A new embedded software module introduced to enable protection of data in motion to and from internet of things (IoT) devices aims to deliver seamlessly integrated security-as-a-service (SECaaS) capability for original equipment device manufacturers and service providers deploying connected products, from smart locks to self-driving automobiles.
The turnkey IoT security solution is a result of collaboration between Privafy, a startup focused on cloud-based security solutions for ‘data in motion’, and Micron, using the latter’s Authenta flash-based root of trust. At the heart of the new solution is Privafy MicroEdge, an embedded software module that enables IoT devices equipped with Micron Authenta flash to leverage Privafy’s data in motion security capabilities. The combination of MicroEdge and Authenta is expected to protect and control traffic to and from the IoT device.
Privafy’s cloud-native SECaaS solution uses Micron’s Authenta key management service (KMS) to create a clone-proof endpoint authentication to onboard the device to a comprehensive list of services, including end-to-end secure connectivity, device lifecycle management and clustering, firewall, malware detection, and distributed denial-of-service protection. IoT product manufacturers can use the solution to manage credentials such as manufacturing, sales, service provisioning across their device ecosystem as well as secure connectivity from IoT devices to the IoT application workloads in public and private clouds.
“The collaboration with Micron delivers a full turnkey solution,” said Privafy’s Sami Nassar, EVP, and chief strategy officer. “Privafy’s cloud-native service will be able to recognize Micron Authenta Flash and activate Authenta-MicroEdge services automatically. There’s no complex software to manage or updates to install; MicroEdge runs seamlessly in the background without adding latency to IoT communications and secures all data-in-motion as it passes between IoT devices and other endpoints.”
Micron’s senior director of segment marketing for its embedded business unit, Amit Gattani, said, “IoT service revenue is expected to grow to over $450 billion annually by 2025 as billions of new IoT devices go online, and cybercriminals are already formulating new ways to compromise them. Micron Authenta flash and KMS provide the security foundation and make it easy to onboard IoT devices to the cloud; now these devices will also have seamless access to Privafy’s MicroEdge suite of cybersecurity services for a full SECaaS solution. Privafy’s MicroEdge is the perfect example of how to deploy an innovative IoT solution with device trust anchored in Authenta technology.”
Privafy, co-founded by executives previously at NXP Semiconductors and Verizon in early 2019, said IoT device manufacturers are challenged to provide device security for data in motion at scale, particularly with micro-sized devices. IoT networks typically use a traditional encryption approach to secure the data transmitted in the network. MQTT and SSL/TLS encryption vulnerabilities, however, have been well documented through high-profile breaches. Additionally, when securing the IoT hubs or data centers, traditional firewall solutions are not integrated with the IoT devices in the network. This fragmented security solution results in allowing cyber criminals to gain access to the network, steal sensitive information, and even gain control of the IoT devices.
For the IoT device, its Privafy MicroEdge software seamlessly integrates into any IoT device or semiconductor chip used in the device. The company said its software is lightweight and designed to be customized with any type of IoT architecture. The ability to be integrated at the semiconductor chip level provides a secure hardware root-of-trust that follows the zero-trust network approach.
Privafy founder and chairman Rick Clemmer, who was previously CEO of NXP, will deliver a keynote address on cybersecurity at the upcoming Micron and Tata Communications IoT security conference.