Securing IoT Edge and Node Devices with Hardware-based Security

More and more devices (and businesses) are connected via the Internet using e.g. cloud network services like Amazon Web Services (AWS). However with this increased connectivity, the number of attacks on these devices and businesses is rising constantly. All of these attacks were enabled by infected IoT devices. It is thus the fundamental duty and responsibility of IoT device vendors to properly protect their devices and services against such attacks. Governments and regulators have started to increase the obligations on IoT device manufacturers, mandating that they implement proper technical security measures in their products and services. This presentation focuses on how to securely connect IoT devices to a popular cloud service, Amazon Web Services (AWS). It reviews the general architecture of AWS IoT and goes into more depth of the security model offered by AWS IoT, including their Shared Security Responsibility model, TLS and the AWS PKI setup as well as the Enrollment and IoT Device Certificate Generation Furthermore it is going on to look at the benefits of hardware security modules and how such modules can support the AWS security model as well as how the integration effort looks for these setups. This will include a look into how provisioning is supported as well as highlighting the integration on the host controller (the main microcontroller used for the IoT device) To conclude the presentation will give an outlook on further edge device security concepts.