As tens of billions of smart, connected things proliferate into our environment—with over 1 trillion devices1 expected to be deployed by 2035—we stand to benefit from exciting new possibilities and greater convenience, but our assets, safety, and privacy will need more protection than ever. So, developers innovating solutions for smart retail, smart manufacturing, smart cities, and autonomous driving will be glad to know that the FIDO Alliance, known for its authentication standards leadership, has stepped up to address these challenges. Its dedicated IoT Technical Working Group includes Intel, Arm, and other industry leaders—we invite more IoT solution developers to get involved.
Challenges & Opportunities with IoT Onboarding at Scale
Large-scale IoT solutions raise the question: “How do you deploy substantial numbers of IoT devices more securely, economically, and reliably—especially as technology rapidly changes?” The answer requires automation and hardware-based security capabilities that can apply across industry segments and use cases.
Incredible business benefits will be achieved with data-driven IoT initiatives such as edge AI-based autonomous systems: the more data that is collected, the more valuable the data becomes. But there is no data until a device is connected. Realizing the value of data requires enabling the flow of data in the first place. So, this model requires the industry to collaborate on more open and scalable methods for more securely provisioning devices and their data to the cloud.
Manual provisioning and deployment typically takes more than 20 minutes per device and involves coordination among multiple teams. Oftentimes, devices are configured by hand in the field from a standard image, and the proliferation of cloud-specific provisioning methods compounds complexity and security issues. For IoT solutions to scale more effectively and efficiently, this process must be faster, more flexible, and more secure.
Accomplishing that through market-driven standards can “...create value and aggregate markets through technology diffusion, increased productivity, and interoperability,” according to the Information Technology Industry Council (ITI), “...enabling innovators and product developers to choose the best solution to meet their needs and to freely revise that choice in response to inevitable changes in technology and market conditions.”
Working toward an Industry Standard
In October 2018, I wrote about a collaborative effort between Intel and Arm* using Intel® Secure Device Onboard (Intel® SDO). The collaboration extends a “late binding” approach to provisioning—IoT devices dynamically discover their target cloud platform for provisioning seconds after the device is powered on in the field. Late binding works with Intel and Arm microcomputers and microcontrollers.
Industry analysts lauded the joint effort: “Intel and Arm are simplifying one of IoT’s most complex and challenging barriers with regard to streamlining the manufacturing and security deployment workflows for IoT. This is an ROI win for the customer, who will be able to deploy both Intel- and Arm-based devices at a lower cost and with less friction between IT and OT, while at the same time retaining flexibility over their data and cloud partner choice until the deployment phase,” said Michela Menting, director, ABI Research.
The collaboration of two major ecosystems makes possible a more flexible provisioning method that can be natively enabled in devices, industry-wide. Intel and Arm devices can be credentialed and provisioned in seconds to join any cloud application framework. As a result, customers choose their onboarding systems of record without being locked into a single cloud provider’s provisioning method or a single device architecture.
Building on these efforts, an IoT onboarding industry-standard, based on strong authentication, will enable manufacturers and developers to build-in even greater device flexibility to automatically onboard into any cloud ecosystem. At the same time, an industry-standard will help customers identify innovative devices and IoT solutions for large-scale deployments.
Recognizing the changing ways digital systems and data are used, the industry’s pre-eminent authentication standards body, the FIDO Alliance, announced its dedicated IoT Technical Working Group, including experts from Intel, Arm, Microsoft*, Google*, Amazon*, and other industry leaders, will work to deliver a standard specification for large-scale IoT onboarding.
According to Charlene Marini, VP strategy, IoT Services Group, Arm, “The IoT market has the potential to expand even faster if the industry works together to eliminate siloed IoT supply chains by standardizing secure onboarding and binding to cloud applications. By working together with ecosystem partners such as Intel, the Arm Pelion IoT platform can securely onboard and manage any device, including those based on the Intel architecture. As a natural next step, Arm and Intel are extending their ongoing collaboration to the FIDO Alliance’s IoT technical working group to ensure industry standard authentications are one less concern for decision-makers preparing for large-scale IoT deployments.”
Marc Canel from the Arm IoT Security strategy team and who is the FIDO IoT Co-Chair adds, “The FIDO Alliance has a successful track record of driving the industry in the area of password replacement. Moving into the IoT arena allows us to leverage the deep expertise of our membership, which includes many of the world leaders in cloud, to address critical IoT issues such as onboarding and provisioning.”
The FIDO Alliance was founded by PayPal*, Lenovo*, and other industry leaders in 2012 to work on passwordless authentication. The Alliance partnered with the W3C on its latest FIDO2 standards, which are now supported by Android, Windows 10 and leading browsers Microsoft Edge*, Google Chrome*, Mozilla Firefox* and Apple Safari*. The FIDO IoT Technical Working Group’s work stands to benefit customers and the industry ecosystem with increased device variety, lower cost, and faster deployment.
Engage with the FIDO IoT Working Group
The working group is in the recruitment phase now, with specification development planned through calendar 2019. If you are developing industrial or consumer IoT solutions, learn how your organization can join the FIDO Alliance and participate in the IoT Technical Working Group.
FIDO Alliance: An open industry association with a focused mission: authentication standards to help reduce the world’s over-reliance on passwords.
Intel and Arm Share IoT Vision: As we enter this accelerated growth phase for IoT, we will continue to collaborate with technology vendors to provide customers more protections that they need.
Intel® Secure Device Onboard (Intel® SDO) Scales Devices to IoT Platforms: Intel and Arm are collaborating on a shared vision to connect any device to any cloud.
Intel® Security Essentials: Implementing hardware-based security is a widely recognized best practice compared to software-only based approaches.
Lorie Wigle is vice president of Intel Architecture, Graphics and Software, and general manager of Platform Security Product Management. Follow @LWigle on Twitter and keep up with her team’s developments at @IntelSecurity.
1. A trillion devices by 2035- source ARM white paper.
Intel provides these materials as-is, with no express or implied warranties. All products, dates, and figures specified are preliminary, based on current expectations, and are subject to change without notice. Intel, processors, chipsets, and desktop boards may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request. Intel technologies' features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No product or component can be absolutely secure. Check with your system manufacturer or retailer or learn more at http://intel.com.
Some results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance. Intel, the Intel logo, and Intel® Secure Device Onboard are trademarks of Intel Corporation in the U.S. and other countries.
*Other names and brands may be claimed as the property of others.
© Intel Corporation