The Device Identity Composition Engine (DICE) is a security standard from the Trusted Computing Group (TCG) that targets microcontrollers. I talked with some members of TGC, including Bill Swanson Senior Marketing Director, Microchip Technology; Jeff Shiner, Director of IoT Solutions at Micron Technology; Ilia Stolov, General Manager of Winbond Israel, and Dennis Mattoon, Senior Software Development Engineer, Microsoft Research about DICE and how to incorporate it into design for the Internet of Things (IoT).
Wong: How would you define DICE and its benefits for embedded and IoT systems?
Bill Swanson, Microchip Technology: Designing and deploying secure devices represents a significant challenge for developers. While the fundamental principles of cryptography are well understood, the implementation in a secure system can be confusing. Hackers are very skilled in their art, so trial and error is not an option. Overlooking any security hole can have significant consequences. The DICE specification provides a simple and robust hardware-based method of establishing trust and identity in a deployed device.
Bill Swanson, Senior Marketing Manager, CPG Business Unit, Microchip Technology
One of the benefits to DICE is that the specification is being developed within the Trusted Computing Group (TCG). The TCG is industry based and is well-known for developing the Trusted Platform Module (TPM) specification. When implementing the DICE specification in their products, designers can have a level of confidence that the fundamental security of their device is based on sound security principles that have been developed and peer-reviewed by industry experts.
Another benefit of DICE is its simplicity. DICE is based on simple cryptographic principles and fundamental features, which are “baked” into the hardware by the silicon manufacturer.
Jeff Shiner, Micron Technology: DICE is a light touch protocol that enables an extremely broad array of IoT devices with the ability to attest to the health and identity of the device by fusing two critical elements that define that device: the health of the software and the hardware-based identity of the silicon on that device.
Jeff Shiner, Director of IoT Solution, Micron Technology
Dennis Mattoon, Microsoft Research: The purpose of DICE, the Device Identifier Composition Engine, is to provide critical security and privacy benefits to IoT and embedded systems. It was developed to address the challenging cost, power, security, and other resource constraints that typify IoT and embedded systems. The result is a combination of minimal silicon requirements and software techniques that establish a cryptographically strong device identity and form a foundation for critical security capabilities like, attestation, verified updates, and secure device recovery and resiliency.
Dennis Mattoon, Senior Software Development Engineer, Microsoft Research
Ilia Stolov, Winbond Israel: Modern embedded and IoT systems are extremely limited in terms of performance, cost, power consumption and connectivity. Existing security solutions, such as Smartcard, TPM, and Authentication devices do not fit all above factors as well as modern security threats for IoT systems. Main benefits of DICE are:
- Enabling hardware root of trust by measuring code integrity, and following a solid chain of trust throughout all software layers. Existing ROM based approaches do not allow resilient and recoverable designs.
- Enabling unique identity and attestation of the IoT system.
- A simple, yet robust security approach.
Standards are an excellent driving force for implementation and adoption of technologies. The TCG DICE team is driving the simplification of security implementations for IoT systems while meeting rigorous security requirements.
Ilia Stolov, General Manager, Winbond Israel
Wong: Why is security such a big focus now for embedded and IoT systems?
Swanson: As the IoT has gained momentum, connected devices are being deployed into almost every segment of industry. We have all seen many of the high-visibility security breaches that have made headlines in recent years. These security failures have damaged reputations of the device manufacturers. In many cases, they have also resulted in severe economic consequences to not only the device manufacturer, but to their customers as well.
No system designer wants to be “that guy” who is responsible for releasing a device that is compromised by a hacker. Every engineer now realizes that security must be a fundamental component in the design of their connected product. The difficulty often comes in the implementation.
Shiner: Security has been an area of focus for a long time. However, as attacks continue to evolve and pose more significant risks to everything from critical infrastructure to automobiles, companies are realizing that they can’t afford the brand liability associated with potential widespread attacks resulting from their own IoT deployments.
Mattoon: Growth in the IoT and embedded space has brought with it a corresponding increase in the number of available attack vectors and vulnerabilities. We hear about high-profile breaches with alarming regularity and attacks are only increasing in their sophistication and relentlessness. That, coupled with this new reality of constraint computing, means we need a renewed focus on security. Especially now as more market segments move to adopt this technology in critical infrastructure.
Stolov: Very soon, the deployment of IoT systems in consumer, smart-grid, and industrial markets will reach tens of billions of units. Such proliferation of IoT increases security challenges, limiting the growth of IoT deployments on the one hand, and increasing the danger to critical infrastructure on the other hand.
Already today, the lack of security in IoT platforms affects our privacy, our safety and critical national infrastructure. Recent DDOS attacks using IoT botnets is a good example of how hackers can leverage IoT devices to make a big impact on countries economy and infrastructure.
We need security on all levels of IoT infrastructure and this security must be incorporated at the design stages of all IoT components, starting from memories, MCUs, software, and up to cloud solutions.
Wong: How does your company incorporate DICE into your IoT solution?
Shiner: Leveraging DICE, Micron’s Authenta-based memory, demonstrates how only trusted IoT devices with healthy software can gain access to the Microsoft Azure IoT cloud platform. Notably, the health and identity of an IoT device is verified in memory where critical code and data are typically stored. Combined, these two elements become the fingerprint of the device.
Mattoon: Microsoft was the first to bring DICE to production systems with Azure IoT and the new Device Provisioning Service (DPS). The DPS works with Azure IoT Hub to enable zero-touch provisioning of IoT devices, without requiring human intervention. We are moving the ecosystem away from hard-coded passwords and manual provisioning steps. DICE-based architectures allow customers to provision millions of devices in a secure and scalable way.
Stolov: Winbond’s TrustME W75F Secure Flash is the industry's first Common Criteria EAL5+ certified Secure Flash fully supporting DICE. Winbond’s TrustME device provides designers with a secure memory solution for a hardware root of trust, privacy, authentication, and code and data confidentiality. Winbond also provides MCU and SoC vendors a complete IP block for DICE implementation.
Not every MCU vendor has the required security expertise, so Winbond’s approach enables developers to reduce the cost, time, and risk associated with design of proper IoT security. DICE implementation by Winbond’s TrustMETM helps our customers incorporate security at the early design phase.
Wong: How are your customers using DICE?*
(*or how do you think they will?)
Swanson: DICE is new. We see two usage models where we believe DICE will offer value to our customers.
The first use is in a lightweight connected node or sensor. An example would be simple sensor-actuator node devices at the edge of the cloud, which connects to a gateway. DICE will provide the device with a trusted identity and it will ensure that only authenticated code is running on the device.
The second use is in a more complex system, which will also have a higher-power Application Processor (AP). An example would be a gateway or a connected printer. Using the fundamentals of DICE, a chain of trust will be built that authenticates the first mutable code that runs on the application processor. This chain of trust will ensure that only authenticated code is running on the system
Shiner: The unique DNA of each IoT device generated by using the DICE standard can offer customers a new level of end-to-end device integrity. Starting with the boot process from code in flash memory, a cryptographic measurement is securely monitored by services like Microsoft’s Azure DPS (Device Provisioning Service) that can then attest to the health of the firmware on IoT devices. This solution can also enable additional functionality such as administrative provisioning, remediation, and secure updates directly to the flash memory—simplifying device-management deployments at the lowest cost to customers.
Mattoon: DICE is a relatively new technology and is growing rapidly. The first wave of DICE enablement is happening in smaller devices, microcontrollers (MCUs), and flash memory controllers. Several partners have DICE hardware available already or have announced support in upcoming devices, like Microchip (in MCUs like the CEC1702) and Micron (Authenta-based flash memory). Azure customers with access to the public preview of the DPS (and general availability will be announced soon) are already benefitting from DICE-based hardware identities for automated device provisioning in Azure IoT Hub.
Longer-term, we intend to use this technology as the basis for other high-value security scenarios and hardware components. I mentioned a few of them earlier; this represents the next phase for DICE.
Microsoft Research continues to work on other aspects of the IoT security space as well, and DICE plays an important role. Our Cyber Resilient Platform Initiative (Cyrep) is a great example. Cyrep is a Microsoft-led industry initiative to improve the security and resiliency of computers (with an emphasis on the cloud-managed IoT segment). This is interesting because it goes beyond protection from potential threats. Its goal is to enable a rich ecosystem of hardware and software components that can also detect compromise, and reliably and securely recover from attack. More info here is available at https://aka.ms/CyReP.
Stolov: Due to its simplicity and robustness, we expect many of our customers to adopt the DICE mechanism to reduce their time to market while still providing a trusted IoT solution.
Wong: What type of microcontrollers are you supporting (or something along these lines)?
Shiner: For DICE, Micron is unique in that we were the first company to leverage this standard in flash memory and not in a more traditional microcontroller. We leverage the logic that’s available in the flash memory along with the measurement accelerator to act as a new resource for both system-level security and device identity. Since this is built in a standards-compatible flash memory, this approach allows our customers to use DICE in very wide range of applications that leverage flash memory for storing system code.
Mattoon: We've had lots of product announcements supporting DICE over the past year and, even though each DICE implementation has been unique, the majority has been in traditional MCUs. We have partners (Micron being the first) who have taken a different approach, implementing DICE inside the flash-memory controller itself. This variety in underlying DICE implementations has interesting implications for DICE support in devices and we're excited for what's next in this space.
Stolov: Winbond’s approach supports any type of MCU and SoC. As an example, Winbond recently introduced the support of (the) Arm Platform Secure Architecture (PSA) that complements DICE with a set of requirements, allowing security to be consistently designed in, at both hardware and firmware levels.
Wong: Have your customers been aware of DICE and how it is used?
Swanson: Our customers are clearly getting the message that they need to implement a secure boot in their products. They also understand that they need a method for their customers to attest the identity of the connected products as they are deployed in the field. DICE is a new specification and, at this time, there’s not a high level of customer awareness. However, the TCG is recognized as a developer of security specifications which are not only well conceived but which also take into consideration the practical realities faced by system developers. We believe that as DICE is promoted and the word is spread, customer awareness of the value of DICE will come soon.
Shiner: We do have some customers with familiarity of the DICE protocol, but given the fact that the draft standard was only recently published, we are working to help proliferate to additional OEM’s and solution providers.
Mattoon: It's varied. While we’ve had customers and partners that have heard about DICE already and want to get started right away, the specification is new, so most of our customers are still unaware of the benefits of a DICE-based architecture. We’re working diligently to change that. We hope our standards-based approach and eagerness to support partners in their adoption of this technology will keep this effort successful.
Stolov: Unfortunately, not every MCU and SoC vendor is aware of DICE architecture yet. Although most MCU vendors are aware of security concerns and importance of IoT security, especially root of trust and device identity.
Wong: Do you have any specific developer resources or guidance for DICE use?
Shiner: Contact Micron for more details or visit our webpage for Authenta Technology.
Mattoon: The best resource on DICE and its use today is the DICE Architectures Work Group in the Trusted Computing Group (TCG). We’re really pleased with the collaboration in the TCG and the variety of implementations and rapidly growing platforms and use cases for the technology.
Another great resource is the DICE Emulator. The DICE Emulator is a development tool (reference code, really) that allows developers to simulate the presence of DICE hardware. This allows developers to design and implement DICE-enabled solutions in a more debug-friendly environment before adapting their solutions to run on real hardware. As for DICE-enabled hardware, developers should take advantage of the resources provided by their particular hardware vendor for implementation-specific information.
Stolov: Winbond provides documentation, hardware IP block, software, and TrustME W75F Secure Flash to enable MCU/SoC vendors to incorporate DICE into their products.
Bill Swanson is a Sr. Marketing Manager with Microchip’s CPG (Computing Products) Business Unit. In this role, he is responsible for defining, managing and promoting Microchip’s embedded controllers, I/O peripheral devices, and related development tools. Swanson has held various product management and marketing positions in the semiconductor and aerospace industries, including positions with Standard Microsystems and Hexcel. He earned his Bachelor of Science in Engineering from the University of Idaho.
Jeff Shiner is the segment marketing director for the Embedded Business Unit at Micron Technology. He joined Micron in 2015 focused on the Internet of Things (IoT). In this role, he is actively involved in driving Micron’s strategy and market development initiatives targeted at emerging and existing markets that will benefit from the explosion in growth from the IoT. Shiner has 19 years’ experience in the semiconductor industry. Before joining Micron, he held various sales, marketing, and business development positions at AMD, Spansion, and Cypress Semiconductor. He holds a Bachelor’s in industrial engineering from Texas A&M University.
Dennis Mattoon is a Senior Software Development Engineer for Microsoft Research. As one of the founding members of the Security and Privacy Research and Engineering team in MSR, he and his team have spent the last 10 years focused on advances in trusted computing and system security. His most recent work has been on the creation of the Device Identifier Composition Engine Specification and Architectures (TCG DiceArch), Robust and Resilient IoT (RIoT), and the Cyber-Resilient Platform Initiative. (https://aka.ms/Cyrep).
Ilia Stolov is the General manager of Winbond Israel, leading the development of Secure Memory Solutions. Stolov has more than 25 years of experience in the semiconductor industry, with a wide knowledge of security technologies. Before joining Winbond, he led the New Technologies team in Nuvoton, and held various engineering and management positions at National Semiconductor and Nuvoton. Stolov holds a Master degree in Computer Science from Moscow Research University of Electronic Technology.