Encryption-enabled devices guard data, performance
50 million devices will be Internet-connected in 2020, and in the light of this prediction, the question about data security becomes all the more urgent. Self-encrypted SSDs have contributed in securing data regardless of OS in the enterprise with the introduction of BYOD (bring your own device). But now that the IoT wave is bringing a flood of connected devices, encryption is no longer an option—and in some ways it makes sense to do this at the MCU level.
Adib Ghubril, research director at Gartner, said there are a number of benefits to encrypting data at the MCU level, including performance, power efficiency, and improved data protection. Since security is implemented at the hardware level it's more difficult to hack, he said.
Of course, any application running a wireless interface benefits from encryption, Ghubril noted, including networked appliances such as smart meters or any intelligent IoT devices, and many of these devices are best enabled by MCUs, including encryption for their wireless payloads.
Microchip Technology recently expanded its line of eXtreme Low Power (XLP) PIC MCUs with the PIC24F GB2 family that includes an integrated hardware crypto engine, a random number generator and one-time-programmable key storage for protecting data in embedded applications.
Alexis Alcott, product marketing manager for Microchip's MCU16 division, said the GB2 devices include up to 128KB Flash and 8KB RAM in small 28-pin or 44-pin packages, and are targeted at battery-operated or portable applications such as IoT sensor nodes, access control systems, and door locks. She said one of the chief concerns of customers is securing devices and data without hurting battery life, and many IoT devices are part of larger systems sharing data through Bluetooth or Wi-Fi connectivity, which must be secure.
Wearables, including medical devices, are one of the fastest growing IoT segments for Microchip, said Alcott, and securing sensitive medical information, particularly from patients, is a chief concern. Another scenario she described was use of sensors to monitor humidity levels in a museum, which would turn on periodically to gather data and send it to central location. The device itself would not process the information, but it would have to be encrypted both at rest and while being transmitted, said Alcott. The recipient of the data must decrypt the data to read it.
Given the number of small devices that might be distributed, performing maintenance on the devices, including battery replacement, is costly and time consuming, and Alcott said providing encryption at the MCU level allows for more efficient power consumption, since less software overhead frees up CPU bandwidth and memory, and Microchip's GB2 devices operate at a lower CPU frequency to save power.
Ghubril said Microchip's offering is not particularly unique from an encryption perspective, but one of the most power conscious. Many vendors are offering MCUs with encryption features, he said, including Spansion, STMicro, NXP, Infineon, and Toshiba.
One of the chief concerns of users when adding features such as encryption to MCUs and SSDs is their effect on performance. A survey released by the Storage Networking Industry Association earlier this year found respondents had little interest in using built-in encryption features (see Survey sheds light on users' perception of SSD performance). Even though many SSDs being shipped today have data protection and encryption features built in, often those capabilities are not being switched on by OEMs, due to the misconception that encryption can reduce performance.
Meanwhile, the major SSD makers have been releasing updated self-encryption devices (SEDs). At the beginning of year, Samsung added new features to its 840 EVO SSD that work with third-party security software, while SanDisk announced in May early members of its ecosystem of ISVs for security management to support its recently announced X300 SSD, the company's first self-encrypting SSD based on TCG Opal 2.0 specifications.
- R. Colin Johnson
|Related Articles||Editor's Choice|