Imagination and Intercede demonstrate the power of the Trust Continuum in securing the IoT
Joint initiative addresses consumer security risk driven by today’s on-demand economy
London, UK – 14th March, 2017 – Imagination Technologies (IMG.L) and Intercede (IGP.L) announce the creation of a joint proof of concept demonstration of the ‘Trust Continuum’ – an approach to security that is critical in ensuring consumer privacy and safety in an increasingly connected world.
Today companies across many sectors are looking to provide consumers with convenience through technological innovation, whether it’s through smart homes and cities, autonomous vehicles or industrial IoT. As people, places, systems and devices become increasingly connected, an end-to-end chain of trust must be established between businesses and consumers to mitigate risk. The Trust Continuum can address vulnerabilities exposed by today’s on-demand economy. Making it a reality is the focus of a number of companies across the embedded ecosystem, including those in the prpl Foundation’s Trust Continuum Working Group.
In the Trust Continuum, trust must be established from the silicon through to service provisioning to ensure a connected device is on a trusted path, running authentic manufacturer-installed software, and operating in its intended state. With this foundation, a server can trust the device that is attempting to access its services, and the device can trust that it is accessing the appropriate services. To achieve secure communication between an IoT node and the cloud, multiple cryptographic touch points must be traversed, while ensuring the integrity and authenticity between those touch points. This ultimately prevents malware and other subversive actors from compromising the digital exchange.
Nick Cook, CIO of Intercede and chair of the prpl Foundation’s Trust Continuum Working Group said: “The Trust Continuum is critical to securing IoT systems. We must build strong digital trust between entities and enable the management of trusted relationships securely throughout a device’s operational lifecycle. This is what Intercede’s solutions such as MyTAM® are designed to enable, and we’re working closely with Imagination and other leading companies to demonstrate how it can be implemented from node to cloud.”
Jim Nicholas, EVP MIPS Processor IP, Imagination said: “The IoT introduces great opportunities for manufacturers and service providers to devise and offer a wide array of new services to consumers and businesses. It also introduces numerous challenges for those organizations in ensuring reliable and secure provisioning, management, and monitoring of those services. The solution must start with the creation of separation and establishment of trust in the embedded platforms, and that’s where Imagination, with our OmniShield™ enabled IP, can provide real value to the Trust Continuum.”
The Trust Continuum proof of concept demonstration by Imagination and Intercede is an important milestone that shows how an end-to-end chain of trust can be established. It further highlights how manufacturers and service providers can dynamically deploy, provision, and manage trusted services, all the while simplifying the end-user experience.
The demo features a MIPS-based platform which can support multiple isolated Trusted Runtime Environments (TREs) – dynamically allocated Trusted Execution Environments (TEEs). This is enabled by the powerful hardware virtualization capabilities of the MIPS CPU and the IoT-focused evolution of Intercede’s MyTAM® client and mobile app, which enables Android app developers and service providers to deploy trusted applications to the TEE.
Lubna Dajani, Intercede CSO and secretary for the Open Trust Protocol Alliance (OTPA) said: “The ability to manage trust across different instruction set architectures in a consistent way is critical to the future adoption of IoT. By harnessing the Open Trust Protocol (OTrP) and applying this to Trusted Runtime Environments as well as the originally intended Trusted Execution Environment (TEE), the demo shows a significant step towards enabling mass adoption of secure connected services.”
Imagination and Intercede are also collaborating as part of the prpl Foundation’s Trust Continuum Working Group, which brings together numerous prpl member companies including Intercede, Intrinsic ID, Imagination, Kernkonzept, Synopsys and others. The group is focused on defining the APIs needed to ensure security in the evolving on-demand service-based economy. Once the APIs are agreed, the group will define the interface specification to enable interoperability between the different components of an embedded device and cloud services.
The Trust Continuum demonstration also leverages the L4Re hypervisor from Kernkonzept and a MIPS-based platform from Baikal Electronics.
Demonstration at Embedded World
Attendees can see the Trust Continuum demonstration at the Embedded World Conference and Exhibition in Nuremberg, Germany, March 14-16, 2017. Visit the Imagination booth #4-629. To arrange a personal demonstration, email firstname.lastname@example.org.