Embedded certificate provision for IoT devices, machines, and endpoints

November 02, 2016 // By Graham Prophet
Icon Labs’ Floodgate Key Manager enables OEMs to provide automated security ‘credentialing’ and certificate enrollment for their Embedded Linux and RTOS-based IoT and IIoT devices. Floodgate Key Manager provides integration with multiple certificate authorities, including Verizon’s certificate authority, also known as IoT SC.

Floodgate Key Manager is an embedded key management client providing automated enrollment with Certificate Authorities using what is claimed as the only RTOS-compatible implementation of the SCEP protocol. The Floodgate Key Manager supports embedded Linux and a wide variety of RTOSes including Nucleus, UC/OS-III, ThreadX, VxWorks, and LynxOS.

 

Icon Labs has added secure credentialing to its Floodgate Security Framework, a security platform that provides a full suite of device protection, secure credentialing services, and integration with IoT cloud services. In addition to secure credentialing, the Icon Labs Floodgate Security Framework includes secure boot, secure software updates, firewall, intrusion detection, TLS, and a management agent.

 

Icon Labs asserts that today’s security challenge is, “how do I automate the process of securely enrolling each new device into the network?” Icon Labs, Renesas, and [US carrier] Verizon have teamed up to provide a solution. Icon Labs’ Floodgate Key Manager for IoT devices works with Verizon’s IoT SC solution to allow IoT devices to perform automatic enrollment. During enrollment, each device securely obtains a certificate that is used for identification and authentication when communicating with other devices also enrolled in the same PKI system.

 

The development and integration is complete and available for demonstration on the Renesas Synergy platform. The Synergy platform provides the hardware foundation ensuring that the secure boot code, cryptographic keys, certificates, and signatures have not been tampered with. Synergy provides hardware enforced memory protection to ensure that hackers cannot tamper with the boot sequence or the secure boot operations.

 

“Protecting against cyber-attack has become a critical part of developing new IoT and Industrial IoT systems, devices, and machines,” says Alan Grau, President of Icon Labs.

 

Icon Laboratories; www.iconlabs.com