Presto Protects IoT Chips With Secure Manufacturing & Test

Supporting the growing need for IC security in IoT applications, Presto Engineering is offering a comprehensive manufacturing and test service that is tailored to ensure IoT chips are made to high standards of security.

Presto says it can manage the entire chip manufacturing and testing process to make chips with levels of security right up to that needed for banking standards.

IoT devices’ connection to the Internet provides a potentially vulnerable route for hackers. Presto notes that an IoT chip connected to the internet should have two levels of security built into the design of the ASIC itself to stop unauthorized access.

The first is Cryptography to protect communication and maintain the confidentiality and integrity of data as it moves across the network. The second is Authentication to verify that only authorized computers or people have access.

Turning the design into a chip requires a highly secure manufacturing supply chain. Presto claims “it can manage the entire chip manufacturing and testing process to make chips with levels of security right up to that needed for banking standards, including the secure provisioning of the cryptographic keys. The latter ensures that processors will only execute code and updates identified with the correct secret keys.”

Handling these securely in the manufacturing supply chain is vital to an effective security strategy and is covered by the Common Criteria for Information Technology Security Evaluation standards. These range from the basic Evaluation Assurance Level 1 to Level 7 for government and military, with Level 5 being typical for banks, payment systems, and other highly demanding commercial application.

More information:

The post Presto Protects IoT Chips With Secure Manufacturing & Test appeared first on Internet Of Things | IoT India.

Internet Of Things | IoT India

Configurabe Mixed-Signal Chips With ISP Add Flexibility For Designers

Dialog Semiconductor has launched configurable Mixed-signal ICs (CMICs) with in-system programming and multi-time programming to simplify modifications late in the design cycle, in-field or on the production line. Dialog says the new chips are the market’s first CMICs that support in-system programming using a simple I2C serial interface.

Target Applications include:

  • Consumer electronics: such as IoT Devices, Wearables, Smart Tags, Smartphones, Tablets, Notebooks, PCs and PC peripherals, Headphones, Headsets, Smart Building, Smart TV, Set Top Box, etc.
  • Commercial and Industrial Electronics: such as Servers, Embedded computing, and medical devices

The GreenPAK SLG46824 and SLG46826 are the company’s first CMICs following the acquisition of CMIC firm Silego Technology.

“These highly versatile devices allows a wide variety of mixed-signal functions to be designed within a very small, low power single integrated circuit. They help customers to configure according to their design requirements”, the company said.

Available in a 2.0 x 3.0 mm 20-pin STQFN package, both CMICs are equipped with low power consumption analog and digital resources like analog comparators (ACMPs), an internal voltage reference, power-on reset, and more advanced digital resources, like multi-function macro-cells.

The ISP chips streamline the development process as it allows the installation of an un-programmed GreenPAK on the PCB, and supports programming of the Non-Volatile Memory (NVM) in-system, for easy system checkout, the company said.

In the production environment, it is easy to modify the configuration or add functionality to these devices by programming the non-volatile memory on the production line.

The NVM on this device is specified for 1,000 erase/write cycles.

Additionally, the SLG46826 includes 2 kbits of EEPROM emulation memory that can replace an I2C-Compatible Serial EEPROM on the customer’s board, supporting storage of backup configuration data, a checksum or a serial number.

Running the low power analog comparators with the internal low power voltage reference consumes just 2.5 µA typical for two ACMPs that are continuously monitoring external signals. Dialog claimed.

In addition, the 2.048 kHz oscillator consumes a few hundred nanoamps when active, which makes it perfect for watchdog timer applications, or other designs that require a low-speed oscillator that is always running.

The power-on reset block operates all the time, which guarantees that the device will initialize correctly for any power ramp, and consumes just 100 nA at a 3.3 V supply voltage level.

These devices are also dual supply capable, offering a further benefit of being able to translate signals between two voltage domains.

“These are our first GreenPAK devices that can be programmed in-system. The flexibility that comes from in-system programming and the benefits of Multi-Time Programming make these outstanding additions to the GPAK product family,” stated John Teegen, Vice President and General Manager Configurable Mixed-signal Business Unit, Dialog Semiconductor. “These features and the ultra-low power consumption will add significant value in a wide range of battery-powered applications and extend the range of addressable applications.”

More information is available here.

The post Configurabe Mixed-Signal Chips With ISP Add Flexibility For Designers appeared first on Internet Of Things | IoT India.

Internet Of Things | IoT India

Serious security flaws ‘Spectre’ and ‘Meltdown’ haunting Intel, AMD and ARM chips

‘Spectre’ and ‘Meltdown’ haunting Intel, AMD and ARM chips

Major tech firms are rushing to patch critical bugs, dubbed ‘Spectre’ and ‘Meltdown’, found in their processors before they can be exploited.

Researchers from Google’s Project Zero team have revealed serious issues in a vast array of chips across multiple manufacturers. The flaws date back as far as 1995.

There are three known variants of the issue so far. Spectre, which covers two of them, was discovered in chips made by Intel, AMD and ARM, while Meltdown affects Intel products and a recent ARM processor.

“As soon as we learned of this new class of attack, our security and product development teams mobilized to defend Google’s systems and our users’ data. We have updated our systems and affected products to protect against this new type of attack,” Google announced. “We also collaborated with hardware and software manufacturers across the industry to help protect their users and the broader web.”

Read more: Satori malware code made public by hackers

Preventing Meltdown

As we lead ever more connected lives we are becoming more at risk of malicious attacks against our devices. Even hotels in the Austrian Alps have had their electronic doors hacked.

Many manufacturers have been blasé when it comes to IoT security but there is an urgent need to develop security alongside the new devices being introduced. We can be sure that cyber-criminals will be probing for new vulnerabilities and ‘grey hat’ hackers such as the creator of Brickerbot have proven the very real security risks faced by the Internet of Things.

Meltdown and Spectre allow the techniques used by processors to speed up their operation to be abused to obtain information about areas of memory not normally visible to an attacker, including encryption keys, passwords and other sensitive data.

A technical explanation of the vulnerabilities can be found in Project Zero’s report. Most devices, from smartphones and PCs, to servers and IoT devices are at risk from unprivileged code reading data it should not be able to access.

The Google researchers have offered possible solutions to the processor vendors, though the vendors themselves are ultimately best-placed to tackle the issues, given their exclusive knowledge of their own chip architectures.

Read more: Three plead guilty in US to developing Mirai botnet

Vendors scramble to patch the holes

AMD has issued a statement since the vulnerabilities emerged, emphasising the company’s commitment to information security but offered some assurances: “The research described was performed in a controlled, dedicated lab environment by a highly knowledgeable team with detailed, non-public information about the processors targeted.” The company adds that “the described threat has not been seen in the public domain.”

Nonetheless, the company is planning to make software and operating system updates available that will resolve the issue with negligible performance impact.

ARM’s processors are used in countless smartphones and IoT devices and the Softbank-owned company has promised “all future Arm Cortex processors will be resilient to this style of attack or allow mitigation through kernel patches” and, given that the exploits are dependant upon malware running locally, emphasises the need for users to practice good security hygiene.

With Intel also planning to realise security patches over the next few days, the flaws should soon be shored up. However, uncomfortable reports are emerging, claiming that Intel CEO Brian Krzanich was told of the flaws in June last year, subsequently selling a large portion of his stake in the company, while the issues were not yet public knowledge.

Regardless of whether the stock sale was related, Intel, AMD and ARM will all be eager to see Meltdown and Spectre put to bed so that they can turn their focus back to their product roadmaps for 2018 and beyond.

Read more: Andromeda IoT botnet dismantled by international cyber taskforce

The post Serious security flaws ‘Spectre’ and ‘Meltdown’ haunting Intel, AMD and ARM chips appeared first on Internet of Business.

Internet of Business

Qualcomm says it is shipping more than one million chips per day for the IoT

Qualcomm Technologies has announced that it currently ships more than one million chips per day into a wide range of connected applications.

The company is using its technical expertise to design platforms that help customers commercialize IoT products quickly and cost-effectively in areas including wearables, voice and music, connected cameras, robotics and drones, home control and automation, home entertainment, and commercial and industrial IoT, according to the press materials.

Qualcomm Technologies has its grip in IoT spanning across various networks. For instance, the company’s wearables platforms have been adopted in more than 150 wearable designs, and over 80% of Android Wear smartwatches launched or announced are based on Snapdragon Wear 2100. In smart homes, more than 125 million TVs, home entertainment and other connected home products from leading brands have shipped using Qualcomm Technologies’ connectivity chips. MDM9206 is purposely developed for IoT applications and is commercially available today.

To address this wide variety of network, form factors and requirements in the IoT, Qualcomm Technologies offers one of the broadest portfolios of chips and platforms, including mobile, multimedia, cellular, Wi-Fi and Bluetooth system-on-chips. These solutions include comprehensive software with platform-specific applications and APIs, as well as support for multiple communication protocols, operating systems and cloud services.

Qualcomm Technologies is making available over 25 production-ready reference design platforms through a network of original design manufacturers for products including voice-enabled home assistants, connected cameras, drones, VR headsets, lighting, appliances and smart hubs/gateways to further help manufacturers develop IoT devices quickly and cost-effectively. Latest from the homepage