Atmel

The Internet of Things (IoT) is your new frontier. You’re empowering your customers and creating new and innovative products. But there are dangers in any new frontier, and the IoT introduces vulnerabilities throughout the network. Whether it’s the connected appliances in your home, or a vast network of devices accessed by cloud services over the internet, you want to be able to control what and who can gain access to your network ecosystem. But how do you know which devices are authorized to be a part of your ecosystem and access the benefits of your network? How do you know if a network node is a device at all and not someone pretending to be a device so they can enter your network? Your home, your car, your office building, your product and its branded accessories are all ecosystems where you need explicit control over membership for security and a consistently positive user experience. 
So how can you protect your customers—and your business? Controlling membership of an ecosystem is no trivial task especially since software and firmware is nearly impossible to track and can be easily worked around. A network of thousands of device manufacturers, each with dozens of product lines, and each of those products with numerous software revisions makes consistent ecosystem control an unmanageable task very quickly.
But, by building smart security into your networks and devices from the beginning, you can simplify this process in a secure and highly-scalable method by uniquely identifying each approved device. Authentication is so fast it is invisible to the user, and it can provide the seemless user experience your customers seek. 
Atmel can take care of all the security logistics for the brand owner and device maker for markets ranging from healthcare and wearables, to smart home and industrial. Let us show you how.

Protect your everything from the threats that lurk throughout the IoT ecosystem

  • Device Spoofing lets hackers gain access to a network using software that mimics an IoT device
  • Network On-Boarding opens vulnerabilities and back-door access into consumers’ or OEMs’ networks
  • Device Identification is a complex, multistep process with vulnerabilities at each stage
  • Remote Updates offer opportunities for malicious software to be uploaded into the system
  • Brand/IP Counterfeiting endangers consumers and your company’s reputation via cloned accessories that are insecure or low quality
   

Device Spoofing

Device Spoofing
If you’re developing health or medical devices, you know how important security is to protect consumers and their personal information. But why would hackers be interested in the data on less-critical IoT devices such as thermostats or light bulbs? In many cases, the actual target is access to the network the device is connected to. (This was the case with the well-publicized 2014 Home Depot breach.)
Device spoofing and “man-in-the-middle” (MITM) attacks are designed to gain access to a network using software that mimics an IoT device. Networks and devices that lack authentication can be tricked into giving up access credentials or executing malicious code. Even networks with weak authentication are subject to MITM attacks in which the attacker eavesdrops on transmissions and steals access credentials.

Protect your device and network from spoofing or MITM attacks

Device Spoofing
Secret keys serve as part of a unique, verifiable identification tag to make sure every device on your network should be there, and use authentication to make encryption effective. These technologies help you:
  • Protect the data that’s sent over wireless networks to and from edge node devices
  • Prevent manipulation of networked devices through unauthorized network access
  • Make sure IoT devices can’t be used as backdoor entries into user or manufacturer networks
» Learn more about Atmel Security Solutions to prevent spoofing and MITM attacks.
   

Network On-Boarding

On-boarding is the process of bringing a new device onto your network simply and securely. This can be especially challenging for IoT devices that have limited or no user interface, such as a light bulb or some industrial applications. And in many cases, consumer demands for convenience require bulk on-boarding of many devices at once. The process becomes more complicated by the number of wireless protocols that must be supported, including 6LowPAN, Wi-Fi, Bluetooth, and other new and proprietary technologies.

Lock down your network on-boarding process

Whether your market is home or industrial automation, it’s your responsibility to maintain the security of your customers’ network. Ensuring that access credentials are securely transmitted prevents unauthorized devices from on-boarding to your network and protects the data sent over the network. It also prevents your network device from communicating with an unauthorized device, being manipulated through unauthorized network access, or becoming a backdoor entry into your or your customer’s network.
» Learn more about Atmel Security solutions to  prevent Network On-Boarding.
   

Device Identification

Edge node devices are the most vulnerable points in the IoT, especially in cost-sensitive markets where omitting security might be seen as a viable way to cut costs. But headlines continue to highlight the risks to consumers and businesses when edge nodes are used as backdoor entries to critical networks. (The 2014 Home Depot breach is a prime example.) Manufacturers need proven edge node security that is cost-effective and manageable for large or small volumes.

Secure IoT edge nodes with device provisioning and commissioning

Device identification through provisioning and commissioning ensures that only legitimate, trustworthy devices can connect to each other and to the network. The basis for device identification is provisioning, which takes a raw device and gives it an identity for security purposes. This involves loading a unique private key and any other certificates or artifacts that establish the device as legitimate and trustworthy. Commissioning transforms the device from generic to one associated with a specific user on a specific network. It typically involves an account with the network provider and validation steps such as passwords delivered by cell phone.

Securely provisioning a new device with your certificates and keys in production involves:

Device Spoofing
  • Generating key pairs
  • Generating certificates
  • Digitally signing devices
  • Securely programming devices
  • Securely storing private keys and access credentials in your device
  • Doing it simply and inexpensively
» Learn more about Atmel Security solutions to prevent Edge Node vulnerability.
   

Remote Updates

Updating software or firmware for devices in the field opens new security vulnerabilities. Security planning includes processes that prevent malware from installing itself on your device and detect file corruption during an update. Secure download protocols prevent code from being altered in transit and secure boot and code execution allows only authorized code to run on the device.

Maintain security in the field for the life of your device

Device Spoofing
Software controls built into your device will help protect it through field updates over time—securing the network and maintaining consumer satisfaction. These controls ensure that access points and the system as a whole run only verified code. Security protocols also ensures verified firmware uploads so malware or viruses aren’t introduced to corrupt the system.
» Learn more about Atmel Security solutions for secure boot of software.
   
Device Spoofing

Brand/IP Counterfeiting

Brand and IP counterfeiting endanger consumers and your company’s reputation by the availability of cloned accessories that are insecure or low quality. This can be especially important for applications with accessory ecosystems. Without security at this level, consumers have no protection from counterfeit devices that might corrupt the larger system or detract from their experience. The result? Dissatisfied customers, brand devaluation, and lost revenue to counterfeiters.

Protect customers, protect yourself

Security protocols protect against counterfeit devices and save money for both OEMs and consumers. This level of security prevents cloning of your design and code, ensures interoperability across your approved ecosystem, and ensures that devices function as designed.

Comments

Post a Comment

Popular posts from this blog

Writing Systems Of The World

Image
pronunciation of words in English If the words illustrating two symbols sound the same to you (say, if you pronounce cot and caught the same, or do and dew , or marry and merry ), you can ignore the difference between those symbols. Footnotes explain some of these mergers. (See also #Dialect variation below.) Consonants IPA Examples b b uy, ca b d d ye, ca d , d o ð th y, brea the , fa th er dʒ g iant, ba dge , j am f f an, ca ff , ph i ɡ ( ɡ ) [1] g uy, ba g h h igh, a h ead j [2] y es, hallelu j ah k s k y, c ra ck l l ie, s l y, ga l m m y, s m ile, ca m n n igh, s n ide, ca n ŋ sa ng , si n k, si ng er θ th igh, ma th p p ie, s p y, ca p r r ye, t r y, ve r y [3] s s igh, ma ss ʃ sh y, ca sh , emo ti on t t ie, s t y, ca t , a t om tʃ ch ina, ca tch v v ie, ha ve w w ye, s w ine hw wh y [4] z z oo, ha s ʒ equa ti on, plea s ure, vi si on, bei g e [5]
Read more

International Phonetic Alphabet

Image
http://alphabeticcodecharts.com/ipa_pics_TrainingACC.pdf https://en.wikipedia.org/wiki/International_Phonetic_Alphabet International Phonetic Alphabet From Wikipedia, the free encyclopedia Jump to: navigation , search Not to be confused with NATO phonetic alphabet  or Americanist phonetic notation . For other uses, see IPA (disambiguation) . For usage of IPA in Wikipedia, see Help:IPA , Help:IPA/Introduction or Help:IPA for English International Phonetic Alphabet Type Alphabet, partially featural Languages Used for phonetic and phonemic transcription of any language Time period since 1888 Parent systems Romic alphabet Phonotypic alphabet International Phonetic Alphabet Direction Left-to-right ISO 15924 Latn, 215 Unicode alias Latin This article contains phonetic symbols . Without proper rendering support , you may see question marks, boxes, or other symbols instea
Read more

GRBL Feed Rate

Introduction – GRBL Feed Rate Congratulations on getting your CNC machine running. By now you should have adjusted a few of the GRBL settings. If not then before setting your GRBL feed rate, I recommend you set the steps per mm at the very least. Click the following link for a guide that will walk you through the process for the x,y and z axis Steps per mm ($100, $101, $102). GRBL settings 101 Now that your machine moves to the location you want, it’s time to see if we can get the machine there faster. The following guide outlines the process of setting your GRBL feed rate. Why Does Feed Rate Matter? Many times, your machine will have to rapid to a location before or between cuts. Depending on what you are cutting and how big that part is, this can add up to a significant amount of time. Especially if your max GRBL feed rate settings are not optimized. In my case, I was able to more than double the safe speed of my machine. This meant that the machine moved to the cutting po
Read more