Eurotech who develops solutions for the Edge and Internet of Things (IoT), is working with Infineon, Microsoft and GlobalSign to simplify large scale, secure roll outs of connected devices. This collaboration delivers assurance by extending the secured device identity chain from the edge to the cloud.
Building on industry standards, the solution starts the chain-of-trust at Infineon’s OPTIGA TPM (Trusted Platform Module) which is installed in all Eurotech IoT Edge gateways. As platform manufacturer, Eurotech extends this ‘trust’ to a secure Initial Device Identifier, an IEEE 802.1AR certificate-based identity that is cryptographically bound and uniquely assigned to the device. This identity attests the integrity of the platform supply chain and provides the necessary baseline for zero touch onboarding. As part of this collaboration, Eurotech has worked with GlobalSign, one of the leading security certificate authorities, and Microsoft, with its IoT Identity Service security subsystem of the Azure IoT Edge, to further extend the chain-of-trust to cloud connectivity. This is achieved through the enrollment of additional local certificates confirming device ownership to a customer and using these identities for automatic provisioning of Azure IoT Hub operational identities by the Azure Device Provisioning service.
“Security remains the key enabler for cloud service adoption. The necessary level of protection can only be achieved by combining software security mechanisms with robust hardware-based security capabilities based on globally accepted industrial and IT security standards. A chain of trust from the node to the cloud using hardware based security anchors allows to securely identify each IoT and Edge device, to protect sensitive data as well as the integrity of the Cloud”, says Juergen Rebel, Vice President & General Manager Embedded Security at Infineon Technologies.
The solution drastically reduces the complexity of embedding strong certificate identities in cloud connected device architectures. It delivers a blueprint for the management of standard-based digital identities over the life-cycle of the device from manufacturing, provisioning, maintenance, and finally decommissioning.
“IoT is changing the way businesses think and operate, allowing them to optimize existing processes and opening the door for new business models and revenue streams,” said Sam George, corporate vice president, Azure IoT at Microsoft Corp. “Streamlining the process of creating a chain of trust reduces the risk of supply chain tampering and device attacks that stem from compromised device identities. By helping to mitigate these risks, we’re enabling organizations to build more durable and resilient IoT solutions—to innovate on a foundation of trust.”
The solution was launched at Hannover Messe 2021 and will be available in Q4 in 2021.