LONDON -- IoT device security has been a dominant IoT discussion point throughout 2015. Despite there being over 2.5 billion connected IoT devices today, excluding CE devices, connectivity has been addressed first, with security arguably a secondary thought. With this number set to increase to over 11 billion by 2020, the focus has inevitably shifted to security. ABI Research's recent presentation, Embedded IoT Security, examines this change.
A host of vendors are positioning their respective technology solutions from an embedded IC standpoint: NXP, Infineon and STMicroelectronics through dedicated secure microcontrollers including secure elements, Trusted Platform Modules and embedded SIMs alongside ARM and Imagination technologies from a Trusted Execution Environment architecture perspective. The leading smart card vendors, Gemalto, Oberthur Technologies, G&D and Morpho are also chasing revenue growth through IoT platforms and services placing further investment to create ubiquitous TSM (Trusted Service Manager) platforms to address future OTA provisioning and management requirements.
The fact of the matter is that IoT applications using TEEs and other secure microcontroller solutions are still at the proof of concept stage and a number of barriers and challenges need to be addressed before device OEMs begin embedded integration. For embedded solutions to succeed in securing the wider IoT market, security needs to be built into strategies from the design phase and further education will be required in order to achieve this.
"What is certain is that there is a definite need to secure IoT devices and nobody is arguing with that fact," says Phil Sealy, ABI Research Senior Analyst. "What isn't certain is the applications which embedded technologies can serve. With a diverse range of vertical markets and applications, it's clear that a one size fits all approach is not appropriate, which in turn has created a vast competitive landscape. Furthermore, embedded technology cannot be retrofitted, and legacy device security will need to be addressed by other media, which means embedded solutions are a longer term IoT opportunity. In a market with new OEMs which have limited experiences in the security domain, approaches encompassing broad product portfolios to cater for wide ranging security requirements alongside ease of integration and simplistic security enablement at the heart of strategies, will be the ones that succeed."
These findings are part of ABI Research's Digital Authentication and Embedded Security Research Service, available at https://www.abiresearch.com/market-research/service/digital-authentication-and-embedded-security