New Tech Europe | Jan 2017 | Digital Edition

IoT Special Edition

Security for IoT Is a Requirement, Not a Choice

Paul McLellan, Cadence

valuable, they usually get it. He had a little matrix showing why he is so worried about IoT security as seen in table 1. One thing that all the panelists agreed on was that software is "the problem." We haven't learned how to build good software and so it is buggy. Computer architecture has been constructed primarily for performance and to minimize cost, not for security. Things are evolving because security, or rather the lack of it, limits technology value and the market is evolving from both a regulatory and a liability point of view. One thing that remains to be seen is whether companies claiming good security (when they don't have it) will poison the well, or whether companies that do security well will be able to differentiate. Venky Anant, Nuri Dagdeviren, Paul Kocher, Sami Nassar, and Volker Politz One of the big challenges facing the industry overall is that there are not enough trained security experts, and

and different from other types of security is three fold: The devices, the "things" will be pervasive with 20-30B of them predicted by 2020 or so We are not used to doing security on devices like this with limited power, we are used to PCs and smartphones with a lot of compute resource The devices contain a lot of private information like medical or financial Paul Kocher, who was the founder of the legendary Cryptography Research prior to its acquisition by Rambus, was scathing about security in general. The three big trends he saw were a lot more devices, more valuable data and more complex systems. But that means more targets for attackers, more value for the attackers, and more vulnerabilities. We are already failing at computer security and IoT security is much harder. Computer security today is largely unsuccessful. If someone really wants something

It is hard to attend any sort of meeting to do with semiconductors without hearing about the Internet of Things (IoT), and probably the hottest subtopic is IoT security. Some devices will contain our health data, some are dangerous. Even the apocryphal internet-enabled toaster could potentially burn down your house. The second day of this year's EDPS in Monterey was completely dedicated to semiconductor security. A couple of weeks ago, the GSA held their Silicon Summit and one of the topics was securing the IoT. This took the form of a panel session moderated by Venky Anant of McKinsey. The panelists were Nuri Dagdeviren from Microchip (actually from Atmel that Microchip acquired), Paul Kocher from Rambus (the cryptography part, not the memory part), Sami Nassar from NXP, and Volker Politz from Imagination. The reason IoT security is important,

44 l New-Tech Magazine Europe