These agreements will enable device OEMs to automate and streamline the provisioning of IoT products at the factory or in the field and will help to simplify inventory management and onboarding to cloud computing services via a large variety of different chips including secure elements, MCUs and Bluetooth and Wi-Fi solutions. This will also address important requirements by both standards organisations and regulators, ensuring that each device has its own unique identity.
The keySTREAM provisioning service gives OEMs freedom of choice among leading chipsets while providing a unified provisioning platform to simplify key and certificate management across multiple brands.
The service works comprises of two different models. The premier integration model is a deep collaboration between Kudelski IoT and semiconductor manufacturers that embeds the infrastructure for keySTREAM provisioning and lifecycle management within the chipset itself, bundling product and service into a single offering.
The Microchip ECC608 TrustMANAGER is Kudelski’s first premier integration and includes a self-service root certificate authority and in-field provisioning service powered by keySTREAM as an integrated part of the Microchip product, reducing integration effort and complexity while speeding time to market for OEM customers.
Kudelski IoT has also struck collaborative partnerships with STMicroelectronics, Infineon, and Silicon Laboratories that offer keySTREAM in-field provisioning as an optional service to OEMs. Kudelski IoT libraries are integrated with semiconductor partner tools to enable device manufacturers to personalise their products in the factory or in the field.
Both these models will enable OEMs to have full control over provisioning, storing, and managing credentials like PKI keys and certificates in their devices, creating the unique, secure identities that form the foundation for numerous security lifecycle management functions like secure boot, secure FOTA, data encryption and authentication and secure feature enablement.
According to Kudelski IoT the automated keySTREAM process eliminates the need for the complex and error-prone management of pre-provisioned inventory supplied by a chip manufacturer or third-party IC provisioning services. It also helps OEMs comply with the emerging security regulations and standards in the Smart Home, Consumer Electronics, Automotive, Industrial Automation and Control, Healthcare, Medical Devices, Aerospace, Defence, and other industries served by semiconductor manufacturers.
Regulatory and standards requirements are increasingly demanding the types of security features enabled by keySTREAM.
The Kudelski Group has worked with dozens of chipset manufacturers and thousands of chipset models and is an important source of security certificates. It is, for example, a provider of Matter Device Attestation Certificates (DACs) recognised by the Connectivity Standards Alliance.
Commenting Hardy Schmidbauer, Senior Vice President at Kudelski IoT, said, “For many IoT device manufacturers, security provisioning is today a laborious manual process that is prone to error, seriously compromising the security of individual devices, or even of a manufacturer’s whole chain of security. By partnering with top IC manufacturers, Kudelski IoT is making provisioning a simpler, more automated, and secure process than ever before. And innovative partners like Microchip are making it even more attractive to OEMs by offering the provisioning service as a core part of their offering to customers; a model which we anticipate others will adopt in the future.”