Peter Kronfeld
Peter Kronfeld
Peter Kronfeld, born in 1962, has always taken great interest in the subject of technological change in the economy, society and business. This already started when he was a student of economics and communication and he has been keeping track of these topics as a journalist and as managing director of HighTech communications GmbH until today.

Flash Memory with built-in security features: Flexible security for the Smart Factory

Flash Memory with Secure Element increase IoT security

Flash Memory with Secure Element increase IoT security

(image: copyright a-image)

The basis of every Smart Factory concept is machine-to-machine (M2M) communication. Machines, sensors and actuators are connected to each other and with wider IT-systems through a network. Communication spanning across systems, which are connected to different locations and the Internet, defines the Industrial Internet of Things (IIoT).

How does a thing know ….: Integrating Unique Identifiers

At this point, at the very latest, Smart Factory data and communication must be protected against espionage and sabotage. Networking industrial installations and the consequent autonomous communication between ‘things’ also bring with it new risks. What if hackers or manipulated systems seize control of robots or industrial installations? In other words, how does a ‘thing’ know that the data or data selections it receives from another ‘thing’ are legitimate and that these system components are ‘who’ they say they are?

A feature article in the magazine U.S.Tech illustrates an interesting approach offered by flash-memory specialist Swissbit. Systems that communicate with each other across networks and via the internet must on one hand provide an identity that cannot be cloned, and on the other, have the ability to send and receive highly secure encrypted data. To avoid the high risk of a software-security-breach, such protection always requires a solution that is integrated into the hardware, known as a security anchor. The classic approach would be to solder a Trusted Platform Module (TPM) into a machine component or through the use of processors that can be unambiguously identified via integrated elements (Trusted Execution Environment (TEE)).

Flash Memory as Trusted Platform Module

Industrial flash memory cards with embedded security can now function as a Trusted Platform Module (TPM). This idea is elegant by virtue of the fact that most systems already have interfaces for memory cards or that they are, at the very least, very easy to integrate. In addition, combining a unique identifier with a standard data storage device is convenient and cost-effective because most “things” in the IIoT require local storage anyway.

But the most powerful argument for me is the ability to easily retrofit existing systems and machines with these security features. An SD or USB interface is all that is needed to integrate a secure element in the form of flash memory. In the Smart Factory, even mobile HMI communication tools (human machine interface) such as tablets and mobile phones can be secured in this way.

1 Comment

  1. Marcus Planckh says:

    Secure Element in IoT
    The statement that with IoT the secure element is back on the agenda, caught my attention in a report on Mobile World Congress 2017 by Computerwoche editor Jürgen Hill (http://www.computerwoche.de/a/iot-ja-aber-bitte-sicher,3330003). Hill quotes security expert Sami Nassar of NXP (Vice President of Cybersecurity Solutions) as an advocate for the Security by Design approach: „Why do we have to send everything to the network / cloud if the devices on the edge can also communicate directly with each other via Bluetooth, for example?” – Nice thought and I think it applies to IIoT as well: It doesn’t always have to be the INTER-net of things. Most of the time, a secure local network of things will do the job.
    This is how to be on the safe side. “Things” with a secure element as ID, communication in a defined security zones as mentioned here /general/it-security-in-industry-4-0-new-guideline-provides-food-for-thought/

Leave a Reply

Your email address will not be published. Required fields are marked *