BT, Intercede and Imagination collaborate on IoT security
June 15, 2017
British Telecom is collaborating with fellow UK companies Intercede and Imagination Technologies on IoT security with a disruptive home gateway architecture that was shown at this week’s Innovation 2017 event in Ipswich.
Based on a collaborative initiative between technology company Imagination, digital identity and credentials expert Intercede, BT, and other companies, the demonstration of the Trust Continuum shows how systems-on-chips (SoCs) for home gateway routers can be architected to address the security and management problems presented by the proliferation of IoT devices, services and technologies entering the home.
The Trust Continuum focuses on architectural innovation in gateway router design. Routers, which traditionally manage network traffic between the home network and the internet, can now become secure, intelligent hubs for all IoT devices and services within the home.
Consumers will benefit from added security, privacy and an intuitive user experience. Operators will benefit from implementing compelling and lucrative business models with the flexibility to add and manage new trusted services.
The Innovation event brought together technology experts to showcase and discuss the best research and innovation in the telecommunications industry. The Trust Continuum, demonstration, as part of the event’s cyber security track, defined a way for home gateway manufacturers, operators and service providers to guarantee establishment of trust from silicon through to service provisioning.
They can ensure a connected device is on a trusted path, running authentic manufacturer-installed software, and operating in its intended state. With this foundation, a server can trust the device that is attempting to access its services, and the device can trust that it is accessing the appropriate services.
The demonstration harnessed Imagination’s OmniShield enabled Mips CPUs and Intercede’s MyTam client and mobile app, plus other partner technologies to showcase a gateway architecture that places the operator firmly in control and at the centre of the IoT ecosystem.
BT’s chief security researcher Paul Kearney has played a key role in defining the Trust Continuum through the Prpl Foundation’s Trust Continuum Working Group, alongside representatives from Imagination, Intercede, Intrinsic-ID, Kernkonzept, Synopsys and others.
“Securing the internet of things is a particular challenge due to the large numbers and huge variety of devices involved, owned and/or operated by different stakeholders,” said Kearney. “The solution has to involve co-operation and open standards, which is what the Prpl Foundation is all about. The Trust Continuum approach promises to provide a basis for security while also providing operators with the flexibility to innovate and experiment with new business models and services, as effectively illustrated by the demonstration.”
The group is defining the APIs necessary to ensure hardware-enforced, end-to-end security in the evolving service-based economy, and is rolling out the first of those APIs imminently for peer review.
“Solutions architected around Trust Continuum APIs will enable companies to deliver trusted services from gateway to cloud,” said Nick Cook, CIO of Intercede and chair of the Prpl Foundation’s Trust Continuum Working Group.
At Innovation 2017, Intercede and Imagination demonstrated how an end-to-end chain of trust is established via the home gateway, enabling operators and their IoT providers to deploy, provision and manage trusted services dynamically while simultaneously reducing the hardware burden and simplifying the end-user experience.
The demo was centred around a Mips-based platform supporting multiple isolated trusted runtime environments (TREs) where services, including the network communications standards they rely upon, can be provisioned and managed by the operator. This was enabled by the hardware virtualisation capabilities of the Mips CPU and the security-focused evolution of Intercede’s MyTam app, which lets service providers create TREs dynamically and deploy trusted applications directly into them. The demonstration leveraged the L4Re hypervisor from Kernkonzept and a Mips-based SoC from Baikal Electronics.
“The pervasiveness of IoT enables manufacturers and service providers to deliver a wide array of new services,” said Jim Nicholas, executive vice president at Imagination. “We are helping companies to ensure reliable and secure provisioning, management and monitoring of those services through a unique approach to gateway SoC design. This disruptive architecture puts the operator in control of managing and monetising those services – an exciting value proposition for industry leaders like BT.”
Intercede is a cyber-security company specialising in identity, credential management and secure mobility to enable digital trust. It provides software and services that help organisations ensure the safety and security of their people, facilities, networks and information in an increasingly mobile, digital world.
Imagination’s silicon IP includes the key processing blocks needed to create the SoCs that power mobile, consumer and embedded electronics.