The trend of edge intelligence is obvious, and system security must be paid more attention to
“At present, edge intelligence is very similar to the Internet of Things in the early stage of development, and the industry standard is not clear. As edge intelligence and specific applications become more and more closely integrated, various industries will form their own edge intelligence specifications and standards in the future, which will further promote the implementation of the “device-pipe-cloud” intelligent solution in various industries. At the same time, end-to-end security solutions have gradually become a rigid requirement, and cloud-to-end transmission security will also be significantly strengthened as the data dimension becomes clearer.
With the continuous breakthrough of core technologies and the continuous improvement of the standard system, the global Internet of Things industry has entered a stage of rapid development. According to the forecast data of the Global System for Mobile Communications (GSMA), the number of IoT devices in the world is expected to reach 24.6 billion in 2025, putting enormous pressure on network transmission resources.
Figure 1: Forecast of the number of IoT devices worldwide (Data source: GSMA)
Therefore, it is an irresistible trend to improve the processing capabilities of edge devices, thereby helping the industry to tap the value of data more deeply. Challenges also arise. In the past scenarios of cloud integration, more data was stored in the cloud. In order to ensure the security of user data, cloud service providers would spend a lot of manpower and material resources to build a security defense system. After the edge has intelligent capabilities, the data security protection system needs to be rebuilt.
Next, let’s take a detailed look at what data security protection is required for edge intelligence, and how it can be easily implemented with the security/authentication development tools sold by Mouser Electronics.
Data Security Around Edge Intelligence
First of all, it needs to be clear that the concept of edge intelligence is not proposed to ban cloud services. In fact, edge computing is an extension and supplement of cloud computing. By definition, edge intelligence refers to the advanced data analysis, scene perception, real-time decision-making, self-organization and collaboration services provided by edge nodes on the edge side. From the perspective of the system, edge intelligence is to sink the capabilities of the cloud to the device terminal, and create a micro-platform covering network, computing, storage, and application in the terminal to process the data generated by the edge device more efficiently.
Driven by the Internet of Things and intelligent connected vehicles, the global edge smart devices have entered the fast lane of development. According to a statistical report from MarketsandMarkets, the global market size of edge smart hardware is expected to grow from 920 million units in 2021 to 2.08 billion units in 2026, with a compound annual growth rate of 17.7%. Of course, applications and technology are mutually reinforcing, and the introduction of edge intelligence also helps to enhance the advantages of the Internet of Things, with many benefits.
first, the traditional Internet of Things simply adopts the mode of data transfer to the cloud. With the exponential increase in the amount of data, the bottleneck of this method is obvious. By introducing edge intelligence, the scalability of the system is enhanced, and the system bandwidth is significantly reduced.
Secondedge intelligence makes the system have multi-point intelligence, which means that many functions in the system can be delegated to the terminal device, and the device finally returns to the cloud system is the result after processing, the aggregation of data is further strengthened, and then improve the system’s performance. Response speed and real-time.
third, the emergence of edge intelligence has undoubtedly enhanced the scope of application of the Internet of Things. The traditional IoT model is limited by the cost of cloud deployment or the lack of intelligence at the edge, and many scenarios cannot be implemented. The intelligent terminal makes many data and tasks do not have to be returned to the cloud system, and the deployment depth is greatly improved.
fourth, edge intelligence improves the reliability and security of the system. In the past, the entire system will be completely paralyzed after cloud data is damaged. However, after the emergence of edge intelligence, the data transmitted to the cloud is more the result and the data used for training, and the reliability and security of the system are significantly enhanced.
fifth, operation and maintenance costs are also a major advantage of edge intelligence. The operation and maintenance of the traditional Internet of Things system is responsive, that is, it will only be dealt with when a fault occurs, and such accidents often bring huge losses. After the emergence of edge intelligence, system operation and maintenance has evolved into a preventive type. The self-perception and self-analysis capabilities of intelligent terminals reduce the probability of large-scale accidents and provide clear goals for maintenance.
Of course, opportunities always coexist with challenges. The challenges of edge intelligent solution design come from two aspects, one is the device itself, and the other is edge-cloud collaboration.
Edge intelligence requires data training and inference to be completed at the edge. The allocation of computing, storage and other resources is a challenge. At the same time, power consumption needs to be focused on. In terms of data security protection, users need to incorporate security protection from the very beginning of building edge smart devices, including device integrity protection and encrypted communication.
Edge-cloud collaboration has brought significant changes to the building of computing models, one of which is model segmentation, which is also the key to the sinking of cloud capabilities. In this process, with the development of edge intelligence, many new concepts will be extended, including multi-user management, private cloudification, isolation and sharing, etc. When users create solutions, edge-cloud collaboration requires multiple protection mechanisms such as secure cloud registration, device-to-device authentication, and device traceability to ensure the secure transmission of high-quality data processed by the edge in the system.
In general, the emergence of edge intelligence has improved the capabilities of previous cloud solutions in agile connection, real-time business, data optimization, and application intelligence, but security and privacy protection are the prerequisites for all of this.
Turnkey IoT Device Protection Solutions
As mentioned above, the origin of the term edge intelligence is precisely because the rapid development of the Internet of Things has created a big problem for traditional cloud services in terms of computing and storage. Therefore, the upgrade of traditional IoT devices will be a huge edge intelligence market. In the face of the fragmented demand scenario of the Internet of Things, if there is a “turnkey” security solution, it will undoubtedly shorten the time-to-market of edge smart devices. The OM-SE050ARD development kit from manufacturer NXP Semiconductors, which Mouser Electronics is selling, is a flexible, easy-to-use evaluation and prototyping platform for IoT security applications.
The OM-SE050ARD is built around NXP’s EdgeLock SE050 Plug & Trust product line. Based on this development kit, users can quickly evaluate the EdgeLock SE050, which greatly simplifies the development of user-defined programs, and can create product prototypes in a very short time.
As the core of the development kit, EdgeLock SE050 is built on the flagship 40nm NXP IntegralSecurity architecture, which can provide comprehensive protection for terminal solutions.
First of all, EdgeLock SE050 integrates various security mechanisms such as RSA and ECC functions, AES and 3DES encryption and decryption, HMAC and CMAC algorithms, and enhances the security based on the common standard EAL 6+ (up to the operating system level), which can be used at the IC level. Provides a root of trust for unprecedented protection against the latest attack scenarios and the most advanced edge-to-cloud security capabilities for IoT applications. And, this end-to-end security and end-to-cloud security does not require writing security code, and the EdgeLock SE050 provides it out of the box.
Second, the EdgeLock SE050 is part of the certified EdgeLock Assurance program, which complies with industry standards and follows NXP’s approach to security by design. As shown in Figure 2, EdgeLock Assurance is a holistic approach to security built from product, compliance, process and support aspects.
Figure 2: EdgeLock Assurance (Image credit: NXP)
Furthermore, NXP provides a complete Plug & Trust product support package for the EdgeLock SE050, in addition to libraries for different MCUs and MPUs, the support package can be integrated with many operating systems including Linux, Windows, RTOS and Android. These auxiliary measures can simplify product design and shorten product time-to-market.
In order to maximize the security performance of EdgeLock SE050, as shown in Figure 3, OM-SE050ARD provides a wealth of onboard resources to support user expansion of functions during solution development, bringing the comprehensive protection capabilities of EdgeLock SE050 into into broader IoT scenarios including edge intelligence.
Figure 3: OM-SE050ARD on-board layout (Image source: NXP)
The OM-SE050ARD offers separate 10-pin headers with male connectors, and DB15 headers with contacts and connector mounting holes. Through these headers, the user can access the SE050’s pins on the board, including ISO/IEC 14443 and I2C main interface to connect sensors or peripherals to the board. At the same time, the OM-SE050ARD also provides a separate jumper configuration, which can set the SE050 interface, power and power mode.
As a flexible evaluation and prototyping platform, users can easily connect to any development board, including i.MX, LPC, and Kinetis boards, through the Arduino R3 header on the OM-SE050ARD, or with the help of an external I2C connector for connecting to non-Arduino compatible MCU boards.
In summary, the EdgeLock SE050 is a turnkey secure element solution that provides a root of trust at the IC level. Through the OM-SE050ARD, users can not only quickly understand the EdgeLock SE050, but also cooperate with other motherboards for prototype development, which can significantly shorten the product launch cycle.
Ensuring the safety and reliability of automotive systems
As mentioned above, for the development of automobiles, it is necessary to analyze various information of road conditions and pedestrians transmitted by vehicle sensors and cameras in real time. The solution that relies entirely on cloud interaction is very limited and requires a real-time uninterrupted high-speed network, which is difficult to achieve in practical scenarios. Therefore, smart cars will be a very representative high-speed mobile smart terminal in the future.
Vehicle safety is a topic that never goes out of style. For intelligent networked vehicles, safety issues mainly include two aspects, functional safety and information security. The former mainly emphasizes the protection of the car against the external environment; the latter focuses on the information security of the car itself.
The next development kit we’re going to introduce, the core chip that certifies automotive components to ensure vehicle safety and reliability, is the DS28E40EVKIT evaluation kit from manufacturer Maxim Integrated on the Mouser Electronics website.
Figure 4: DS28E40EVKIT evaluation kit (Image source: Maxim Integrated)
With the DS28E40EVKIT, users can quickly learn about the DS28E40 DeepCover Automotive 1-Wire Authenticator. This authenticator provides a core set of cryptographic tools evolved by integrating asymmetric (ECC-P256) and symmetric (SHA-256) security features and is AEC-Q100 Automotive Class 1 qualified. Among them, the ECC-P256 calculation engine can be used for FIPS 186 ECDSA P256 signature and authentication; ECDH key exchange for establishing session keys and ECDSA authentication read and write to configurable memory; SHA-256 calculation engine supports FIPS 198 HMAC for bidirectional verify.
Figure 5: Internal block diagram of the DS28E40 (Image source: Maxim Integrated)
In addition to the two core security engines, DS28E40 also integrates a FIPS/NIST true random number generator (TRNG), 6Kb one-time programmable (OTP) memory (for user data, keys and certificates), a configurable general-purpose input/output (GPIO) and a unique 64-bit ROM identification number (ROM ID).
In terms of information security protection, the DeepCover embedded security solution adopted by DS28E40 is actually an integrated solution including security microcontroller, security authenticator and security manager. Multiple advanced security mechanisms are used to protect sensitive data to provide the highest Level of key storage security protection.
In terms of attack defense, DeepCover embedded security solutions implement intrusion and non-intrusion countermeasures to prevent device-level security attacks, including active chip shielding, key memory encryption, and algorithm-based approaches.
The above-mentioned excellent security performance can be intuitively felt by users on the DS28E40EVKIT. The evaluation kit reflects its ease of use in both hardware and software.
In terms of hardware resources, DS28E40EVKIT provides a TDFN socket, I2Evaluation board with C header and test points, a USB to I2A C/1-Wire adapter board and five DS28E40 devices in a TDFN10 package are used to demonstrate the safety certification features of the DS28E40. User can achieve burn-in test of target device through TDFN socket; with 1-Wire/I2C USB adapter to create a virtual COM port on any PC.
As shown in the lower right corner of Figure 6, after the DS28E40EVKIT program is started, it can automatically connect to the COM port, and the configuration is very convenient.
Figure 6: DS28E40EVKIT program default interface (Image source: Maxim Integrated)
A salient advantage to be emphasized especially for firmware designers is that the DS28E40EVKIT can log 1-Wire communications, which is very helpful in understanding the DS28E40.
Ease of use of the software is also a major advantage of the DS28E40EVKIT, with a Windows-based graphical user interface (GUI) enabling the user to demonstrate and program the functionality of the target device. With the combination of software and hardware, through DS28E40EVKIT, users will be able to quickly understand the important work of “ensure vehicle safety and reliability by certifying automotive components”.
Edge intelligence, safe travel
At present, edge intelligence is very similar to the Internet of Things in the early stage of development, and the industry standard is not clear. As edge intelligence and specific applications become more and more closely integrated, various industries will form their own edge intelligence specifications and standards in the future, which will further promote the implementation of the “device-pipe-cloud” intelligent solution in various industries. At the same time, end-to-end security solutions have gradually become a rigid requirement, and cloud-to-end transmission security will also be significantly strengthened as the data dimension becomes clearer. In this process, by using the rich security/authentication development tools provided by Mouser Electronics, users can quickly create a security system suitable for their own solutions to protect data storage and transmission.
About Mouser Electronics
Mouser Electronics is an authorized global distributor of semiconductors and Electronic components serving the world’s largest electronic design community. Mouser Electronics is authorized to distribute nearly 1,200 well-known brands, and can order millions of online products, providing customers with a one-stop sourcing platform. Welcome to follow us and get first-hand design and industry information!
“At present, edge intelligence is very similar to the Internet of Things in the early stage of development, and the industry standard is not clear. As edge intelligence and specific applications become more and more closely integrated, various industries will form their own edge intelligence specifications and standards in the future, which will further promote…