Assigning IDs Within the Internet of Things

Reading time ( words)

Networking devices and machinery is in full swing. However, despite all the Industry 4.0 enthusiasm, there are voices of caution: Secure your communication. For this, identification of the participants is one requirement and special SD cards offer a surprisingly simple and flexible solution—ready for post-quantum cryptography.

For IT security experts, the three steps that open a "secure channel" are obvious: identification, authentication and authorization. A two-step authentication process can significantly improve security. The token used for authentication can also be used for encrypting the communication content.

Today, these processes are generally accepted by the human user of IT networks. But this is different for the Internet of Things (IoT). So far, sensors, actuators, devices, machines, IT systems, and, of course, critical infrastructures rarely need to “identify” themselves when they connect to networks—and anybody who requests data from them or stores data on them also remains anonymous.

In well-guarded manufacturing plants that are not connected to the internet, these risks might be tolerated. In the smart, networked factories of the future, such security gaps are no longer acceptable. The risk is too great for unauthorized individuals to gain control over the smart factory using remote internet access. There are reports and videos about cars that could suddenly be remotely controlled by unauthorized parties. They emphasize that the possibility of remotely controlling factories and power stations, or of third-party controlled manufacturing robots, should not simply be brushed aside.


Therefore, things also must be assigned an ID. If only identified devices can communicate with each other, life becomes significantly more challenging for hackers.

ID Inside the Memory Card

Thus far, fitting a device with a secure element either meant soldering identifiable hardware components (trusted platform module or TPM) onto the relevant components or using processors that can be unambiguously identified via integrated security functions (trusted execution environment or TEE). There is a significantly more flexible option to retrofit infrastructures with an equivalent to ID cards simply by using a SD, microSD or USB interface and secure memory cards.

Secure memory cards, such as those from Swissbit, consist of a flash memory chip, a smart card and a flash controller. Because a crypto element is used as the secure element, not only can communication be secured, but data can also be securely encrypted. This allows for trusted boot concepts to be implemented and for licenses to be secured. Flash memory with integrated AES encryptor can also be used to encrypt additional data memory (for example, conventional hard drives) within the system. The flash memory cards proposed for the authentication and encryption within the Industrial Internet of Things (IIoT) are already employed on a large scale in tap-proof mobile phones, police bodycams, and for the protection of patient data in medical technology.

Trusted Platform Module as Retrofit

Combining the identifier with a standard data memory holds much appeal, mainly because most of the components and embedded systems in the IIoT require memory anyway for operating systems and data. Implementation is comparatively simple because memory interfaces are standardized and even middleware for the integration of TPM-requests can be supplied if required.

One of the biggest challenges when creating secure IIoTs is retrofitting older systems and existing components. If they have USB or SD interfaces, these legacy systems can simply be equipped with an SD card as TPM with tamperproof identities and integrated retrospectively into the security concept.


An even greater challenge: During a product life cycle, security becomes more vulnerable, as attack methods become increasingly sophisticated. The quantum computer, which is expected to become available within the next few years, is a threat to the encryption process. Consequently, it will be easy to hack asymmetrical cryptography. It will be necessary to develop post-quantum cryptography (PQC), demanding algorithms that are resistant to attacks from quantum computers. Thus, product managers must consider the upgradeability of security solutions, not least because of the German IT Security Law, which requires the use of the most modern technology. As easily exchangeable modules, secure memory cards thus provide a solution for the PQC challenge as well.


Suggested Items

The Survey Said: Industry Optimistic After Strong 2017

05/28/2018 | I-Connect007 Research Team
During recent trade shows and conferences, we spoke with a variety of fabricators and assembly providers. They had one thing in common: Every company achieved strong growth in 2017, and shared a positive outlook about the future. This year, the industry is optimistic, driven by positive economic outlook, growing customer demand, and new technologies and vertical markets, among others.

Industry 4.0 Technologies: If Only I Had Known

03/26/2018 | Michael Ford, Aegis Software Corp.
What is coming in 2018 is not a single master Industry 4.0 solution as people may expect, but rather the opportunity for everyone in the industry to play their part, re-evaluating what can be done in their processes or products to take maximum advantage of the new CFX-fueled Industrial IoT environment.

6 Questions to Assess Your Company's IoT Readiness

02/16/2018 | Patty Rasmussen, East West Manufacturing
Small-to-medium sized companies shouldn't assume that Industrial Internet of Things (IIoT or Industrial Internet) is for the 'big boys' only. Innovations coming out of the IIoT have the potential to significantly level the playing field among companies of all sizes.

Copyright © 2018 I-Connect007. All rights reserved.