Escorting for a safe and intelligent industrial Internet of Things

The Industrial Internet of Things (IIoT), as a key path to promote the deep integration of the digital economy and the real economy, has now become a common choice for major economies in the world to promote high-quality economic development. According to a McKinsey research report, the Industrial Internet of Things will generate up to 11.1 trillion U.S. dollars in revenue each year before 2025. Accenture, a world-renowned consulting company, also gave a positive forecast, saying that by 2030, the Industrial Internet of Things can bring 14.2 trillion U.S. dollars in economic growth to the world.

The Industrial Internet of Things (IIoT), as a key path to promote the deep integration of the digital economy and the real economy, has now become a common choice for major economies in the world to promote high-quality economic development. According to a McKinsey research report, the Industrial Internet of Things will generate up to 11.1 trillion U.S. dollars in revenue each year before 2025. Accenture, a world-renowned consulting company, also gave a positive forecast, saying that by 2030, the Industrial Internet of Things can bring 14.2 trillion U.S. dollars in economic growth to the world.

At this year’s National Two Sessions, the keyword “Industrial Internet of Things” was included in the government work report for the fourth time, fully demonstrating that the country attaches great importance to the role of Industrial Internet of Things in promoting the high-quality development of the manufacturing industry. . The “Industrial Internet of Things Industry Economic Development Report (2020)” released by the China Academy of Information and Communications Technology shows that in 2020, the economic scale of China’s industrial Internet of Things industry will reach 3.1 trillion yuan, accounting for 2.9% of GDP, and driving about 2.55 million Create new jobs.

Security threats are real

In the face of the fast-developing industrial Internet of Things, ensuring its security is of the utmost importance. Because security threats are real, every aspect of equipment, connections, networks, data centers, equipment management, and the Internet of Things may be attacked. So, what key security challenges will users encounter when deploying industrial IoT solutions?

Enterprise new and old equipment optimization

Industrial Internet of Things needs to face a variety of devices. Some are old equipment and systems that have been used for many years, and some are newly launched devices after entering the Internet of Things era. They may be spread all over the country. Hackers can directly attack the equipment. Traditional firewalls, IPS and other gateway-type protection devices are not very useful.

At the same time, the communication protocols of the Internet of Things, such as ZigBee®, Bluetooth, NB-IOT, 2/3/4/5G, are not used in traditional Internet applications, and Internet security policies cannot cover these protocols, which brings New security risks.

The anxiety of IT and OT integration

The transformation of the Internet of Things makes industrial equipment more intelligent and more integrated, thereby improving the efficiency of manufacturing. With billions of devices connected through the Internet of Things, the era of the convergence of information technology (IT) and operation technology (OT) has arrived.

However, the Industrial Internet of Things has extremely high requirements for real-time, reliability and product monitoring quality. As one of the backbone systems of industrial automation, how to digitally upgrade the control system while ensuring safety is one of the focus issues faced by industry users and solution providers.

standard

Once the device enters the network, it will face various security threats. At present, network attacks have shifted from targeting remote enterprise IT cloud servers and data centers to local facilities such as sensors, edge nodes, and gateways. The attack vector is not limited to TCP/IP networks and ports.

Considering that there are a large number of wired and wireless standards in the Industrial Internet of Things, the security design should not only be implemented from the beginning of the design to mass production, but also need to establish multiple independent levels of security (MulTIple Independent Levels of Security, MILS) within the system. Design concept-ON the premise of ensuring the flexibility of the system, security is provided for different levels of a system.

Resolutely implement, rather than panic remedy

How to make full use of chip-level security to achieve comprehensive system protection? How to take security elements into consideration in the initial development process and run through its entire life cycle? At Microchip, we also think a lot about this, for example:

Trust Platform (Trust platform)

As more and more devices are connected to the Internet, major cloud providers now encourage users to use secure elements to protect keys. Microchip provides a set of software and hardware development tools for the Trust platform launched by the CryptoAuthenTIcaTIon™ series. The platform combines Microchip’s secure components and internal secure key configuration services. Microchip’s configuration service only “loads” the keys in its semiconductor supply chain factories, which eliminates the opportunity for the keys to be exposed to contract manufacturers or any third parties. This approach also improves the “air gap” isolation between encryption keys, firmware, and people that Microchip has always hoped to achieve.

As the first to provide a ready-to-use security authentication solution for the mass market, the Trust platform consists of three layers, providing out-of-the-box pre-configured security elements or fully customizable security elements. Developers can design according to individual Flexible choice.

The first layer of the platform is Trust&GO, which provides zero-touch pre-configured security elements. The device certificate has been pre-programmed, loaded and locked in ATECC608B for authentication during automatic cloud login or LoRaWAN® login. At the same time, the corresponding certificate and public key are delivered in the form of a “list” file, which can be downloaded from Microchip’s direct sales website and authorized distributors. In addition to saving months of development time, the new solution also greatly saves other cumbersome matters, helping mass market customers to easily protect and manage edge devices without the need for third-party configuration services or additional costs of certificate issuing agencies.

At present, Microchip has cooperated with many cloud suppliers in the industry to help them easily realize hardware-based security in a more economical way, and eliminate various obstacles when configuring devices before. For more information, please visit the Microchip Trust&GO platform.

If customers have more customization requirements, the second layer of TrustFLEX can not only flexibly use the certificate authority of the customer’s choice, but also use pre-configured use cases, including baseline security measures, such as Transport Layer Security (TLS) to enhance identity Verification (used to connect to any IP-based network using any certificate chain), LoRaWAN authentication, secure boot, over-the-air (OTA) update, IP protection, user data protection and key rotation, thereby reducing the complexity of device customization, Reduce customization time without requiring customized part numbers. For customers who only need to customize the design, the third layer of the platform-TrustCUSTOM-can provide customers with specific configuration functions and custom credential settings.

Guard the security of the wireless MCU

As the Internet of Things expands from the field of home automation to the field of home control such as heating, ventilation and air conditioning (HVAC), garage doors and electric fans, as well as its accelerated application in the field of building and industrial automation, the market is facing a highly integrated, reliable and safe industrial Internet of Things The need for connectivity has never been greater.

WFI32E01PC is the industry’s first Wi-Fi® single-chip microcomputer module that uses Microchip’s own Trust&GO technology to implement unique authentication functions. The new technologies used include the top PIC32 microcontroller core, rich peripheral support and mature hardware security platform. For example, the Trust&GO platform uses secure element technology to pre-configure and set up cloud identity verification, simplifying the process of network identity verification; the module complies with Wi-Fi Alliance (WFA) specifications, and is approved by the Federal Communications Commission (FCC) and Industry Canada. (IC) and the European Radio Equipment Directive (RED) are fully certified by three world-class regulatory agencies.

With its own security expertise, Microchip provides customers with design security and eliminates the need for customers to build expensive internal security capabilities. From security encryption to trusted execution environment, Microchip supports and meets customers’ unique security implementation needs through a wide range of security solutions, and provides appropriate levels of protection at a reasonable price.

Conclusion:

In fact, for all Internet of Things products and applications, including the Industrial Internet of Things, there are usually three core elements: a processor or microcontroller (“smart” element), a network controller (“connection” element), and ensuring connectivity to the cloud. The method of secure communication (“security” element), and Microchip’s advantage lies in its ability to span the “cloud”-“pipe”-“end” triple field, and provide users with a complete solution.

In other words, Microchip can provide both integrated solutions with advanced security features, as well as independent solutions such as ATECC608B. A series of Microchip’s microcontrollers have built-in hardware protection functions to achieve unbreakable security. Microchip’s powerful security solutions enable IoT application developers to implement various security use cases, such as secure boot, ensuring that only real application firmware is executed; secure firmware upgrades; secure cloud connections through mutual authentication; secure communication to achieve message authentication And encryption and IP protection, etc.

In addition to security chips, Microchip also provides software examples and configuration services, so that customers can easily and smoothly implement security protection in their embedded systems through the cooperation of software and hardware.

Security is an important part of IoT applications. Every IoT solution should contain security-related modules-especially when you need to ensure the security of the system’s identity and the security of transmitted data. Ensuring the security of the Internet of Things not only depends on relevant laws and regulations, but more importantly, it is fundamentally responsible in practice, and security should be taken into consideration from the conceptual design stage of the product, rather than a remedy afterwards.

The Industrial Internet of Things (IIoT), as a key path to promote the deep integration of the digital economy and the real economy, has now become a common choice for major economies in the world to promote high-quality economic development. According to a McKinsey research report, the Industrial Internet of Things will generate up to 11.1 trillion U.S. dollars in revenue each year before 2025. Accenture, a world-renowned consulting company, also gave a positive forecast, saying that by 2030, the Industrial Internet of Things can bring 14.2 trillion U.S. dollars in economic growth to the world.

At this year’s National Two Sessions, the keyword “Industrial Internet of Things” was included in the government work report for the fourth time, fully demonstrating that the country attaches great importance to the role of Industrial Internet of Things in promoting the high-quality development of the manufacturing industry. . The “Industrial Internet of Things Industry Economic Development Report (2020)” released by the China Academy of Information and Communications Technology shows that in 2020, the economic scale of China’s industrial Internet of Things industry will reach 3.1 trillion yuan, accounting for 2.9% of GDP, and driving about 2.55 million Create new jobs.

Security threats are real

In the face of the fast-developing industrial Internet of Things, ensuring its security is of the utmost importance. Because security threats are real, every aspect of equipment, connections, networks, data centers, equipment management, and the Internet of Things may be attacked. So, what key security challenges will users encounter when deploying industrial IoT solutions?

Enterprise new and old equipment optimization

Industrial Internet of Things needs to face a variety of devices. Some are old equipment and systems that have been used for many years, and some are newly launched devices after entering the Internet of Things era. They may be spread all over the country. Hackers can directly attack the equipment. Traditional firewalls, IPS and other gateway-type protection devices are not very useful.

At the same time, the communication protocols of the Internet of Things, such as ZigBee®, Bluetooth, NB-IOT, 2/3/4/5G, are not used in traditional Internet applications, and Internet security policies cannot cover these protocols, which brings New security risks.

The anxiety of IT and OT integration

The transformation of the Internet of Things makes industrial equipment more intelligent and more integrated, thereby improving the efficiency of manufacturing. With billions of devices connected through the Internet of Things, the era of the convergence of information technology (IT) and operation technology (OT) has arrived.

However, the Industrial Internet of Things has extremely high requirements for real-time, reliability and product monitoring quality. As one of the backbone systems of industrial automation, how to digitally upgrade the control system while ensuring safety is one of the focus issues faced by industry users and solution providers.

standard

Once the device enters the network, it will face various security threats. At present, network attacks have shifted from targeting remote enterprise IT cloud servers and data centers to local facilities such as sensors, edge nodes, and gateways. The attack vector is not limited to TCP/IP networks and ports.

Considering that there are a large number of wired and wireless standards in the Industrial Internet of Things, the security design should not only be implemented from the beginning of the design to mass production, but also need to establish multiple independent levels of security (MulTIple Independent Levels of Security, MILS) within the system. Design concept-On the premise of ensuring the flexibility of the system, security is provided for different levels of a system.

Resolutely implement, rather than panic remedy

How to make full use of chip-level security to achieve comprehensive system protection? How to take security elements into consideration in the initial development process and run through its entire life cycle? At Microchip, we also think a lot about this, for example:

Trust Platform (Trust platform)

As more and more devices are connected to the Internet, major cloud providers now encourage users to use secure elements to protect keys. Microchip provides a set of software and hardware development tools for the Trust platform launched by the CryptoAuthenTIcaTIon™ series. The platform combines Microchip’s secure components and internal secure key configuration services. Microchip’s configuration service only “loads” the keys in its Semiconductor supply chain factories, which eliminates the opportunity for the keys to be exposed to contract manufacturers or any third parties. This approach also improves the “air gap” isolation between encryption keys, firmware, and people that Microchip has always hoped to achieve.

As the first to provide a ready-to-use security authentication solution for the mass market, the Trust platform consists of three layers, providing out-of-the-box pre-configured security elements or fully customizable security elements. Developers can design according to individual Flexible choice.

The first layer of the platform is Trust&GO, which provides zero-touch pre-configured security elements. The device certificate has been pre-programmed, loaded and locked in ATECC608B for authentication during automatic cloud login or LoRaWAN® login. At the same time, the corresponding certificate and public key are delivered in the form of a “list” file, which can be downloaded from Microchip’s direct sales website and authorized distributors. In addition to saving months of development time, the new solution also greatly saves other cumbersome matters, helping mass market customers to easily protect and manage edge devices without the need for third-party configuration services or additional costs of certificate issuing agencies.

At present, Microchip has cooperated with many cloud suppliers in the industry to help them easily realize hardware-based security in a more economical way, and eliminate various obstacles when configuring devices before. For more information, please visit the Microchip Trust&GO platform.

If customers have more customization requirements, the second layer of TrustFLEX can not only flexibly use the certificate authority of the customer’s choice, but also use pre-configured use cases, including baseline security measures, such as Transport Layer Security (TLS) to enhance identity Verification (used to connect to any IP-based network using any certificate chain), LoRaWAN authentication, secure boot, over-the-air (OTA) update, IP protection, user data protection and key rotation, thereby reducing the complexity of device customization, Shorten the customization time without the need for customized part numbers. For customers who only need to customize the design, the third layer of the platform-TrustCUSTOM-can provide customers with specific configuration functions and custom credential settings.

Guard the security of the wireless MCU

As the Internet of Things expands from the field of home automation to the field of home control such as heating, ventilation and air conditioning (HVAC), garage doors and electric fans, as well as its accelerated application in the field of building and industrial automation, the market is facing a highly integrated, reliable and safe industrial Internet of Things The need for connectivity has never been greater.

WFI32E01PC is the industry’s first Wi-Fi® single-chip microcomputer module that uses Microchip’s own Trust&GO technology to implement unique authentication functions. The new technologies used include the top PIC32 microcontroller core, rich peripheral support and mature hardware security platform. For example, the Trust&GO platform uses secure element technology to pre-configure and set up cloud identity verification, simplifying the process of network identity verification; the module complies with Wi-Fi Alliance (WFA) specifications, and is approved by the Federal Communications Commission (FCC) and Industry Canada. (IC) and the European Radio Equipment Directive (RED) are fully certified by three world-class regulatory agencies.

With its own security expertise, Microchip provides customers with design security and eliminates the need for customers to build expensive internal security capabilities. From security encryption to trusted execution environment, Microchip supports and meets customers’ unique security implementation needs through a wide range of security solutions, and provides appropriate levels of protection at a reasonable price.

Conclusion:

In fact, for all Internet of Things products and applications, including the Industrial Internet of Things, there are usually three core elements: a processor or microcontroller (“smart” element), a network controller (“connection” element), and ensuring connectivity to the cloud. The method of secure communication (“security” element), and Microchip’s advantage lies in its ability to span the “cloud”-“pipe”-“end” triple field, and provide users with a complete solution.

In other words, Microchip can provide both integrated solutions with advanced security features, as well as independent solutions such as ATECC608B. A series of Microchip’s microcontrollers have built-in hardware protection functions to achieve unbreakable security. Microchip’s powerful security solutions enable IoT application developers to implement various security use cases, such as secure boot, ensuring that only real application firmware is executed; secure firmware upgrades; secure cloud connections through mutual authentication; secure communication to achieve message authentication And encryption and IP protection, etc.

In addition to security chips, Microchip also provides software examples and configuration services, so that customers can easily and smoothly implement security protection in their embedded systems through the cooperation of software and hardware.

Security is an important part of IoT applications. Every IoT solution should contain security-related modules-especially when you need to ensure the security of the system’s identity and the security of transmitted data. Ensuring the security of the Internet of Things not only depends on relevant laws and regulations, but more importantly, it is fundamentally responsible in practice, and security should be taken into consideration from the conceptual design stage of the product, rather than a remedy afterwards.

The Links:   MCC312-16IO1 FX3G-2AD-BD TIMMALCD