itb-nz logo
Story image

Four IoT giants team up for security solution

17 Mar 2020

Thales and Telstra are working with Microsoft and Arduino on a solution for trusted and secure end-to-end communication between device and cloud.

It will enable instant and standardised mutual authentication between a device and a cloud platform via cellular networks, while complying with GSMA IoT SAFE security specifications.

The massive growth of the IoT devices market in the last years has also left it fragmented with a patchwork of different operating systems and chips being utilised. This has left options for security services scalability and duplication very limited.

Within the IoT ecosystem, billions of devices collect, process and send data to the cloud, where a range of different IoT services are executed.

To enable security, there must be absolute trust between the IoT cloud service and the connected devices, which is possible if the device and server are mutually authenticated. 

The Thales, Telstra, Microsoft and Arduino partnership aims to create a sophisticated ‘security-by-design’ approach for any IoT devices based on field-proven and standardised SIM or eSIM technology.

As a result, as soon as an IoT device is switched on, any SIM or eSIM featuring Thales’s IoT SAFE application is automatically and securely provisioned. 

Once the IoT device gets a proper Digital Certificate created and stored in the SIM/eSIM, then a trusted communication between the device and the server is permitted, in full respect of data integrity and confidentiality.

 “The key role of GSMA IoT Safe specifications is to deliver scalable and future-proof IoT security for cellular networks,” says Telstra global IoT solutions executive Gerhard Loots.

“Being able to in future offer standardised easy to implement IoT security to our customers as part of our existing IoT connectivity service, is a huge leap forward in terms of IoT security for all use cases, including smart energy, automotive, health, and home solutions. We look forward to trialling this reference design with our IoT solutions.”

Microsoft integrated the IoT SAFE solution with their Azure IoT Hub and provided Azure Stream Analytics, Cosmos DB and Power BI services to quickly enable the development of an example end-to-end IoT application.

“The collaborative effort between these international organisations demonstrates the importance of simplifying IoT security without compromise,” says Microsoft Azure IoT business acceleration general manager Tony Shakib.

“By bringing together each IoT technology layer; device, software, network and cloud, we can deliver a more streamlined approach to IoT security. This allows customers and partners to focus on creating business value from their solutions while ensuring their IoT deployments remain secure.”

Arduino developed a library (under an open-source licence) which implements the security mechanism of the GSMA IoT Safe standard on their MKR NB 1500 boards and provides a valid alternative to the usage of the CryptoChip already present on the Arduino board.