philip lelyveld The world of entertainment technology

A TINY NEW CHIP COULD SECURE THE NEXT GENERATION OF IOT

The Project Sopris microcontroller prototype is designed to incorporate what Microsoft terms the "Seven Properties of Highly Secure Devices," a common-sense melange of best practices. It includes the usual suspects, like enabling regular software updates, and requiring devices to store cryptographic keys in a secure part of the hardware. Hunt says they built the chip with “recognition that you build in security and then you also have to have mechanisms so that if in the future hackers get more clever, you are able to—without the consumer doing anything—be able to update and improve the security on the device.”

Stuffing so many elements onto a microcontroller asks a lot of such a tiny processor, so the Sopris chip includes a secondary security processor that handles much of the cryptographic overhead. That specialized processor also does periodic software audits to check for deviations or any misbehavior. If it finds something, it can reset individual processes—or the whole device—as needed.

This type of mechanism matters, because many IoT devices—think routers, connected printers—are essentially on all the time.

See the full story here: https://www.wired.com/story/project-sopris-iot-security/?utm_source=MIT+Technology+Review&utm_campaign=f59d1673a0-The_Download&utm_medium=email&utm_term=0_997ed6f472-f59d1673a0-153894145

The Microsoft paper (pdf) is here: https://www.microsoft.com/en-us/research/wp-content/uploads/2017/03/SevenPropertiesofHighlySecureDevices.pdf