’s CryptoAuthentication lineup of high-security hardware authentication devices. The ATECC108 boasts a flexible and versatile command set, allowing it to be used for numerous applications including:

• Protection for firmware or media – Validates code stored in flash memory at boot to prevent unauthorized modifications, encrypts downloaded program files as a common broadcast and uniquely encrypts code images to be usable on a single system.
• Anti-counterfeiting – Validates the authenticity of a removable, replaceable, or consumable client, such as system accessories and electronic daughter cards. This capability can also be used to validate a software/firmware module and memory storage element.
• Secure data storage – Stores secret keys for use by crypto accelerators in standard microprocessors.

As noted above, the ATECC108 can be used to house small quantities of data necessary for configuration, calibration and ePurse values – with programmable protection available using encrypted/authenticated reads and writes. Meanwhile, password checking validates user entered passwords without revealing the expected value, maps memorable passwords to random numbers and securely exchanges password values with remote systems.

“Atmel’s ATECC108 includes an EEPROM array that can be used for storage of up to 16 keys, miscellaneous read/write, read-only or secret data, consumption logging and security configuration. Plus, access to the various sections of memory can be restricted in a variety of ways and then the configuration locked to prevent changes,” an Atmel engineering rep told Bits & Pieces.

“The ATECC108 also features a wide array of defensive mechanisms specifically designed to prevent physical attacks on the device itself or logical attacks on the data transmitted between the device and the system. Hardware restrictions on the ways in which keys are used or generated provide further defense against certain styles of attack.”

According to the engineering rep, access to the device is facilitated through a standard I2C Interface at speeds up to 1Mb/sec. It is also compatible with standard Serial EEPROM I2C interface specifications, with the ATECC108 supporting a Single-Wire Interface to minimize the number of GPIOs required on the system processor and/or reduce the number of pins on connectors. Additionally, the ATECC108 supports an alternative single-wire interface compatible with other Single-Wire Devices. So if either SingleWire Interface is enabled, the remaining pin is available for use as a GPIO.

“Using either the I2 C or Single-Wire Interface, multiple ATECC108 devices can share the same bus which saves processor GPIO usage in system with multiple clients such as different color ink tanks or multiple spare parts. Each ATECC108 ships with a guaranteed unique 72-bit serial number,”  the engineering rep continued.

“Using the cryptographic protocols supported by the device, a host system or remote server can verify a signature to prove that the serial number is both authentic and not a copy. Remember, serial numbers are often stored in a standard serial EEPROM, but these can be easily copied, and there is no way for the host to know if the serial number is authentic or if it’s a clone.”

Plus, the ATECC108 can generate high-quality FIPS random numbers and employ them for any purpose, including usage as part of the device’s crypto protocols. Because each random number is guaranteed to be essentially unique from all numbers ever generated on this or any other device, their inclusion in the protocol calculation ensures that replay attacks (re-transmitting a previously successful transaction) always fails. And lastly, system integration is significantly eased with a wide supply voltage range (2.0V – 5.5V) and an ultra-low sleep current of <150nA.

Interested in learning more about Atmel’s versatile ATECC108? Stay tuned for part two of our deep dive in which Bits & Pieces details the device’s cryptographic operation.

Atmel’s ATECC108 bolsters CryptoAuthentication security

Atmel has expanded its already formidable CryptoAuthentication portfolio with the ATECC108 – the company’s first Elliptical Curve asymmetric key authentication solution. According to Atmel engineer Steve Jarmusz, the ATECC108 features NIST standard P256, B283 and K283 Elliptic Curves, along with the FIPS 186-3 Elliptic Curve Digital Signature Algorithm.

“This combination of features – plus 8.5Kb EEPROM for storing up to 16 keys, unique 72-bit serial number and a FIPS standard based Random Number Generator – makes the ATECC108 ideal for a wide range of authentication applications,” Jarmusz told Bits & Pieces. “This includes consumer electronics, consumables, medical devices, industrial automation and IP licensing.”

The ATECC108 – which offers pin-to-pin compatibility with Atmel’s ATSHA204 symmetric key based authentication solution – consists of a SHA256 Hash Engine and is thus also functionally compatible with ATSHA204. The inclusion of both ECDSA and SHA256 will undoubtedly help engineers ease the migration from symmetric to asymmetric key authentication.

In addition, the ATECC108 utilizes 256- or 283-bit keys – both of which are more secure than a number of competing products weighing in at just 163 bits. Indeed, the NIST (Computer Security Research Center) recommends elliptic curves of 256/283-bit keys beyond the year 2030, while advising against key length less than 160 bit after 2010.

As expected, Atmel’s Elliptical Curve asymmetric key authentication solution offers comprehensive tamper protection, as it is built from the ground up to shield against a wide range of hardware attacks including micro-probing, timing, emission and power cycling.

“Perhaps most importantly, the ATECC108 offers a turnkey solution which is easy to use and does not require knowledge of cryptography,” Jarmusz added. “It is also supported by Atmel’s Studio 6 integrated development environment (IDE), facilitating an efficient design process and reducing time to market.”

Additional information about Atmel’s ATECC108 and extensive security portfolio can be found here.