Security doesn’t end with the process of provisioning and connecting edge devices to the cloud. In an internet of things (IoT) network, these devices need to be managed over the complete lifecycle of the product in which they are embedded.
To address this need, NXP Semiconductors has introduced its new EdgeLock 2GO IoT service platform for simple, secure deployment and management of IoT devices and services. The new IoT security platform is integrated with NXP’s Common Criteria (CC) EAL 6+ certified EdgeLock SE050 secure element to protect IoT devices at the edge and securely connect them to one or multiple clouds and service providers.
The EdgeLock 2GO platform allows device makers and service providers to easily onboard or transfer their devices into cloud platforms from AWS IoT and Microsoft Azure IoT Hub. This then helps OEMs and service providers to monitor and manage their devices and analyze data received from devices in the field.
The combination of secure element hardware and managed service platform makes it possible to manage security independently from device manufacturers and the supply chain based on a certified Trust Anchor. The EdgeLock SE050 provides advanced security, while EdgeLock 2GO streamlines secure cloud onboarding and access to IoT devices from different service providers. It also simplifies application credential management with zero-touch connectivity to public and private clouds, edge computing platforms and infrastructure.
EdgeLock 2GO supports multiple types of credentials and any IoT device, from sensors to edge-computing platforms, with the ability to tailor the options for device roll-outs. This flexibility can accelerate time to market with late-stage device configuration in the field. It also enables device makers and service providers to dynamically connect their IoT devices to multiple clouds and service providers.
The IoT service platform consists of three tailored options to let customers manage credentials the way that works best for them:
EdgeLock 2GO Ready for simple use cases, such as device onboarding to public clouds with pre-previsioned EdgeLock SE050 ICs.
EdgeLock 2GO Custom for creating custom EdgeLock SE050 ICs to support complex configurations.
EdgeLock 2GO Managed for managing credentials and multiple services throughout the device lifecycle.
With many IoT devices designed to be in the field for several years, a major issue for device manufacturers and service providers is how to keep the security of their devices up to date throughout the product lifecycle. This is where a service EdgeLock 2GO can be useful, since it eliminates the need for device manufacturers to handle keys or certificates, makes it easy to maintain the security of the IoT devices in the field, and update, revoke or add new device credentials. This simplifies managing large fleets of IoT devices connecting to multiple cloud services.
Philippe Dubois, vice president and general manager of secure edge identification at NXP Semiconductors, said, “EdgeLock 2GO provides a full range of choices and options that optimize the costs around credential and device management, while delivering advanced device security for companies operating in the IoT. The platform provides a highly flexible approach to IoT security that protects edge devices connecting to services and maintains edge device security throughout its entire lifecycle.”
Kristin Carr, GM of Azure IoT platform engineering at Microsoft, commented, “Ease of use, flexibility and security are cornerstones of device management in the Microsoft Azure IoT Hub, which enables highly secure and reliable communication between IoT applications and the devices it manages. EdgeLock 2GO simplifies registration of IoT devices into Azure IoT Hub device provisioning service (DPS) to remove the overhead of device identity management.”