The launch of the IoT Security-as-a-Service offering enables improved data protection from malicious networks and faster time to market
u-blox, a global provider of positioning and wireless communication technologies and services, has commercially launched its IoT Security-as-a-Service offering, which is available on both the u-blox SARA-R4 and SARA-R5 series of LTE-M cellular IoT modules.
Through this innovative solution, it will become simple to protect data from malicious third parties, both on the device and during transmission from the device to the cloud. Its out-of-the-box, simple, secure and cost-effective onboarding process to leading cloud IoT platforms speeds up development, thus shortening the time-to-market.
The IoT Security-as-a-Service offering, which is managed via the u-blox Thingstream service delivery platform, is specifically optimised for low power wide area (LPWA) deployments that use resource-constrained IoT devices. By substantially reducing data overhead and keeping the number of handshakes to a minimum, the service improves power consumption and extends the battery life.
Unique Crypto Key Generation
Central to the effectiveness of the solution is a unique symmetric key management system (KMS) through which an infinite number of crypto keys can be generated on the fly for each device, rather than having to rely on the storage and management of pre-shared keys (which can add to overall operational complexity and the power budget).
Keys are tied to the hardware and can be triggered from either the module or from the server/cloud, which eliminates the need to create, deliver and renew certificates and bring significant savings in terms of system cost, operational complexity and power consumption.
The solution also leverages u-blox’s Foundation security offering, which comprises fundamental elements that make SARA-R4 and SARA-R5 modules secure by design. These include a unique and immutable device identity that is tied to its root of trust (RoT), which forms the basis for a trusted set of advanced security functionality, including a secure boot mechanism that ensures that the module can only run trusted software. Also, u-blox’s proprietary uFOTA feature enables authentication of over-the-air firmware updates.
Wide Use Cases
Among the relevant use cases that u-blox IoT Security-as-a-Service can support are:
- Asset tracking – For data authenticity, secure local storage of collected data and easy secure cloud onboarding. Since tracking devices are usually battery-powered, they require extremely energy-efficient secure data transmission.
- Connected health / eHealth – In this use case, patient confidentiality is paramount, with only authorized medical staff permitted to access sensitive data. This necessitates a high degree of protection against malware and data tampering.
- Industrial monitoring – To guarantee the integrity of real-time operational data for increased productivity, reduced downtime and assured safety of the workforce.
- Building and home automation – Data confidentiality and authenticity need to be maintained while allowing for data to be shared with trusted stakeholders without compromising customer privacy.
- Telematics – In this scenario, the main security risks include denial-of-service (DoS) attacks, device cloning, jamming, etc.
- Smart metering – Here, the authenticity of data logged by remote metering units needs to be confirmed to protect billing. Once trusted communication is established, data transmission needs to be restricted to authorized servers.
“We implemented a true end-to-end concept that protects data from the device to the end-user without making it visible to intermediate nodes or platforms, or service providers. The modules’ symmetric KMS offers engineers a streamlined and scalable alternative to conventional public key infrastructure or pre-shared key arrangements,” says Giovanni Solito, Senior Product Manager, Product Center Services at u-blox. “And with straightforward onboarding to all the popular cloud IoT platforms, efforts are not taken up by security concerns and operational complexities, but can be focused on speeding up time to market and growing business.”