Frost & Sullivan Recognizes Intrinsic ID with Technology Leadership Award for IoT Security
Noted for technology utilizing unique, unclonable device identities
SUNNYVALE, Calif. – Oct. 23, 2017 –Intrinsic ID®, the world’s leading provider of digital authentication technology for Internet of Things security and embedded applications, today announced it has been recognized with the 2017 Frost & Sullivan Technology Leadership Award for Device-Level Digital Authentication Technology for IoT. The recognition stems from Frost & Sullivan’s ongoing analysis of the growth in the Internet of Things market, and the accompanying expectation that digital security companies that can provide device-level digital authentication technology for IoT devices are expected to secure leadership positions in IoT security.
Over the past few days, prpl and our member companies Microsemi (https://www.microsemi.com/) and Imperas (http://www.imperas.com/) had the pleasure of attending the sold-out 7th RISC-V workshop held at Western Digital’s conference center in San Jose. Microsemi and Imperas are members of both prpl and the RISC-V foundation. (https://riscv.org/)
For those who don’t know, RISC-V is an open, free instruction set architecture (ISA) developed at the University of California – Berkeley. Support for the new architecture is growing rapidly, as evidenced by the many great presentations from academia and industry, but in certain important areas, RISC-V is still in the early phases of definition, specification, or ecosystem development.
In security for instance, Richard Newell, product architect at Microsemi, is co-chair of a RISC-V task group defining a set of security and cryptographic extensions for the RISC-V ISA. At the workshop, Richard gave two well-received talks. The first, “Security task group update and RISC-V security extension” outlined the current state of the proposed RISC-V security extensions; and the second, “Using Proposed Vector and Crypto Extensions For Fast and Secure Boot,” demonstrated the possibility for some dramatic benefits of these extensions if ratified.
The open and collaborative nature of both the RISC-V and prpl foundations has enabled a hearty exchange of ideas between the groups on security-related industry needs. Richard and his co-chair Joe Xie of NVIDIA recently invited Cesare Garlati, prpl’s chief security strategist, to give a presentation on the prpl security framework https://prpl.works/security-guidance/ to the members of the RISC-V security task group. Cesare was invited back a second time, and we’ve invited Richard to present his RISC-V talk to the prpl virtualization and security working group. We are delighted to work in a friendly collaborative way to make sure that industry best practices for security are adopted across all processor architectures.
Given that many RISC-V based SoCs are now in development, chip simulation is another must-have technology area that the RISC-V ecosystem will need to be successful. It appears that prpl member company Imperas is in “the right place at the right time.” CEO Simon Davidmann took the opportunity at the RISC-V workshop to announce the release of its new RISC-V Processor Developer Suite™ which contains the models and tools necessary to validate and verify the functionality of a RISC-V processor.
As Simon noted in the Imperas press release, “Designing and delivering RISC-V processors is challenging. With the RISC-V Processor Developer Suite, Imperas is providing a solution that accelerates RISC-V development schedules and improves IP quality.”
Congrats to both Microsemi and Imperas for the great showing at the RISC-V workshops! We’re glad to have you participating in both prpl and RISC-V and look forward to the continuing exchange of ideas between the two open source and open standard based foundations!
A cursory look at OWASP’s IoT Security Guidance will highlight just how many elements in the IoT ecosystem could be exploited. Among others, these include the web interface, network, transport encryption layer, mobile app and device firmware. The latter is a key area of focus for the prpl Foundation, a non-profit which is trying to coral the industry into taking a new hardware-based approach to IoT security. Cesare Garlati, Chief Security Strategist, claims that hackers could exploit IoT chip firmware to re-flash the image, allowing them to reboot and execute arbitrary code.
In the optimal situation, there is no way that anyone should be able to access, much less hijack, the critical functions of an IoT device such as a drone. While the power for destruction from just one drone may seem paltry, directing these drones in large numbers at a target is a very real, and dangerous, possibility – as confirmed by this news.
The time to act is now to take control of security in IoT devices at the most basic level: the hardware.
Manufacturers need to move away from the attitude that “it works, let’s try to secure it and get it to market” to “if it’s not secure, it doesn’t work”. Unless the industry adopts this attitude, the security problems of IoT will continue to proliferate at an alarming rate and unfortunately, lives could quite literally be at stake.
Last week I had the pleasure of attending Embedded World 2017 in Germany as I was invited to give a couple of presentations on the pioneering work we have been doing at the prpl Foundation with regards to the prplHypervisor™ and prplPUF™ APIs for securing IoT. As it turns out, IoT was the top line at the conference that drew in more than 30,000 trade visitors – and the event solidified the notion that embedded computing is now synonymous with IoT.
Live Demo: A New Hardware-Based Approach to Secure the Internet of Things RSA Conference 2016 – Abu Dhabi November 16, 2016 | 11.20 – 12.10 hrs | Level 1 | Room: Etihad Ballroom 2
Quick look – This session will address four key elements that have introduced serious weaknesses into the IoT: proprietary systems, connectivity, unsigned firmware and lateral movement. Discussion will showcase a new approach to IoT security demonstrating how SoC virtualization and security through separation can address these vulnerabilities, which have already been shown to have potentially life-threatening consequences.
From hospitals dispensing life-saving drugs, to connected cars – embedded computing is transforming the way we live and work. But underlying weaknesses have introduced potentially life-threatening vulnerabilities into the Internet of Things.