Témakör:
NXP IoT security IC A71CH for cloud connections
Megjelent: 2019. január 15.
Plug & Trust: The fast and easy way to deploy secure IoT connections
This ready-to-use solution provides a root of trust at the IC level and delivers proven, chip-to-cloud security right out of the box, so you can connect to IoT clouds and services, including AWS, IBM Watson IoT Platform and Google Cloud IoT Core, without writing security code or exposing keys.
KEY BENEFITS
-
Secure, zero-touch connectivity
-
End-to-end security, from chip to edge to cloud
-
Secure credential injection for root of trust at IC level
-
Fast design-in with complete product support package
-
Easy to integrate with different MCU and MPU platforms
KEY SECURITY FEATURES
-
Protected access to credentials
-
Encrypted/authenticated interface to host processor
-
Certificate-based TLS set-up (ECC NIST P-256)
-
TLS set-up using pre-shared secret (TLS-PSK)
-
Connectionless message authentication (HMAC)
-
ECC key generation & signature verification
-
Symmetric key derivation
-
Secure vault for product master secrets (key wrapping, derivation, locking)
-
Encrypted key injection
-
Optional trust provisioning by NXP and qualified partners
KEY HARDWARE FEATURES
-
Easy access to any MCU/MPU with I2C 400 kbps slave interface
-
Standard (-25 to +85 °C, A7101CH) and extended (-40 to +90 °C, A7102CH) temperature ranges
-
HVSON8 (4x4 mm) and WLCSP (2x2 mm) package
The arrival of subscription-based cloud connectivity using clouds, such as Amazon Web Services (AWS), IBM Watson IoT Platform and Google Cloud IoT Core, makes the Internet of Things (IoT) more accessible to everyday products, and is expanding the range of IoT-driven services. When deploying cloud services, security is always a concern, since every device needs to be protected from hacking, data breaches, botnet attacks, and other dangers lurking in the IoT. The keys and certificates used to authenticate the cloud connection need to remain securely hidden, and any data transmitted by the IoT device needs to remain safe and secure while in transit. What’s more, the security mechanisms need to be scalable, so they can be deployed efficiently on a large scale, even when manufactured by different OEMs. To meet this need, NXP now offers the A71CH, a security IC that delivers high-end security to IoT deployments of any size. As a ready-to-use, plug & trust solution that works with public and private clouds, the A71CH offers zero-touch secure connectivity with proven, hardware-based security algorithms. The pre-integrated connectivity applet means there’s no need to write security code, and the ready-to-deploy host software is easy to integrate with different MCU and MPU platforms.
Designed with built-in security measures and optimized for secure connectivity, the A71CH supports key insertion at the IC level and delivers trusted security right out of the box.
PROVEN PERFORMANCE
The A71CH builds on NXP’s leadership in some of the world’s most demanding security applications, such as payment and logical and physical access, as well as identification, including electronic passports.
Purpose-built to bring security to the IoT, the A71CH protects essential device functions, including object authentication, data protection, and cloud access, supports software integrity and roll-back protection, and safeguards service integrity and ecosystems. It also provides a platform for new business models.
The A71CH supports industrial applications with an optional extended temperature range (-40 to +90 °C), and is designed for longevity, with up to 25 years minimum data retention in general-purpose storage and 500.000 cycles minimum endurance.
COMPLETE PRODUCT SUPPORT PACKAGE
Delivered as a ready-to-use solution, the A71CH includes a complete product support package that simplifies design- in and reduces time-to-market. NXP eases the overall design process in several ways. For example, the use of an OpenSSL engine and integration into mbedTLS, both part of the host software package, makes it easier to work with connectivity stacks. NXP also offers time-saving design tools like sample code for major use cases, extensive application notes, and compatible development kits for i.MX and Kinetis microcontrollers, which accelerate the final system integration.
A71CH USE CASES
-
Secure connection to cloud services, edge computing platforms, infrastructure
-
Device-to-device authentication
-
Proof of origin / anti-counterfeiting
-
Secure key storage
-
Secure management of credentials
-
Secure data protection
-
Secure commissioning support
-
Ecosystem protection