IoT devices' connection to the Internet provides a potentially vulnerable route for hackers. The chip should have two levels of security built into the design of the ASIC itself to stop unauthorised access. The first is Cryptography to protect communication and maintain the confidentiality and integrity of data as it moves across the network. The second is Authentication to verify that only authorised computers or people have access.
Turning the design into a chip requires a highly secure manufacturing supply chain. Presto can manage the entire chip manufacturing and testing process to make chips with levels of security right up to that needed for banking standards, including the secure provisioning of the cryptographic keys. The latter ensures that processors will only execute code and updates identified with the correct secret keys. Handling these securely in the manufacturing supply chain is vital to an effective security strategy and is covered by the Common Criteria for Information Technology Security Evaluation standards. These range from the basic Evaluation Assurance Level 1 to Level 7 for government and military, with Level 5 being typical for banks, payment systems, and other highly demanding commercial application.
"According to analysts, there are already billions of IoT chips in use," said Martin Kingdon, Presto's VP of Sales. "This figure is predicted to grow exponentially, driven by the ability of IoT to monitor and provide hard data on which actions can be taken, such as scheduling pre-emptive maintenance before a failure can happen. But the rush to design and make IoT chips has often meant that security has been overlooked, or not included, in the drive to a lower price. This is false economy as these chips can be vulnerable to hacking giving access to confidential data streams."