Conferences and supporting programme
Delivering High-Mix, High-Volume Secure Manufacturing in the Distribution Channel
Designing a secure IoT device is only the start of the process. Hardware, software, communications and communications protocol, device commissioning, applications layers and other systems considerations are just some of the things that could impact security of a device and its data. And getting a high-volume device manufactured – securely – also poses its own set of challenges. The backbone of the IoT is expected to be low-cost and high-volume devices. For the vision to be fully realized, devices --whether they are widgets or a new telecom system --must be able to be produced anywhere in the world and be secure despite a fragmented supply chain. With global, distributed channels, just how is security maintained and an OEM’s keys and code protected? It starts with a goal of “zero trust,” which means no “default trust” for any entity, and cryptographic authentication and authorisation must be enforced on every transaction. The foundation for secure product development, secure manufacturing and deployment of systems begins with the establishment of a chain-of-trust from the hardware through your software and into your product. This involves starting with a secure microcontroller loaded with a “root-of-trust,” then creating an environment to tightly control your firmware (make sure it hasn’t changed, can’t be stolen and can’t be over-produced) in design through to manufacturing. And all of this needs to be able to operate in any manufacturing environment with minimal process changes for the first unit through to production volumes of millions and still be cost-effective. By devising a system that enables the OEM to tightly control its secure content and deliver a secure MCU with a strong root of trust, a complete high-volume solution is developed that enables secure, low-cost manufacturing and software updates throughout the lifecycle of the products. This presentation examines the cryptographic foundational elements required to establish roots-of-trust in silicon to design, manufacture and deliver secure devices. Recent advancements in security and programming technology, when designed in, streamlines the manufacturing process, scales and delivers trusted devices to partners and OEMs cost-effectively. Other topics for discussion include impacts on manufacturing and downstream provisioning processes and new technology in security provisioning and data programming that OEMs of any size can implement. This session presents best practices for creating a secure system that goes beyond design. In addition, it discusses practices for ensuring the OEMs’ content is protected and devices can be manufactured securely across a global, distributed channel and updated securely in the field. Finally, it looks at how companies can start to implement these advanced capabilities within mainstream distribution today.
--- Date: 01.03.2018 Time: 10:30 AM - 11:00 AM Location: Conference Counter NCC Ost