Presto Engineering addresses IoT chip security

Feb. 12, 2018

Caen, France. The recent Meltdown and Spectre problems have highlighted the vulnerability of computer chips to hacking that can, at least, be addressed through software patches. However, another area that is increasingly a target for hackers is the IoT, where each node in an IoT network can provide an entry point to a company’s corporate systems, in a similar manner to the way that home security cameras, robot vacuum cleaners, etc. have been hacked. Presto Engineering said is offering a comprehensive manufacturing and test service that is tailored to ensure IoT chips are made to high standards of security.

“According to analysts, there are already billions of IoT chips in use,” said Martin Kingdon, Presto’s vice president of sales. “This figure is predicted to grow exponentially, driven by the ability of IoT to monitor and provide hard data on which actions can be taken, such as scheduling pre-emptive maintenance before a failure can happen. But the rush to design and make IoT chips has often meant that security has been overlooked, or not included, in the drive to a lower price. This is false economy as these chips can be vulnerable to hacking giving access to confidential data streams.”

IoT devices’ connection to the Internet provides a potentially vulnerable route for hackers. The chip should have two levels of security built into the design of the ASIC itself to stop unauthorized access, Presto said. The first is cryptography to protect communication and maintain the confidentiality and integrity of data as it moves across the network. The second is authentication to verify that only authorized computers or people have access.

Turning the design into a chip requires a highly secure manufacturing supply chain. Presto said it can manage the entire chip manufacturing and testing process to make chips with levels of security right up to that needed for banking standards, including the secure provisioning of the cryptographic keys. The latter ensures that processors will only execute code and updates identified with the correct secret keys. Handling these securely in the manufacturing supply chain is vital to an effective security strategy and is covered by the Common Criteria for Information Technology Security Evaluation standards. These range from the basic Evaluation Assurance Level 1 to Level 7 for government and military, with Level 5 being typical for banks, payment systems, and other highly demanding commercial application.

One of Presto Engineering’s test and
qualification facilities

Presto said it already has experience in mass-producing highly secure chips that are used in chip-and-pin banking cards. Its facility at Meyreuil, France, near Aix-en-Provence, and its facilities in Asia produce over 70 million chips a year. As an experienced, certified provider of secure chips, Presto is able to provide cost-effective solutions from small volumes in Europe to very large production runs in its own secure facilities in Taiwan and Thailand. This combines with Presto’s IoT device expertise in mixed signal, package design, low-power techniques, test, and qualification to ensure right-first-time chips that reduce time to market, costs, and risks.

Presto Engineering will be discussing this and its other manufacturing and testing services at the embedded world show in Nuremberg, Germany, from February 27 to March 1, 2018.

Sponsored Recommendations


To join the conversation, and become an exclusive member of Electronic Design, create an account today!