Beyond Hardware: The Power of Software-based Security for the IoT

The world needs a robust software-based security solution to protect the Internet of Things (IoT) in order to extend protection beyond only those devices with chip-based security.

The need for protecting the IoT grows by the day. Case in Point: Symantec reports a 600% increase in attacks against the IoT from 2016 to 2017.

Yet many are guided by legacy thinking that hardware-based security is required to protect devices. Some of this sense of legacy can be traced to early implementations of the Advanced Encryption Standard (AES) algorithm, which proved so resource-hungry that some chip makers provided AES silicon support, offloading encryption to dedicated chips.

Precision Coding Required

One of the many reasons I’m so excited about what we are doing at Atonomi is the fact that our precision coding (and patent portfolio) is enabling us to provide root identity and industry-leading encryption with a software-based solution crafted for even the most resource-constrained IoT devices. Atonomi’s new security protocol and infrastructure will enable billions of IoT devices to have trusted interoperability for both data and commerce.

We see our software-based approach as being mission critical to extending IoT security to all devices, including those that don’t come equipped with specialized hardware or that would otherwise be dependent on gateway or other mid-point protection.

As Atonomi CEO and co-founder Vaughan Emery  pointed out in a recent blog, Atonomi is building from the strong foundation of our parent company CENTRI, including patented processes that enable us to extend security to devices that previously may have required specialized hardware augmentation.

Rather than using AES, Atonomi is integrating more efficient and secure crypto technologies, including the same standards-based solutions used by many of the leading technology companies and government agencies, including Apple, Google, the U.S. National Security Agency, and the European Union.

Secures Well With Others

While our security solution provides powerful protection on its own, it also integrates well with other solutions. From a hardware standpoint, Arm likes CENTRI’s suite of IoT Advanced Security so much they have embedded the code into the Armv8-M platform as part of Arm’s Protected Security Architecture (PSA), ready for developers to turn on and bring the world’s strongest IoT security solution to their offerings.

Our code was written by some of the best minds in IoT security to protect devices that range from robust to extremely resource-constrained.  We know how to craft security code that fits easily on devices where RAM and ROM are measured in kilobytes—not megabytes or gigabytes—and where energy efficiency is mission critical for prolonging battery life.

We know that when it comes to creating IoT devices, there’s more than one type economy to consider. The cost of chips and other components forms one economy, while the power consumed by those parts forms another. Even as the price of RAM and ROM comes down, increasing the capacity of either can boost energy consumption, reducing battery life. This doesn’t mean that onboard resources won’t grow, it just underscores the value of precision coding that protects devices small and large—without requiring hardware-based augmentation for security.

Thanks for reading,

David